Overview

overview

7

Static

static

7

5b377d73f0...1b.apk

android-9-x86

7

Analysis

  • max time kernel
    3392641s
  • max time network
    130s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    11/10/2022, 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b377d73f0da400b8e5da33a701a9d5f7a42fe6aaaeb3f6fd996f4d5fbf1761b.apk

  • Size

    427KB

  • MD5

    056d4e0dee2ed3bae61a3f448d4a079c

  • SHA1

    43a23cfc4fd5ae9b41f20734ff78d845254fe45b

  • SHA256

    5b377d73f0da400b8e5da33a701a9d5f7a42fe6aaaeb3f6fd996f4d5fbf1761b

  • SHA512

    f1be4472071583f3912232e555c47d5b9a64e4b6f580c6f6348159d19cfef44519963c7d392b5c578af211649a7237d2d8262b5852a4ba7c8d30f87ffe213757

  • SSDEEP

    6144:S/cwt/wfktf1KrgnX28rxxim/m60lzNUXxTo7J1jSguZzdR4LxuzkM:62fktf1KrSX28Wm+HlKx6vSggBR4LoZ

Score
7/10
evasionransomware

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Checks the presence of a debugger.
    evasion

Processes

  • com.android.deviceinfo
    1⤵
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4063
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.android.deviceinfo/.驙ᑹ迬 --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/data/com.android.deviceinfo/oat/x86/.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4183
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.android.deviceinfo/.驙ᑹ迬 --output-vdex-fd=45 --oat-fd=46 --oat-location=/data/data/com.android.deviceinfo/oat/x86/.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4231
    • cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
      2⤵
        PID:4320

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      2KB

      MD5

      cb18395b35d4d750f752baf5319c3693

      SHA1

      36702b8273ae3a68d8b097b19fd027e88d7814a5

      SHA256

      64995ca554d9ddb3dec3bdf9dd3ce37ce16636aa9da94fb50bbf3aa1c1e092eb

      SHA512

      2e84b632726c34567a4eea9fe4399541bba51abd5835f724f7f7b1673f6faf8bae4cf63fcf159252e3729cd3c02ff52ee93680a522974ce4651fa36d41b3ad53

      Download Submit

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      42KB

      MD5

      fd1bfc4047f08e87c6297853baf8b43f

      SHA1

      1bfb3f57322bde5a9ac41bbad13153c4385ccd5a

      SHA256

      e7e00fd094bcc9269b0bc71ded2fde33076cd4c840ba6e225ad844fc4a6ec745

      SHA512

      8c2968efa203aea0d9cbb559a79c7b2d662a531cb6958484c0b5c215ab63ad8d43fada36dc6b703ae473e28beba783b151af709ea33d91bf2a971533f2f268f9

      Download Submit

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      3KB

      MD5

      1585ddc5801c73052abdf451be78313b

      SHA1

      d871860e529bbc03de881f2eaf1e4f7c25bc25de

      SHA256

      4d82a8e74e78fea1592dbdc25924a92f764bd33452dd133b05e13a8bb4851453

      SHA512

      7cd9cf2913067f62401c42b2b9e111d3bd6d791f6003d016324abc7b3500fd9e5b85738ca2f27bb9852e54a418b972aa446f84bf1aaef74434ad0838b5f3b2ec

      Download Submit

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      112KB

      MD5

      52c19b0c92b4ceb2e3debcd56bb7a9e4

      SHA1

      4e04300e471910e8963864247eca438e0084be19

      SHA256

      221e77315e37c92a5071844291cb1b69286d4cab1a5eb8da70e83e1b751e6f69

      SHA512

      aa9cafbe6b23c90959f3d71a4c7b652d5aa0eee70256ff02a704e1b7941156e34fa7bef84a58e456ccaf2637d1b6381651301ee08333e08382e38c56afe4cf15

      Download Submit

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      3KB

      MD5

      1585ddc5801c73052abdf451be78313b

      SHA1

      d871860e529bbc03de881f2eaf1e4f7c25bc25de

      SHA256

      4d82a8e74e78fea1592dbdc25924a92f764bd33452dd133b05e13a8bb4851453

      SHA512

      7cd9cf2913067f62401c42b2b9e111d3bd6d791f6003d016324abc7b3500fd9e5b85738ca2f27bb9852e54a418b972aa446f84bf1aaef74434ad0838b5f3b2ec

      Download Submit

    • /data/data/com.android.deviceinfo/.驙ᑹ迬
      Filesize

      112KB

      MD5

      52c19b0c92b4ceb2e3debcd56bb7a9e4

      SHA1

      4e04300e471910e8963864247eca438e0084be19

      SHA256

      221e77315e37c92a5071844291cb1b69286d4cab1a5eb8da70e83e1b751e6f69

      SHA512

      aa9cafbe6b23c90959f3d71a4c7b652d5aa0eee70256ff02a704e1b7941156e34fa7bef84a58e456ccaf2637d1b6381651301ee08333e08382e38c56afe4cf15

      Download Submit

    • /data/user/0/com.android.deviceinfo/files/geb
      Filesize

      4B

      MD5

      4352d88a78aa39750bf70cd6f27bcaa5

      SHA1

      3c585604e87f855973731fea83e21fab9392d2fc

      SHA256

      67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450

      SHA512

      edf92e3d4f80fc47d948ea2f17b9bfc742d34e2e785a7a4927f3e261e8bd9d400b648bff2123b8396d24fb28f5869979e08d58b4b5d156e640344a2c0a54675d

      Download Submit

    • /storage/emulated/0/.lost.found/l3/l_0/uuu5NOh513zjzkyMtz.XZM.dat
      Filesize

      4B

      MD5

      b879f7666e5b73c7de7ebc4032b52f70

      SHA1

      e1798367d1b1ed54425e99f790a986c1fe939414

      SHA256

      50c8ba3a6170f0a2fb6736ece8a603576ef6309a35e810911599bc6211b554a9

      SHA512

      df45732659aad83aae5edfc59bab32796c708eb61e9be97ab94abbf7616d9b3a36fba7c84aedcfe1857b54edb41e169b1959d7d7d69d8349a38d516947172ce0

      Download Submit

    • /storage/emulated/0/.lost.found/l3/l_0/uuuiNOh5kzijzkyMtz.XZM.dat
      Filesize

      4B

      MD5

      b879f7666e5b73c7de7ebc4032b52f70

      SHA1

      e1798367d1b1ed54425e99f790a986c1fe939414

      SHA256

      50c8ba3a6170f0a2fb6736ece8a603576ef6309a35e810911599bc6211b554a9

      SHA512

      df45732659aad83aae5edfc59bab32796c708eb61e9be97ab94abbf7616d9b3a36fba7c84aedcfe1857b54edb41e169b1959d7d7d69d8349a38d516947172ce0

      Download Submit