Overview

overview

8

Static

static

7

cryptoapp.apk

android_x86

8

cryptoapp.apk

android_x64

1

cryptoapp.apk

android_x64

8

Resubmissions

22-09-2022 05:59

220922-gpshqsdhcq 10

04-07-2022 03:32

220704-d3qdragdc8 8

30-06-2022 05:11

220630-fvqqnagaep 8

28-06-2022 09:39

220628-lmr7eaach9 7

21-06-2022 09:05

220621-k17nksegh6 8

Analysis

  • max time kernel
    2240065s
  • max time network
    169s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    21-06-2022 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cryptoapp.apk

  • Size

    3.7MB

  • MD5

    520855bdec84895dd57eb97e5f30b6e3

  • SHA1

    51428eaafc0d544da9a56ba00b8c9c774a01153f

  • SHA256

    b12dd66de4d180d4bbf4ae23f66bac875b3a9da455d9010720f0840541366490

  • SHA512

    b608aa376c1919cfad95d1ec31943b9350f8c25d30f60610dd1263e08b75fb5c400e635aee815fa29d186b9887e57b5cbb592e67d2e987a858e53e5f3d7c7e26

Score
8/10

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 1 IoCs
  • Acquires the wake lock. 1 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

Processes

  • werwerwee.qwetrydsf.yfdefes
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    PID:6927

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/app_icons.db
    Filesize

    1.2MB

    MD5

    b913c5077b4eb27051ff24af9a367bdc

    SHA1

    f7e1ede0f8686b05ac865f6deac3fe68829bd5e7

    SHA256

    a51866efd189ca9b62dafb3ae6b15b9ae8d738e6a760037f1fb0cbdd02d55edf

    SHA512

    51fb33f3fb4a2602e35cb518e7862c837aa91ab5a343fd352536cf59370aec91618f96dbca74b3a66b000c9ece57a3b793623f887fb27243c69933e0e4d6b3a9

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/app_icons.db-journal
    Filesize

    1KB

    MD5

    02db05a1f7291999411ac2e163090189

    SHA1

    8fc9a55829cfdfe0011ccce09544b548cb1aedcd

    SHA256

    2a0d68f3878b0038d44e9a9ad0e1af95d155bd9f73b9f74e549aec86e66f87eb

    SHA512

    c7a5ed9e6a34e3833df0bca931b363c6b41b4504cb6d4eb45f85ff9b5f8903e83706beedaffc06563967d58b62cc5270d0782476466623cb3125f923752d92b3

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/launcher.db
    Filesize

    184KB

    MD5

    95045c2acf741b5b882d1ba5e55f0b25

    SHA1

    7c97b33fbd75fbe1ac2f35bb3bb9b043617d9df0

    SHA256

    e20491ccb0c8b34778a43598536ec49313a08eab1757847acdf16f3bc490a1a5

    SHA512

    a7baf7ad9f5883d540348fc23f181d135ad03afc0af8260c701f1601761ac8b62335d1587648034872110e0aaf3d7cfb419b633e93842d525668eb402d67edbb

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/launcher.db-journal
    Filesize

    1KB

    MD5

    550d898f1c8f726e72a7ebe43d0a4931

    SHA1

    d1983065236732447c4fca5c46ebc47f6aa8ec38

    SHA256

    bb77c898465b78834208f42e13619d179c48ad4a00034af43377eea948ed41c7

    SHA512

    63a1e4f86d1f6d8e02f452cf2e35393981d1e65edc8e4d6a1c610a68514ea3902f85313339c4f8005c9f0033f7383c6ad5adcb976b24f70217541b9b621481fe

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/widgetpreviews.db
    Filesize

    72KB

    MD5

    0678e6e6b1f4348088d4da865feed17f

    SHA1

    bb776ff575af7d93e0d673a42a23072e74e06956

    SHA256

    1620d357c5776920f359a8791327d4bb155107ee0b7278ebf8cd810595376d8b

    SHA512

    77b3dac14800fcfb6af4822ec77b0f85db66c626d72463e405fbfe5b90ae99a4a9096a877a08ccd5494e07d4c86e08be0ce9cf3d86af87445f7380e5730602de

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/databases/widgetpreviews.db-journal
    Filesize

    1KB

    MD5

    b913f730ed536fb1346188731c863d00

    SHA1

    7cfc2d05947178e1c8f6ba49f1077ee929160d48

    SHA256

    f8ddd234a3dc5b6979f7142980fc1dc3bd6e4d9fca95a09818bf761f21a5a1f5

    SHA512

    16b097ff0098fd2092f2f869eff5c4c0d0dff5525b79d2a5b2329d43ad14e6a914e18cf852b59c3e2307be70d7d620bcc823c77a8649f328312190f25a764c24

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/files/downgrade_schema.json
    Filesize

    1KB

    MD5

    70435833064f71228d8d001901b56873

    SHA1

    2d68b64360bb323366fadab675f387c74b42a23a

    SHA256

    73353cdbb7fbf2ee224948f35a950ad7bbaad5269b59471e690b34988ecc19e2

    SHA512

    fb7642c1c01aeacc3d5748b8be977ef272e7e9325cfd9e64b8638d4be84ff030cab8483a92ea677ffc246223df81e4b2c544e121943ac9acc8e79b6255b5b55a

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.device.prefs.xml
    Filesize

    140B

    MD5

    cc7677f1ef8000370125a5fdeba8276e

    SHA1

    f756ca95e558b857a9bc2180c1339a2475faec6e

    SHA256

    eab1c250c551613fe74936d8540339d24660417606d7b8d068516afdede23baa

    SHA512

    17587701950873136b29df172a79e0f1914935064daa163664dbe7b7ee331cd8c5f43e9421370a13461f0d943b715b1f9b6277ceb90efdef555624c1742b24f6

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.managedusers.prefs.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    128B

    MD5

    20837fd8daf2a2de8d6c4ccd8e90653a

    SHA1

    7ac08617bd4585151c239325aea243d9eca586f7

    SHA256

    e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

    SHA512

    a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    187B

    MD5

    40629fd218a1921144fccde51155abc1

    SHA1

    259981316f38f3b538443eac60839b8b0268c774

    SHA256

    edc51de6ea378118e3aee11c10db88b84059deeaaed9434cfe4154d73b149306

    SHA512

    013143b1efeca433127b20ae5ff045259ff19ce90729a66c218921d825293038747f5251043fd511533263eddb8f7ada758b75f62981044da872e2e5322b0943

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    344B

    MD5

    40e6801daac7f1acd559c527a34cdf6d

    SHA1

    832ac9144f5b1d76b309c0228e63d0878e8a8f7d

    SHA256

    a7d09131de77bab23af3f8f10290af517d6f0bafe3c0257b108edf837f3097e5

    SHA512

    77a0e86e62336afda48a3d51c2b4a79e32003a77efcccb0f2619e827c787701c258e8b29bcf3f994555d00a05e8039f2461caec57fef90e7a631f99d9630a1db

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    403B

    MD5

    a44c2fb81476599162792952dc18e93d

    SHA1

    8b2dd43570ac7ccda7648c90f13788c1d507e51c

    SHA256

    8f27506efdf280d6a67f8cd3fd10307cc597e7dd40315f0cb100b171e432b0a7

    SHA512

    fe17a9cb751a4c4c7185e178b66a91e1113e4bddaa49429a0d36e1e2137a08d0bd8ec5531602debd1ae6e48a8e7a468d5b6ed47d8122608f755809d4b13f1734

    Download Submit

  • /data/user/0/werwerwee.qwetrydsf.yfdefes/shared_prefs/com.android.launcher3.prefs.xml
    Filesize

    344B

    MD5

    40e6801daac7f1acd559c527a34cdf6d

    SHA1

    832ac9144f5b1d76b309c0228e63d0878e8a8f7d

    SHA256

    a7d09131de77bab23af3f8f10290af517d6f0bafe3c0257b108edf837f3097e5

    SHA512

    77a0e86e62336afda48a3d51c2b4a79e32003a77efcccb0f2619e827c787701c258e8b29bcf3f994555d00a05e8039f2461caec57fef90e7a631f99d9630a1db

    Download Submit