459206431b5676d0b6e69b0dfc13c50d5531774364b78ebf202948a69c2a2174

Analysis

max time kernel
3637338s
max time network
131s
platform
android_x86
resource
android-x86-arm-20220621-en
submitted
07-07-2022 11:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

459206431b5676d0b6e69b0dfc13c50d5531774364b78ebf202948a69c2a2174.apk
Size

2.2MB
MD5

ca5aaaee21c898271d0eb2fe5b27eb1c
SHA1

0851aed096601bfb64aaa3e088e9dc1afa92259a
SHA256

459206431b5676d0b6e69b0dfc13c50d5531774364b78ebf202948a69c2a2174
SHA512

12030a80b9e89749b81ade1c935bdef546477c070f3b8f6894e569c0e7371591c92b20c2278cc7adba5936e0d0159b7e6497dfda2439fa1beea9ce6b1753051f

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/x86/mycode.odex --compiler-filter=quicken --class-loader-context=&dow.vkf.vjd.vjd

ioc	pid	process
/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar	4403	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/x86/mycode.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar	4319	dow.vkf.vjd.vjd

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

dow.vkf.vjd.vjd

description ioc process

Framework API call javax.crypto.Cipher.doFinal dow.vkf.vjd.vjd

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	dow.vkf.vjd.vjd

dow.vkf.vjd.vjd
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4319

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar --output-vdex-fd=44 --oat-fd=45 --oat-location=/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/x86/mycode.odex --compiler-filter=quicken --class-loader-context=&
2⤵
- Loads dropped Dex/Jar
PID:4403

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar
Filesize
2.1MB

MD5
fd4715fba96b87617a82247cfaedc8a6

SHA1
70ae8e2ca4caadab70d15b0e4210b0ca09649ab2

SHA256
f68f5c42200fbcb28f93ce9f1e3306ee10265c309141de7b17bdf0a876d49f83

SHA512
293c063d491525dddc7932a833d4afe422666c7ef061cdc0f76c086f8b41933d940e8a82123ab70f6a6a3035b4749d49dd38d11d39dbde68e3257d1b57800dfa

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar
Filesize
2.1MB

MD5
9790fab23ad41b4a39e56e5d1d5f6b12

SHA1
381e0019568e3d560764538a977b53b471536098

SHA256
e6192e1ab87bc02501c7dd7a11024cd5a6db9eb9d0bc354b4a6762b5a27ef30c

SHA512
630df2255a81dfd3f50604786a3e6659eb2df85b6c52b6a3d1c8ca44ed115848198ace57370de15a1f602426008142109873c9e57681a0e1d3b8e49e65876ffc

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/mycode.jar.x86.flock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/mycode.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/x86/mycode.odex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_cache/oat/x86/mycode.vdex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/Cookies
Filesize
64KB

MD5
cb7543c4df600f2af58097cce0e334ba

SHA1
83cc92f38c27fdb4fa519b1ce2f37912f24af1f0

SHA256
64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233

SHA512
ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/Cookies-journal
Filesize
1KB

MD5
bf7f1acc1cc1e7f71a458ea2e029ccbe

SHA1
e2e91713b0f7c896d367e415521782f9a7c585c2

SHA256
386fe706eea7c63338c6ea13f5410db18bf32c7b32e310a0763e5fb711bebef3

SHA512
574cb3b5922d58fe393108289b5de31ffda5555bcc6098b6e2c369ca19da5b9804aaccc25c8064e6ecbd787778420d23c289cae6c0353b3484512405c58b2b13

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/GPUCache/index
Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/GPUCache/index-dir/temp-index
Filesize
48B

MD5
4cc55ed51f3cb687b2b676cdc392bf04

SHA1
d3ef47915ed0eda1068b5d09167f1cdea439ab27

SHA256
1e31b344f6d8f83514b1a3aefaeb4832124f82d882002af3421cad491f593cc0

SHA512
34503b61817cda20f219e67d0ee44474e192bf79c38f2c79e7a1d93eca2a94e58c709f5b4c4086840d578ea89c5f1d9d7f80557e796e5eed6bbb18f2c3b8aa15

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/Web Data
Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/Web Data-journal
Filesize
1KB

MD5
c7534fee21fa5db8ab7514a96f4732b9

SHA1
e17472f80eb8db0f38d5ddac6629d8092180a941

SHA256
9585fdef8e42af28cdab801cb31cecf184c4d4518ccde0391956c01524c47253

SHA512
351cd616f4c1c4773c53cae88950cbff608ce5e26f428e42ffff5d65607ceec332d1d53b94b8dd76d3651488b4d2b2e0563c29f120a4fa811d50263606e84010

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/metrics_guid
Filesize
36B

MD5
f06c58f66b457d37460068884f6eea5f

SHA1
8bcb3947a429c02e23c50a05cd685da28a272aa8

SHA256
04ae05e71baf941a1b00586f1ea1f936c37be8d575a018e18d3536115060b8a3

SHA512
5ee0faab37b6d0b38cf2bde366443cf15852fb0f38aa7ef6e5e4232e62d3ad3a35f0a1dfe92383497a5ebfce2a71cb812b12e9df1f7bcee0839e73eb602697b8

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/cache/org.chromium.android_webview/6fa6746a0c8d25f9_0
Filesize
123B

MD5
c3b55d9171f60c85316f3523f081c8d3

SHA1
8bda3287c0b4a6e044a6486a63e53d34e86bcb3d

SHA256
c71b6b758fc4735fdc7b892cd5308993fb6f8d598ba81bf8c152857feb59dd8e

SHA512
26aef6cac400f1ddcc7eef97bb465a3ecabae90e4fb8dafe7f966895db05bd4ffa7a2f05a838dec2869d6f81c317bd3186d22e03f3466894176cb3387f0f39a3

Download Submit
/data/user/0/dow.vkf.vjd.vjd/cache/org.chromium.android_webview/index
Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/dow.vkf.vjd.vjd/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
48B

MD5
3c72a418a4fd3388e7d49c1fa63b8b65

SHA1
fcee30513d8d2cb47fb74eb6ff1139d5668807b5

SHA256
8dffea3bd85d3a2b9ed161723011ef88b381e3da5315cce0a07018778218d901

SHA512
05138e9b42552c384f54ed162f8dc8bc4e8b89da1dfd693cb50a38d6c29bfb9ee47be6f8a1e7b3f74768ae445127408a8cae7ed8a9d6a1e1f719bfd64a4295f9

Download Submit
/data/user/0/dow.vkf.vjd.vjd/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
48B

MD5
fa1cb666eed3e28bf9a5653905fa7e8b

SHA1
4d677a16684fc0ab1cddbbb09cce008356d5b164

SHA256
37fc31c106848e088f29bc1a0fee6d66e11eee198c84511c70e8d44360721832

SHA512
761d27bb05cdb115f7e8c18fd466594229271b9de54bd747ccb0f7c03f15cefe2f12dc2a6eb9846f7ac5c5a9059de33e83ff12bba717947d6717db1812c3f7ad

Download Submit
/data/user/0/dow.vkf.vjd.vjd/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit