b077f0971736bf17994b2918c6509620c31da5ba8a5f806de376422ca05c63d3

Analysis

max time kernel
3095125s
max time network
157s
platform
android_x86
resource
android-x86-arm-20220621-en
submitted
01-07-2022 05:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b077f0971736bf17994b2918c6509620c31da5ba8a5f806de376422ca05c63d3.apk
Size

2.0MB
MD5

c10bb2f3be5e48037e51362f580a7635
SHA1

2c1e57cb55941bb1a61b6c90f696521f86cd5cfc
SHA256

b077f0971736bf17994b2918c6509620c31da5ba8a5f806de376422ca05c63d3
SHA512

6f308b74211e9521bb5f5ff3dfeed96732f69304483fb55a14bffd973ce1c77014132aabf95c8e6223b34f9a410f366a52111f9de605f70fb370dc69c8d2d7b6

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/com.xޜ.觡e/oat/x86/PN检.odex --compiler-filter=quicken --class-loader-context=&com.yxrjcom.yxrj:remoteService

ioc	pid	process
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip	4692	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/com.xޜ.觡e/oat/x86/PN检.odex --compiler-filter=quicken --class-loader-context=&
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip	4627	com.yxrj
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip	4769	com.yxrj:remoteService

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.yxrj

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.yxrj

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.yxrj

com.yxrj
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4627

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip --output-vdex-fd=42 --oat-fd=43 --oat-location=/storage/emulated/0/Android/data/com.xޜ.觡e/oat/x86/PN检.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4692

com.yxrj:remoteService
1⤵
- Loads dropped Dex/Jar
PID:4769

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.yxrj/databases/OxgHkj2lz09F

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.yxrj/databases/OxgHkj2lz09F-journal

Filesize
524B

MD5
1d063610269ceafe4bc488dde70262b4

SHA1
46beab47e8835023ea30e3c5397c70d6dd159e09

SHA256
5af2b475cb92e99028e4790cc98ccc3d3505960fe1e8e94b8b3a01eb98392982

SHA512
db6c11c708cd5bcc76a07f1434fb081f2102bd8732d449f8962c328bc55f5b6231a6f431ef54a81487c4adbc07ac8a7af660e6ab40235f6453b39fb93319fc38

Download Submit
/data/user/0/com.yxrj/databases/OxgHkj2lz09F-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.yxrj/databases/OxgHkj2lz09F-wal

Filesize
36KB

MD5
bb1857045e1c4dfaa9b32f12e945121c

SHA1
ab71ea9a866660263110cbfcf704fe6faa53eff2

SHA256
d0fd8346e297a4a186042c60c7e07a2c3fd18e7288c2499b52254ea49243fcbc

SHA512
c2025bca18ac4b287241ce4dcb68b16c01e9905dee3d5eeaa9c00c730e636f8f6cf32c92ea0979bc2354523d3aebe96a8ae91d5069277e95c8be3f671b45e238

Download Submit
/data/user/0/com.yxrj/databases/d275a1f076d56f0ca324c5311b9ebfe1

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.yxrj/databases/d275a1f076d56f0ca324c5311b9ebfe1-journal

Filesize
524B

MD5
b28824b647af3a80138c025301e9e0ac

SHA1
6e11752a8c9fac71d84d73fd4651e1dcde5c82eb

SHA256
427952ccd0b7d9b912c75279e6194c7da144655ca65ecfaa080b612d82cf9d7a

SHA512
29199d63f84e779c8d6475dbe0e424e4b932f5c81276962e730a3184e979dcf51b09a0873df542c04106d8deba668765d147319b894aea0eaa3dd28ee420d341

Download Submit
/data/user/0/com.yxrj/databases/d275a1f076d56f0ca324c5311b9ebfe1-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.yxrj/databases/d275a1f076d56f0ca324c5311b9ebfe1-wal

Filesize
16KB

MD5
0fd0aa0302ace810170d49914759a635

SHA1
91727853f227af0a123166947a15970b1310e217

SHA256
447074b84fe8994488f78c66b1dc18268e4805a68ea7f40c470129b7e978b756

SHA512
1f85279d27012f4e94c251fe1593dbdfad5379a81670bd5c975326fc63c053f8f6f2fc2df447ca95591da54ebf7ad0a601f1d1b9814120752596dd58292377c4

Download Submit
/data/user/0/com.yxrj/databases/wsUL1uCdKvjD

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.yxrj/databases/wsUL1uCdKvjD-journal

Filesize
524B

MD5
27393d7d00f98465cd28086f56652332

SHA1
813f98009f1dfb91190d85756e18da714998f60d

SHA256
c74fdea2d4c40c7508252770db26a275256fef231fc738ed980ad0d94c1d5f2b

SHA512
077e2042be0c036df2fb36debb52cc8c83a80edf67837f2e82d606e8777ac86844491dfc9afe95d39e8d94bdd4f60ad7fca5c03d70c37ab8e24bfb42b061bd6f

Download Submit
/data/user/0/com.yxrj/databases/wsUL1uCdKvjD-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.yxrj/databases/wsUL1uCdKvjD-wal

Filesize
36KB

MD5
753f545c7ca5f2a74dc5a4b5ac9cdafb

SHA1
12323067555d21a198b6a66fb2a016d8be5a183c

SHA256
e69550fa8003617801e884fcd68dd14d84386d1a7fd8a0c7fd1a7d8b539e3279

SHA512
7fe439882dee44e815d511d1eb29e1624a0a480d281fbc40b139dc09c6143f81ddd886d6bdac9b227876c8422c5c8de7a03aab7879fb20e0a30c419a79935f9f

Download Submit
/data/user/0/com.yxrj/files/nials

Filesize
57KB

MD5
8b0ae5d9d74431f970a0eb4b76c3c8e7

SHA1
f3dcacf0b5f5ad90036c10f558db0e0f78e31a6f

SHA256
1fb021bbf508b1b57ff808d57e97c19f859222411e61e36f4afc0c9846f44b16

SHA512
9aea51140f45608b00f70ee09885488895700ddf1ddf64649344264bea8e32890981f81260f49ae864bb1ccadae28a217b49675c99774ac91d71914872920ffb

Download Submit
/data/user/0/com.yxrj/files/nials

Filesize
57KB

MD5
8b0ae5d9d74431f970a0eb4b76c3c8e7

SHA1
f3dcacf0b5f5ad90036c10f558db0e0f78e31a6f

SHA256
1fb021bbf508b1b57ff808d57e97c19f859222411e61e36f4afc0c9846f44b16

SHA512
9aea51140f45608b00f70ee09885488895700ddf1ddf64649344264bea8e32890981f81260f49ae864bb1ccadae28a217b49675c99774ac91d71914872920ffb

Download Submit
/data/user/0/com.yxrj/shared_prefs/1E3C4DF3FE0241BE.xml

Filesize
121B

MD5
eca403428f15af83769d7fc4455e9049

SHA1
59b7c31b4f2ce9d03a2e0fab7e31ce972045a9dc

SHA256
53daa0b7f0398411d926b383c7a3bf30896b1fc741837441e7c78559b9d3e3ca

SHA512
732e37ef013a0ba0fd417df8b2a190b1b92d31ed771cc0d0a8d8600ac76fe0bc71b2b667b8e28213e51bd151c83cdec6877a49ce523447cdb0aa6443b619415c

Download Submit
/data/user/0/com.yxrj/shared_prefs/1E3C4DF3FE0241BE.xml

Filesize
188B

MD5
b6200eb3dcb9de1a9f3c5ca1acedb332

SHA1
1016fb16eb8fffbf4dbf3550588c5afb60f8378c

SHA256
c9cde968654d333afd73b54d44a4a3f93aacd1393f441d036efd12baef9ddc89

SHA512
5610f88ce6b44145d84e9da5c88036f1667c0a9d7e537e330aff5e398a20ea7d40370a28420279651a4be3cee024ca84cff83a937b61184bf38c97ef451e8c7f

Download Submit
/data/user/0/com.yxrj/shared_prefs/1E3C4DF3FE0241BE.xml

Filesize
266B

MD5
b3a3482273666384b580a369de530ccf

SHA1
440a9e58cf631ef97afabfef56efd8232140b94b

SHA256
10a43cd8de907061f7161e93030f9c8a101a8c3190ad2ca12721c90174dbebd3

SHA512
348a74771263956591c94b6589940cfb5f8ac326f64704a32c836e5d5888db6a28dc7546089dbcf92f82534904ad9e6b2f74e48954ee688b38c47d0ad799ab17

Download Submit
/storage/emulated/0/Android/data/.dataycache/i42d45df023jnkdd93la483f9xGFKXI

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/.dataycache/s92TjjdfoP2n3o9dfji2l9s1olkjf0p

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.nzx.jicu/jnvte

Filesize
532KB

MD5
e42f47bba840de7c14adf88479cafcab

SHA1
ebbb76a56896c7459a9d54fe33cf428f816bf84b

SHA256
74c224a8d49e31283adb89f3f1c1608a26b805086ce2955f85a41ad9af206f01

SHA512
eb2c7ae51e94ba366d0d8681cd008b64a098cd3c86d4fe0839f3138b4dfd570f94200bc2f2a6cbdcb576efba94f638d613e98f96f003dc98754e020064164a15

Download Submit
/storage/emulated/0/Android/data/com.nzx.jicu/jnvte.zip

Filesize
539KB

MD5
e175a3b5285a606c0620cd94537bd871

SHA1
2f924c2f9c52c11fa64fb3f1821f14ec5a5d48ac

SHA256
597ec1eff2136fc9a4a60007b89e6c3d9b2c33501d98c47dbab14847114255b5

SHA512
c1fb72944cf6a27ca4285a55cee6cb314158719f5b1b17892dee4b5e330659dab9e258183fe44a7d2d2ee3e21ef140c9311d87cb4194e2aadd5dd82f46ffd1bd

Download Submit
/storage/emulated/0/Android/data/com.nzx.jicu/jnvte.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.nzx.jicu/oat/x86/jnvte.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.nzx.jicu/oat/x86/jnvte.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检

Filesize
578KB

MD5
fe11aa752c5c630bd7f92ea3265c16d0

SHA1
3e4023a823fb9b49250e4ab01b0da62233696d8c

SHA256
53b4bd0047cd2402814150328aaf44da47ab8ced3384630999f075f38376e056

SHA512
97f39a1cdc730fbbc88f6acb41407d0f3a90322a513d0dae56f0c097a5c5568c1c4c040684426c93e635942c5da21ef5429bc9773d197251f57af859020262ce

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检

Filesize
578KB

MD5
fe11aa752c5c630bd7f92ea3265c16d0

SHA1
3e4023a823fb9b49250e4ab01b0da62233696d8c

SHA256
53b4bd0047cd2402814150328aaf44da47ab8ced3384630999f075f38376e056

SHA512
97f39a1cdc730fbbc88f6acb41407d0f3a90322a513d0dae56f0c097a5c5568c1c4c040684426c93e635942c5da21ef5429bc9773d197251f57af859020262ce

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip

Filesize
578KB

MD5
5ee35d27f6ad1d62d4cdd1157026734a

SHA1
3a73cba1f30a38796ce9c1830c4a5665cea7499c

SHA256
a08cd6b53f984030dabf58c7d35d7efed46f8f2f7eb82fbaf4ec6176c1c5dd18

SHA512
7684aed794ae67c5e888b09a6d6bb10be8ef6c16ba0cebdf8049bad783eabc3a6169cc08453884271028dd382f6682f69e42c963a6a93d9e1f78dc9415797f8f

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip

Filesize
55KB

MD5
8a3bd89b4a46aacdf04afbf7726a9441

SHA1
2cfb39ae8f7894945eb4c87644d776666da46e49

SHA256
8eea754ab8858ae2c9ed0b199cb165f097e7265cb3434cd8f0329f701daeb341

SHA512
f1ad4d744b1fc610b23a243fc180b9ecf2147b35ff4f984257d7aa1af8e9f94148e4bb83d4ec182acfe047729e7537d47d372c16555fe6de429a005c65ed9a77

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip

Filesize
55KB

MD5
c34a12607c88bb100e55377082f423ec

SHA1
8ec07e328b2af8d6d219ad51f1b17b7d635a2d5e

SHA256
7955711fe074248d67d61253b4cad0536aae82f582c9fc7b1f21ad45eba50951

SHA512
d8e26a9707f7c8ef8cfaf5afc9d136115ca2f21d64ee6327deb040755e937a50f604910f352eaf709e88e1616ebe260b06471da83a41f9fbe04c8db9f039f9bd

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip

Filesize
55KB

MD5
8a3bd89b4a46aacdf04afbf7726a9441

SHA1
2cfb39ae8f7894945eb4c87644d776666da46e49

SHA256
8eea754ab8858ae2c9ed0b199cb165f097e7265cb3434cd8f0329f701daeb341

SHA512
f1ad4d744b1fc610b23a243fc180b9ecf2147b35ff4f984257d7aa1af8e9f94148e4bb83d4ec182acfe047729e7537d47d372c16555fe6de429a005c65ed9a77

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/PN检.zip.x86.flock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/oat/x86/PN检.odex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/Android/data/com.xޜ.觡e/oat/x86/PN检.vdex

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit