039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7

Resubmissions

27-10-2022 16:01

221027-tgqemacff8 10

21-10-2022 10:53

221021-myzlasgda4 7

Analysis

max time kernel
4197687s
max time network
149s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
21-10-2022 10:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7.apk
Size

1.3MB
MD5

34be434996b9bc19112f875f0a3711d2
SHA1

ad451e4fc750c83a58fe8f7234f1766ad315a565
SHA256

039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7
SHA512

28d6385703c1591853de9bdf7724594ba0187aeb40accf150b877a2785e915c7dd7ef8720f9cc8f0e33793b6c2b6d88845f3f7fb818e8575cf9daf259723dfd2
SSDEEP

24576:RknbtoZcY5eJDj+6DiASSjctlRSEuw/pzIx27hCzGLQLfFK1RnHrmVXyQZ:RknbtoZcY5eFJibtrSEucp97hCzGLQbX

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.apps.amaq

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.apps.amaq
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.apps.amaq

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.apps.amaq

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.apps.amaq

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.apps.amaq

com.apps.amaq
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.apps.amaq/app_webview/.com.google.Chrome.uhdQPn

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
18cfdf219e130aa366de6f659c64659e

SHA1
4519c60b52b4d98519a645a63c60fbf15f6138f2

SHA256
e031bf47b632c30fce9b62bf76e9567ac3b9248a2d5f3802e3a0cd69beb65143

SHA512
a3946456e964d4c41d1288457fae587c652ff4893640a0e05cd29148300035da45450e061b9440c8a94888042c863097fdb5ac7283217650a9509ff7a7905138

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
ebc29ad22f6460b0cce0c7c5e1781e29

SHA1
576a7dbda14e9a203510be668dd6e7c2a66ba3f9

SHA256
f9e27f561577025ddad84a7cae9ccdbedea06109ab9c3efae1f576589e729c2a

SHA512
7e527162f00d05ff3934e02ccb7e5c4ec2697fdd8adb4019e583331158a7062dc1094693adef5a7c914aed9837a67d4b5882ee01feece307e7ed4c84084cc202

Download Submit
/data/user/0/com.apps.amaq/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/webview_data.lock

Filesize
19B

MD5
a1bc9501103262b9fe6a5bd838696cdb

SHA1
55cba6881abe79ecb3aef0079639aea10aefdc9c

SHA256
c66371673bfc302fca04b249c1c6fa6040a510848238648dfc49a97371d15293

SHA512
95cb98c0c49937d0cea7b1aa7c0b4c8d4b66d41c422b32cb9c93bcbf764c0d1e2fded478f9ce4b6d27255999119e8efe57a7cd116f27be02d19d10afe0ba955f

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
8e785f9435a97bec50dfc7603b6f8e71

SHA1
8cae9427e3d4ad5147aa8d5ac3f82f5f9f11e47c

SHA256
9cd86fba6534ec296c280625c786977902d582c77f2ea8dffb087f9c56f92af1

SHA512
09f6eb508841cf191077f8bd2b7835a0e506010ae8671aeee80eab88bcdf1fb4b02d72cadeceaaf7f671555281e5de855a17889ed4db32119747b33d99535be5

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
39ca94e0d285358dd2abef7c35575363

SHA1
048cb0869d7c941bf0f1ee4f1a25531a0af209de

SHA256
cc9943ee5ae86313142503ee2857058220691e74955d9514b6ce0e497c553b56

SHA512
d00a2152eec722ef8857faa975d92b5076c6900623d3c62346014954ab12eb19c0f187037dc702d0857018c4ba79046cce8b084663589aafcc463b4654434944

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
3f67c509b7788c20d860cada95464d0f

SHA1
4a05b08a3bf440c18b68c0a6a9add9aed1d888be

SHA256
ad992dc79a69f762b4399a591f5ab4acc1a0a54c1a962e3f86b258aacd1c4f64

SHA512
1a183449aca77aea116fb23452cf038fa856c872b8446b340c5785ece707e4cbb36f90e9b5f43770435a32ba97447325f41e1529c878bb1925aa7fead093f439

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.apps.amaq/databases/DB

Filesize
64KB

MD5
9ac6f955a7e3a9f0dd439bcede206f71

SHA1
86ddd7e0a8918b5ef67fcc8848da3c1825c73ac4

SHA256
0e16c859f9eed28d9503255ce763544c74285ab38fbe245362a1f396a6c41e10

SHA512
6de65b3d65d3fdc7f6291c4aa3bd6afdd1f19bc301bc2366c63388b7a37df80011e4ad488f3f5e343195b8f7bcf9f773f658fd6c1469cb3a8eea8135206fd76f

Download Submit
/data/user/0/com.apps.amaq/databases/DB-journal

Filesize
1KB

MD5
967f6547d2ef6f8c8d4e04dae0d68db4

SHA1
f11088a7e690d0539bf197cfa5eb355f18de6141

SHA256
5fce235943517dbe4e681fc8719819d80e59d6139f39dd13924b01b7948f6322

SHA512
2d7888eb26f9e7a1e8165e1f72a84c532b6379e93ea540484f7d7ac9f477638edf285514452aee461f1e57de0e39497b3572d0b839693a2cd114c3f7cf13f095

Download Submit
/data/user/0/com.apps.amaq/files/221021_125800576.get

Filesize
183B

MD5
c8284273c37544e01283e6dc76278809

SHA1
7931b8f9b81b3a180a3f7c1781a4aa5d4815533b

SHA256
659f570336884a3eb42620dcba5b14d6b74811de5c64e20f543fb17bb7f4a8d2

SHA512
1f80d1544a8df4b650a12ac92a89a85c14e0eba0c996967e03c014bef84161d4bcc50bda660f0b808a8710f276eda2536297f1a831a33be97c13802de05197e5

Download Submit
/data/user/0/com.apps.amaq/files/221021_125800664.get

Filesize
51B

MD5
cc97c5fd4a0579b7b9d26b50f02c5d81

SHA1
864e0a23dfad88f01bfc7d3c6a5a98dfc7cec369

SHA256
9c15cef541b25803da042b19432720550ac6a66038f7d70a46cfcf53f7f438af

SHA512
fb264d03de7cf2678c45f96db7daa9a284edc9603e9fe738afc2edd90bf45cf0aef6aa76e40229313c6ac055a8b2fb6408ec826a7434c28169dab95cca5647dc

Download Submit
/data/user/0/com.apps.amaq/files/221021_125800710.get

Filesize
51B

MD5
a1f91b5dfe968a999110fa0f5daaa1b5

SHA1
4df2b45022a208f0917cbeca56a61787f99fe576

SHA256
08f34b83c4693c0d5e8c591e9a1d53b6780520d06dcd002d8d2070a3b6682006

SHA512
3ff586ed45390a7c22cffe7f0858c1d92ac8d56b69256677b926899286cf4711bbfef15939619ce839515faf9e21eb5df06e78310b4e1281083f52f631e54667

Download Submit
/data/user/0/com.apps.amaq/files/221021_125800751.get

Filesize
51B

MD5
4037dfef5921c5335c54cbb66a3f9ee7

SHA1
8b2975008d606a1300efa959cfdce2681c4132bc

SHA256
b5508cb7141dfa56ce1ad3a734476deea79633b1e5d7d3409f7623d3850ed9a2

SHA512
099384db68c2cfc1708964ac0dcfeebd921530672f20dd9136ae106789137bf6ab773977fa61a62f1f54edfce3e00a98e3a8ab373cdadc9d269110749db9efc0

Download Submit
/data/user/0/com.apps.amaq/files/221021_125800776.get

Filesize
51B

MD5
290d61458baa8230d632a85779f95739

SHA1
8dd7c37e064f83ca6e79ec2e203333b28bd666f2

SHA256
0c54628b1611953f65af91058301d8395ab210e724cab2bcafb90a2fb5a5088a

SHA512
a43340b091669e3c02709b6086f8c4e250e0ab7cc704767da3de0132fff39829d259dc8862643fba55a93015388b44571f2428ca49f93a1dc1b99107295906e4

Download Submit
/data/user/0/com.apps.amaq/files/221021_125801722.get

Filesize
51B

MD5
8647c2926ee27b4e7878fe755c5b1647

SHA1
81d28066e2aec1c9147dbf2da01307b576091bae

SHA256
c0383d2d6304d97501c8a4161f996cafb5616e7388c1b72a4400d19332d182b1

SHA512
1dfbfecf261864e13592670be7f79c36b2fb31e33fb21020eaf97b1623fe033fe5b885f77369751eee6e4004af9ddff929fbb2067233a0587febcb6c254505b9

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800583.log

Filesize
336B

MD5
5e7b3ac68f6e2f3f4b7012f69780d8f7

SHA1
2af08d48da25b8fc962c8725a6bf3f7179e2c0e1

SHA256
8af63dce9efb443479361551bbafad833e84e6fc4875819f2dbea67e85ae9391

SHA512
04404462bacbad433605564a5d7503277fe6b11d44c8f217064fec128024291bd72187cb25e5cc4974e2353645804604caffc3aa86c93db407e181be5cb6af56

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800583.zip

Filesize
331B

MD5
2ab5b1cd4a0fb2c49d83378d820f3972

SHA1
8c525a1213a3bce774a23560c40f997036a1bc29

SHA256
50f4688473883da3698e33120e3af37c62123ccb215fa48afd50033b02ff29a4

SHA512
c58850b9cdbcf9231981f6de114272112cb726ffb28ce0d20d67843ede01e1c6b2055000166ed629d6832d80370d66dc2dd553768e03d678be12666ef75ba40a

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800668.log

Filesize
256B

MD5
d12a27265c75dc394053520da5e5bb26

SHA1
3365394daf375bb51688a43eb908b5347d042fe8

SHA256
84015b0edfc5e1bd26ae149e8f550e8c1de73f7b6df16d04ed28140fe1be06ad

SHA512
71c2108cfd0cbe994b6bee85c6bac4cb3f5aa7f1eaf648dce5919167ad9beeae62946a3bfbbb4dd04baa983cc02f3032fc7932a1ebf6194dc3f16678d94867f0

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800668.zip

Filesize
241B

MD5
2f2c25cec648925ada12928ea948603d

SHA1
e4acfb2b66c1c626b99cbd986c18ff8821a4d28b

SHA256
20c271c2769c04a62d85746ceb29c016fd80d7de73ccad10c39e742fc664fd75

SHA512
ec3f9d6dc352379804458a870a28f8875870a379269dba7691257ab686bba23f6c8ee9a19c25219ca0910d9aeae98eaa59459126835b92ff4a9b33d71da3c8d5

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800714.log

Filesize
256B

MD5
7df913dbd6b65f714b7c0a829281eb72

SHA1
c15be3190d3f623e19dd3e1cad002002e76d594d

SHA256
0b2887dea228c9d51aab34052289d488ec6f2196d015aab957f476134b5986ac

SHA512
84809740046fdcccae533703f3ad45c11838c39874c709f2d5338810e3f946a2ce6d4f5ddf2ac719fe3f60749fcb89831f014f48fa9f991be894b4dcb3d305ad

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800714.zip

Filesize
241B

MD5
173c4a1c83d4e3dba2ebb0d9028c0d4d

SHA1
958cd854752897f50e9265c3ef5864945758844c

SHA256
c86b306424b60469e99700fc997c05e8033299349b07e9922adf657c2034e4bf

SHA512
9f1b0223a70f4afb1f8a2f5dd6c912554ec4e20ffe7932f6ec2946947a22f5c791b6610c6b930f7427e33292c56d65b668b15467e33bc822c54aea5d6a1fc0c2

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800755.log

Filesize
256B

MD5
8bfc194e03ec2286c16cf7525b8d2ec1

SHA1
ddcaad0a0fac59f3a9928b86876f96d075883396

SHA256
c0416bbdd2c375a8e7d78b1c1b717118213ca05418670ad104cfef73166f8655

SHA512
63b57786e8ea01dd2a315614e472896c7cb06dc7b43b2865c52842e1051ed61b3c91b641ee56694c6ac344a3acada1324d87ed7ee98c3bf48f1a09e83d75fa5f

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800755.zip

Filesize
241B

MD5
62d1640f4b3a66ef416e3d6ccf65ad50

SHA1
b32a5aaaec58deee72c59afd63eb8387ca1bf784

SHA256
0c18f5dd8f603b0dd1e0e31a127a31bec95deaaf271e008bbea0c0c684c1aeea

SHA512
19d3245fc3f4804c7519548cdf31f3c7535154153c05cc6691631957d32d60e9491f7c3c34fcc59680da65b7c41bf0d876a807e084af183defb896f2019ed2f4

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800780.log

Filesize
256B

MD5
92b61e06bcf4965388489e602c6f841c

SHA1
a42936447ee2516f2f0dfb82661dd487a59db049

SHA256
e12f2fccaedd2b95ea5bba72e192b761c7583b0a1d39ea437de1bf1ed230fba0

SHA512
97757644ccc457d0faca9fd05d649e8cc981084cb7219d563cbd64c691742c4b6e7ed42cfba653347ccb1a4955ac370e8cef8bf4c364f8cd72936f618c3e32bb

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125800780.zip

Filesize
241B

MD5
da90ddd9af0dae8b93f2af0f8b9aff77

SHA1
72877210c6f99b89811c6fb3401919a1aa39399f

SHA256
af85268f49e9839ff8a90fccd7a1ab3450c6d1172f1301276dcc0f1d4111ebb3

SHA512
a1a6b9bad9265554367a77248f24d2a8462674e45da24d2fb9d65b4e10d3c481d7bd349e2e5a9ffea958123c7e4591798e7f084ad9abf0329bf3924f5089380b

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125801725.log

Filesize
256B

MD5
4320fa709a298b4161d4ba355b458085

SHA1
79173d0b843425b9b15624d41908c985caef3e12

SHA256
7f602846be58fd6e9cf3b58b34e5b07aeefe6c20393c4aef400a022d7a1e1974

SHA512
52ba35bbd5e02a66a7991c11add55e327fcffaa625a22d9c98649986f94ad8fbef357d43c9c941277708794588a8753c247c888371f54cb13d9563f5dd7620d2

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221021_125801725.zip

Filesize
241B

MD5
a940580a4f7d188d9b7feee372b6d268

SHA1
307c9c7e7d09409b7398babbff47afbb3664ef73

SHA256
98712af76d741563d39258bcdae423cd39b7753948693fb27d2db1e812220496

SHA512
e9bc7c40e9406f4580224a15e0bc1034871841e93785d90a61c6d6b2ba4daeab1f34935da4355175820c5b1b838aafae8db455c6f24e2c4d075bede70a446660

Download Submit
/data/user/0/com.apps.amaq/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads