3cd3be87d40527570990878436a0356c46ea0ce7c4d7a6b499a22bad56672ebf

Analysis

max time kernel
3264714s
max time network
134s
platform
android_x64
resource
android-x64-20220621-en
submitted
03-07-2022 05:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3cd3be87d40527570990878436a0356c46ea0ce7c4d7a6b499a22bad56672ebf.apk
Size

2.9MB
MD5

b7a79e295f23fb51105282797d05d8f7
SHA1

1de4a6a4395a45d6c1ec1c67cd27720ae9708034
SHA256

3cd3be87d40527570990878436a0356c46ea0ce7c4d7a6b499a22bad56672ebf
SHA512

766bbe6b46122f317dd0f7ccf2fb6f881dcb8967fc8b22e7338adf36868c2d3a3831a04667b1a06334e5ad1f529fa470546d17c98cdb33e7caebc702b38b3820

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.thunkable.android.waqardogar588.Let_The_Fun

ioc pid process

/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/1582435991586.jar 5446 com.thunkable.android.waqardogar588.Let_The_Fun
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.thunkable.android.waqardogar588.Let_The_Fun

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.thunkable.android.waqardogar588.Let_The_Fun

ioc	pid	process
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/1582435991586.jar	5446	com.thunkable.android.waqardogar588.Let_The_Fun

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.thunkable.android.waqardogar588.Let_The_Fun

com.thunkable.android.waqardogar588.Let_The_Fun
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:5446

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/Cookies
Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/Cookies-journal
Filesize
1KB

MD5
358f5401f863ad88df62a425407ce2a2

SHA1
deca8cdf9fd503dc382b9c598af7508b7e706127

SHA256
6cfab7c3afc68127e4b2bb302db56c7c2da6898eea1128be2a0596808e8e1701

SHA512
bbcaa804cafab9d8093c9818cbb365f0de2591e10af59573cc5ac6da9b10639dfc5e19c71a20520247c2ae37d4d4d064df3a01c6c73bbc8c51681d7668fa635a

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/GPUCache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/GPUCache/index-dir/temp-index
Filesize
96B

MD5
47f1ae7a01f1ff4f21eaaa7770c6fe8f

SHA1
1189ddf82e6c8199efdc257614ec7f616cd0c3df

SHA256
c6845b919dcc947cccdf7aa471b34db92f0c30ff8b102392f8b956b4e9773a05

SHA512
39711a046eacf365179d5f58e5aae7a60daab43f29774e4e01837407523605d0aae21959369c7b8e84a745001120c5dcd59d05579b1bf68a4bed19bb48cdfda4

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/Web Data-journal
Filesize
1KB

MD5
d5fca9bed875ceeeb788d02e100e205e

SHA1
7638fecd55cfd621431c1fc16f598de92b00798a

SHA256
32ad3ebf19dadbbf2647b3a1055ef56a94fea6f4b60b95f67f1ecc18880778ec

SHA512
d09fb5459b6089fa3e0ea05ccc9765e40a9e2e0aa6c431aa471417c2395a8f30f3e0bc5e1e4d7b72751219d2dcb0a923be8d039751028c05591b8e2d65be654e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/metrics_guid
Filesize
36B

MD5
679acd97c670b6b53ccb908a7371c110

SHA1
962772ffc6e42c7c088067c62ee3ff6f8d9f72b2

SHA256
740d2f3d4960e1c4bb7a2c24c47a46a1224695747fc3dccd2eac50a255ad066a

SHA512
58a81d989db6b38771e38f8c04c268d5842106c622a35959d59b9155922daa5dc283bb2209891ae32241af62716c3acab3cd94f80fc7e4a1956822ed2c34b75e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/1582435991586.jar
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/1582435991586.jar
Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
c18406a9d406950c9a08d0ee3d46588b

SHA1
cb2b18932e8f588ae870f54a7baf981526751e82

SHA256
7acd490c2b5bafd04bdcf000177744b2dca27a58d9660e840c44dd9889e8b31b

SHA512
feff8a816d4d2af40359b5525ece2d41054349a0adbf6858c3bfefb86069a705098e3afd940a01e6285702b597f564d28917dd12b06473c027790b07907c6117

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/oat/1582435991586.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
ef8c23ea97a415e6088149bdbd9a502f

SHA1
8701f61bf1d44b2f6ffeb7ab55296d514822ff12

SHA256
b06e9188d4d45179a3c533915a27f3702bc0e269579f5a49267e098a23706512

SHA512
e764820c635482bc8beadcb8efbf59f549e645f10c6d4dd06560a35ab0e6e68e72c84b4a0429be652c77b5889e3336a80d93cf7f14e0d69bfcf4d3b006be3a79

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/f038e94cb33282ab_0
Filesize
240B

MD5
b8d3e0eb780205daad62bdd67138ee0b

SHA1
c49591a422fc062ab7932978636c96e301f056e0

SHA256
31a78f31291acea4db513ebf114e76c410ab3d1fd2f177ea196b1ab4c3442ca3

SHA512
c475af0ecaf4975c2abade100e83a34d7259ca74f28eca81950c093b65af0159fcb97f161a5d7c3a206c1b843606905efa8b00f4655f0433807f017249dcb7d9

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
96B

MD5
ad0dcbb20e1be4de2838c595b25936b5

SHA1
e4ee0d8ad46e20286830feab0306a37d592c5109

SHA256
bbabc06de9f3994aa9c0a12a5cb83e3cc8f4f0e34502da24b262468f7b667537

SHA512
2f5db5fb1628f01116d4a66c7b9e2890420c31c9d844970129039669ef3ced815a903a61cdc8f7bac74c4fdd9eb2dd99bfe308666a4934be028948ebef501f0d

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
144B

MD5
059ff7edb8583e7292e7a172c3b8207f

SHA1
53d2fdfa232305ebd93a6e841e2a1afc0d9881be

SHA256
de169ed426031485e996fce4e25345037001159ace6c317180c6798755db3ad5

SHA512
bfd43990b741506fa65ab5b411d7626f0607092538dbfba7561ddf245bb2cdd69397c4ce909b70f5b9dacf63c263df4fac67816aa8efaa59aeb4c9e798a4c689

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/databases/com.amplitude.api
Filesize
112KB

MD5
c579ea23fc7394fd2a575260d2d608bb

SHA1
c0db6d86989975f768c8abe21cc67d04d74e84c5

SHA256
a5408ae1cb75a5fbc725c84f0ad18456defb09c76793c9913aeb2d7ffa59ea7c

SHA512
e8b3c629823535f6faf00560b0bb47bb5068628ceb2319fe05e70d658747e77e8efb66de6c21b02c41ae900b4cd7ef1904329808b0323ab90e0ba4990332dcda

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/databases/com.amplitude.api-journal
Filesize
1KB

MD5
b85f2961d09da83820d06757fc2625a5

SHA1
954d2726f4e9d74e7b9f0a7febe9f99a88c033e5

SHA256
c954263c07fda208c9744a238f4cac7cf039acef5e5d3eec521009d1ae420e94

SHA512
520f99e9304f12f3d29679a51f69c9df18159eabd613e8a771313758633c3620523c7ab76a199a7d6dae7ff37b9a0e78e1ff851eef699d84ec01be4ac0c96e79

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/62C12CC701E7-0001-1546-55E7FF274D86BeginSession.cls_temp
Filesize
79B

MD5
f380b7c1316df3b51cb8b01ba9c7d46c

SHA1
4a04d9f4a472ade89d634eb2f2833d428c6768bf

SHA256
f8f6616d503c7b66bfdd9d587a248db6a44446d0b92188d153f2bd8fdfd171c5

SHA512
f0cf280bb5085b1e1d2b439b79e0abeedac493dd31ab816e47fdb5058c80611c199a6731e290a1699698bec923d8a98fb910876d93390be49982e2c9549cb548

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/62C12CC701E7-0001-1546-55E7FF274D86SessionApp.cls_temp
Filesize
110B

MD5
77846ca82f02680c53e9d7e43f6ebb0a

SHA1
f07f75a918042a501e9d22f231a858f02ef13bd7

SHA256
dcd1434b499150cb8ae7ef541b6a135d2e21b3b4de829a81344b7c30d6e83942

SHA512
5bbb48ffe7fe0954a16adbe9fdb1bcd0af596a1dbd97732efc0fa78ee3414d444266077fbdebfe8c731e547ba485318ea4d5d98cfd979490541d7babe6f46515

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/62C12CC701E7-0001-1546-55E7FF274D86SessionDevice.cls_temp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/62C12CC701E7-0001-1546-55E7FF274D86SessionOS.cls_temp
Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/shared_prefs/admob.xml
Filesize
133B

MD5
8a2fe1d84f0f826666c1fe599045ccf4

SHA1
f7c30bcb953062a6d106d7c961cd37352a7aca4e

SHA256
0255e4c70081fc1f6c277086705a155dd2fef4986b09a58a251f40011fd2be21

SHA512
1307ba6a10c5d23a7062e005c9bfc6eac25eccb130dc5c8c66561b0bb4755def63e70f9e4096406152634d20cbe91bd51eaf125ae0343944cd90f0736f55c00b

Download Submit
/data/user/0/com.thunkable.android.waqardogar588.Let_The_Fun/shared_prefs/com.amplitude.api.com.thunkable.android.waqardogar588.Let_The_Fun.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads