c46aba6e5bb2c2c0e61598d488d798f93d9ec237030c2f7ee7561a7cb2403187

Analysis

max time kernel
3097668s
max time network
136s
platform
android_x64
resource
android-x64-arm64-20220621-en
submitted
01-07-2022 06:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c46aba6e5bb2c2c0e61598d488d798f93d9ec237030c2f7ee7561a7cb2403187.apk
Size

1.5MB
MD5

24e50862d94f40c163de0cff6043096b
SHA1

caa7a20919259762c07c42016e177897cb2b8296
SHA256

c46aba6e5bb2c2c0e61598d488d798f93d9ec237030c2f7ee7561a7cb2403187
SHA512

f8048af12b41b7fb130df18b48c6fc2c014193dbf39715818f027506ce5455745663626010f281bbbadb6b6fc5b7ccbefdb0226c363de6767b2670c87013027a

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.kt.dotc

ioc pid process

/data/user/0/com.kt.dotc/files/016566600707581.jar 5020 com.kt.dotc
/data/user/0/com.kt.dotc/files/1656660071222a.jar 5020 com.kt.dotc
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.kt.dotc

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.kt.dotc

ioc	pid	process
/data/user/0/com.kt.dotc/files/016566600707581.jar	5020	com.kt.dotc
/data/user/0/com.kt.dotc/files/1656660071222a.jar	5020	com.kt.dotc

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.kt.dotc

com.kt.dotc
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:5020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.kt.dotc/databases/a1.db
Filesize
72KB

MD5
0ed71f2ee7f212d248c9c07244519c7d

SHA1
f8613581df10d1729a903e767201a2c377295ca3

SHA256
f4f01c91ccdedd71db554c884393b95fe5c3629c4819526a22ae1ef1f13ff3a1

SHA512
29177f9eb5347d2bcf47d61971659ec6b72b4225393cdc7f51fcd2294104f345ce22b8b514d530777b84b3911231c88329e0209dde6c62eaaf7fd2dc1b4bc3fb

Download Submit
/data/user/0/com.kt.dotc/databases/a1.db-journal
Filesize
1KB

MD5
2e7ffdc84db85f01bddf0076525e7885

SHA1
251e33a023905601b56bda9c97d99eecefb2b3a8

SHA256
d51b03314f3356d71e178f7143cce200c19eff8c0f9f85a3dd80188b9a7891df

SHA512
6abbe2c15040cc802362c1e31ec94d9c770a2eb7ce43fd853cfcb835fce90534b824df97b316677eb059778370ebb980f384c1bb403fe2093ede2a111e6aaf07

Download Submit
/data/user/0/com.kt.dotc/databases/main
Filesize
64KB

MD5
bb53e8524c50e547fe952c7754fdd558

SHA1
d9bf4b91de67abb86edb27ee6b4f66c6414228eb

SHA256
fe7e83ead4cd01af7d5a78f548afeb9d21a2a703c22412dcbf73569a74fe4322

SHA512
b5db056aaf3caa2a6ac9c8b2548e16fc6be4fe24d44a58b7b785405b9b0f6facbd7a5f198d38778a13624e80037af461dff117a3e216688dcfa2dbaf51c78da9

Download Submit
/data/user/0/com.kt.dotc/databases/main-journal
Filesize
1KB

MD5
58f10c05903ae7ce8b7f78d0128c39f4

SHA1
01fda44f56fe6aff259ff9d3a9b385dad661299b

SHA256
eed9c73cb6280e8079d265a9da556b41d55a7b18528bd1a864f7f8bd5c37a386

SHA512
77f7251256b52076b4ab62bbbe2bccb7a3e3fb03b68d1da9562cd4b350fa92721a54db396cb56e036d5ef41508f4f3a75238f2be3f66d27ddab34b36c7e542a0

Download Submit
/data/user/0/com.kt.dotc/files/.imprint
Filesize
928B

MD5
9d1df4f7cacdad9a9694f6d08f62a1d2

SHA1
40595c53effe74843896285a53eb78aef4a50cbe

SHA256
96ecdeab35a92cd0d5da0ccc0817051202299402776a18045837d714bd7fe0ad

SHA512
f85f817682fb91a297af5ed38f0760271be1aae04e0889d92648d85c528e28d552d66f6e8d556bf65f5a6a70e984b206b0268a5a2a1701e0067c257eeec4937d

Download Submit
/data/user/0/com.kt.dotc/files/.umeng/exchangeIdentity.json
Filesize
162B

MD5
21acfca231711932ac6d3bb1aff20563

SHA1
9a9fcadc992ed16c102db812af9f9f6f8c605394

SHA256
df286155599c4a63f051f166c06cc13f88e967fcc5a285d282d3aa5c41a555e1

SHA512
8c9a6e71e5c4f7fad9af9e18000ed91247eb5a693101045b6ed2aebffc24950ea006b1497b7828873129faaf325c04ed98d63ea86f875bbf47ec52f6bec03360

Download Submit
/data/user/0/com.kt.dotc/files/016566600707581.jar
Filesize
91KB

MD5
7958e6386f47b0231858f0199ed2c80e

SHA1
8304a6f707d9d518f5026727c8633793f47f1b5d

SHA256
9e2a4891ec4ae2774c15875cbcb2e25069c7e8d82f098abe754e75def964930c

SHA512
55ae33a86bbf617262d9d1937124373655e0046462198a56f6663c606e59ab456c1a042029727a8ab66b8d7b3ad0bb6698a926e6de05846f8a2ecf93de25c282

Download Submit
/data/user/0/com.kt.dotc/files/016566600707581.jar
Filesize
188KB

MD5
9a6b81058877f901b93a599eea1a6242

SHA1
fc1f077d453602467a8a74756a347c10b77d0cbd

SHA256
29c4a716369e93c98be7ee2e5cfe497598c6a30e5092a7c82425900128f81d45

SHA512
ad4216323316f07be6d02fdf3130b9dfb504cc1d7fec97638f8f2bfcdfa416537f6818f2b5857d1597472ce04c292c468f9fa59e3f846619ffe9ab4b56902de6

Download Submit
/data/user/0/com.kt.dotc/files/1656660071222a.jar
Filesize
63KB

MD5
8386b59912a6658c20c63c48fcd85bb8

SHA1
ef7c4532de5d9caf6c43eb3ee4dd27c08f1b7dab

SHA256
f4489c17df41f6eb3f6c2c750c51c25538e10cedf3f6090bf5167af21b08f86a

SHA512
2f73fdf16634d0da20636e5d922252b65f9d6c9b88fa063278f7ee47caefc7ff60566a6cf707bb48fc9f7871c6afbeec5f106714d3d532fdab43eb9605ba3a5f

Download Submit
/data/user/0/com.kt.dotc/files/1656660071222a.jar
Filesize
133KB

MD5
1f79de0bfa3914555e05737d6e2195f3

SHA1
61190ed2f092e0d54f6bb38cdaf852ba9311500a

SHA256
5055e14693efa3f195bdfd8b116e7855d0a0c733ea80a0d56e4a875a55f6a7fe

SHA512
28164bbbb9dd307ecd4e0821d042c44782aaa9fc28e5720d726feac34a770c40d36241eab5f628e6357a95514eebc0227216b3b8ba612b12b4a0dc87d3d67d53

Download Submit
/data/user/0/com.kt.dotc/files/oat/016566600707581.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kt.dotc/files/oat/1656660071222a.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kt.dotc/files/umeng_it.cache
Filesize
352B

MD5
20fbc7545ea64c6a5a59fd085da556a9

SHA1
3f88432c986be9b0729a1934b6641f1a0510b227

SHA256
755f9fe0123d89337570af8ad525d6373588254a6a7846e713398493f25589cd

SHA512
aaef853c1929f04de6c8c551c2ad4a8670b0013723e70878597f54b44451e90f75f0dd9436f6d1c2d0a4b24831a479d01de0ba4b1d8d3076d9b1c79b6ea51e75

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads