039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7

Resubmissions

27-10-2022 16:01

221027-tgqemacff8 10

21-10-2022 10:53

221021-myzlasgda4 7

Analysis

max time kernel
439363s
max time network
171s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
27-10-2022 16:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7.apk
Size

1.3MB
MD5

34be434996b9bc19112f875f0a3711d2
SHA1

ad451e4fc750c83a58fe8f7234f1766ad315a565
SHA256

039fc34ace1012eff687f864369540b9085b167f0d66023f3b94f280a7fdf8b7
SHA512

28d6385703c1591853de9bdf7724594ba0187aeb40accf150b877a2785e915c7dd7ef8720f9cc8f0e33793b6c2b6d88845f3f7fb818e8575cf9daf259723dfd2
SSDEEP

24576:RknbtoZcY5eJDj+6DiASSjctlRSEuw/pzIx27hCzGLQLfFK1RnHrmVXyQZ:RknbtoZcY5eFJibtrSEucp97hCzGLQbX

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.apps.amaq

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.apps.amaq
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.apps.amaq

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.apps.amaq

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.apps.amaq

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.apps.amaq

com.apps.amaq
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.apps.amaq/app_webview/.com.google.Chrome.43dLrp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
e7beebe274ae7abdc6f7d17474435ecc

SHA1
09ba898823f4895e820e08a6a90e69b7a772a03e

SHA256
1549f38aa500c10ceb474494cf77819234f23e670c778414ceb9469bbd601e82

SHA512
6ee715c0857099792888205e72a1c55ec7cae8bfe8b73b1f9fb85e65ab4ef76e50cfd7e388fadf2d5fde5d7a9cc260ef27b9443c99a1db89ff96e342d35c80a8

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.apps.amaq/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
97c7b8141b2060b256227c8e44a86a97

SHA1
e2c76542fa454ba63dbab7e23825130cdc2502cd

SHA256
711d8220029cab70fff6f1f78b3e061553caa7bd50be7527176f9577c8b3bdea

SHA512
d64c3cd00311c51ec90220129e815b15918210f377601ee6bbe71de0386938d8736e90214a669dbd06bb7876680b24acc1d0f22ccdb6376f9dea65f9cab7f1af

Download Submit
/data/user/0/com.apps.amaq/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.apps.amaq/app_webview/webview_data.lock

Filesize
19B

MD5
ac20e95874002bb767883fe441ebf155

SHA1
b9cd21bf892b996f32c77dd6cec397e0c9a846cc

SHA256
27486cfa653cac0c46810bfbfd48052d7d5d3ff03e66f4ebd9ff848b234dd4b9

SHA512
1be3520de1fd8db4577c7b2c386619fa562c8c128a9da6799c06b0f45b7c7137041292b43722fa60d28845e2d8efb3fdc32937a39f2a0e81400776855103b5bc

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
cc27e6e686a3bc782c1c6fef92bfa587

SHA1
2474bab7beab96d4866737734ba623dc041b41fa

SHA256
06b6ef972522a5e1ab23c533c6267d7380a925b635adf09399d60854b35f98f4

SHA512
ce4eda793dd0f304eee1177515ad352eee541b7f1acf420c1892df79a9c00a21d5b0253507d3bbd7d34b0c2bc7b38b54990b3bd6ee39d3efb12ca4b9e28d3855

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
a567015d0a81cfec5e3aac024c46010e

SHA1
fb01933282789e2dd3378d78b80938dbcdf4b6da

SHA256
a5e2cea1cafe054c1fd3068c9eeaae050e527fb384eb109438b456e3863e3be4

SHA512
413addaa2105ccf80729f2a3fc163b1bf62c760e9094ec00e18dd4e9ccf993570f9cac4b2d96781d5121bf0de0594466e120ba795fe28910fd29124150bd0375

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
a567015d0a81cfec5e3aac024c46010e

SHA1
fb01933282789e2dd3378d78b80938dbcdf4b6da

SHA256
a5e2cea1cafe054c1fd3068c9eeaae050e527fb384eb109438b456e3863e3be4

SHA512
413addaa2105ccf80729f2a3fc163b1bf62c760e9094ec00e18dd4e9ccf993570f9cac4b2d96781d5121bf0de0594466e120ba795fe28910fd29124150bd0375

Download Submit
/data/user/0/com.apps.amaq/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.apps.amaq/databases/DB

Filesize
64KB

MD5
9ac6f955a7e3a9f0dd439bcede206f71

SHA1
86ddd7e0a8918b5ef67fcc8848da3c1825c73ac4

SHA256
0e16c859f9eed28d9503255ce763544c74285ab38fbe245362a1f396a6c41e10

SHA512
6de65b3d65d3fdc7f6291c4aa3bd6afdd1f19bc301bc2366c63388b7a37df80011e4ad488f3f5e343195b8f7bcf9f773f658fd6c1469cb3a8eea8135206fd76f

Download Submit
/data/user/0/com.apps.amaq/databases/DB-journal

Filesize
1KB

MD5
6ab6f6f01234f3be21eddc9fe65aeba5

SHA1
2fcb37d740fc8ad70c21579bb0fef3fcf99e1b43

SHA256
8126020cdc19e80a8f962fd8769bdb76445b236c0f2350275c61fb9e75492530

SHA512
8390795414339d41d46f9f73789956475094129060dfd0f20414b53c2492264c6050e6e842296873cc0cbbc4d8c89f6bdfbea8ce177141106fbbd2e1f1500101

Download Submit
/data/user/0/com.apps.amaq/files/221027_180212440.get

Filesize
183B

MD5
2d53a79e8ffd75391c26c5fb55599224

SHA1
a1c9908a7b78495967acadf753e1d82c9a8081ef

SHA256
43a487984e8d72a350aa36bf676e8626671e78cb4f1c04040019a8201db5193a

SHA512
103ac75d43d667af1be9687c606338ec418ad8088da1dd23f53f479aa637e34cc702e1eee50de18017fb53fa7bccb57d7fb4c501869f340e772f787a4fd4dde0

Download Submit
/data/user/0/com.apps.amaq/files/221027_180212639.get

Filesize
51B

MD5
01446299e0c0ca616751d7f46a584b66

SHA1
4d8b13d6154f1b2b39ffcd74e254baad30ab0862

SHA256
ccfb0347004502a7cc51851b2435a8e9f5133c1366151d2f78928883ff8015ea

SHA512
a14694bcad77c92155f40c365892d478e43878500db9327f7bd787d7df5ac2f410a6f8429850aa94b0066f63e20ec0368d760556a59da1f7baacef7f1a2669f5

Download Submit
/data/user/0/com.apps.amaq/files/221027_180212734.get

Filesize
51B

MD5
fef9020f17561c20c2a93569d1a02ff9

SHA1
4611b91fe996ccc2726c1dc335a565c66b844fdd

SHA256
1e5a3f825fba1560bffee6e8c6bb6b528bc3a21093a37a181529edc6417d873e

SHA512
4fbe72d680be3088b9465ee75cebca9ef4724b28bb65ab7ab09698828dc52ae75d6880ea631e6655739ad2eff8e3c5fdfabbdaa37223e9a77dfd5533e4786b04

Download Submit
/data/user/0/com.apps.amaq/files/221027_180212850.get

Filesize
51B

MD5
b21b33817f42f6544a7e4becc5dfff8a

SHA1
5bc9bbc9d0a8607b4ed8810476fd5d53d8eaf5e8

SHA256
13584e3172d6d0abaf068d9e47d4c2e811b37cdd17a49684d8f499f380ae23af

SHA512
25c6e471194543969ac4941bdf03568c9be24ff281e1b2c44d238ac8d899c4f12cd2dfd6d9d91553ba2c01eed7e61250e04e2d2bfce7f2855f37e198e319a60a

Download Submit
/data/user/0/com.apps.amaq/files/221027_180212917.get

Filesize
51B

MD5
496ae485a81851e9f9523f4cdbafa003

SHA1
6f81b210b9cb9fc45382b1d97a8a1ceadf18ae0c

SHA256
cd8fd360977454fe1784bbb4b83eeac7eba66e287f2ee7c660ba63fd444e227e

SHA512
8d9f56ab1bdcd6c671ffdb42d0d26076728bd904cfc3c4b0e318555efc413f0efe6281cadc11794f10ca5bcc040f30fa846322489e2ff0461784040b110f815e

Download Submit
/data/user/0/com.apps.amaq/files/221027_180214267.get

Filesize
51B

MD5
9de42559377cc0cf4ced25032b5d9bb0

SHA1
8f6de9141423be1ac2bc9ee6c459cace24fc1aba

SHA256
69c671281d0afeca966a2812a1c18b9890b6f9b28544d7055c1a3ca9fe5182fb

SHA512
a79392a304ec1f61024786ea9f5ce0a037e85502963c91d7f22751b78cf870bd8683e22c559519e6f29bb387ff28d4624614aed0ba706aef1060950d6bb39c84

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212452.log

Filesize
336B

MD5
2494c1b11789f3433cc84c7ddf6afef1

SHA1
3967e3a246b9747f3142d56c96c9bfeb8ce9a206

SHA256
239283d4aa35f775c2ca3f2a59f58d29eb949f7726ffb38055ff39b276d35c7c

SHA512
38f8df64182db7deb9032d54ff277c53df92493775360de6d354e62184c31e9e65e64a5e7b8abc426041e282620d0c13035c50ec4a4b614fde52eaa4a544190a

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212452.zip

Filesize
333B

MD5
7dc0483b5cde535ee8d14facd8e0597c

SHA1
04cd7c3d508c54de1cad887d8d6abd6208e6b8ab

SHA256
5e5ddbf39d411fa3b103cd2f045f0794563be17424f8d844a5de657979cec7a6

SHA512
01768dc6a57b0025859de20cfb8561f6753f953aa46c5ca9b01334bb7c964ed6f4ece4d1aea0732f01bfe3985e4e6560fef743610766a22785d1b68ce81c0143

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212646.log

Filesize
256B

MD5
e7b063a5f81d3921bb2d5e772695f9f9

SHA1
f25fe05267afa40dd83f8b8bd8d7baf553148358

SHA256
ceb55e066301975f5d5545b5526f6cee3d929173f9f0295d6d7a2b28c55f6cb2

SHA512
f51b7993fbc0bf4361ea26a199d4912e45857a0a0d114c9c16107640b5fcd62953dcfd0389d6fe4bfc2e11850822970fcd40ef17029f08b840cbf863b3cae66f

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212646.zip

Filesize
241B

MD5
96a52267ccf7d0e066c3712476051cdf

SHA1
7538794d7840d776fde80db8a5c436f178d96f00

SHA256
15c9a62ae124d59c3c9e91e3c16345415cad1477c04ca8a19fddb542ee26220e

SHA512
625f59828e634c94fd0a3839f0d715cf976a7ed4b38006f4e2888465536e9a0646b738792180be26e8e1f2c54af219ddf4e6640f91e9eef8f3a4f1600813baa6

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212744.log

Filesize
256B

MD5
5f244100ef6d02e910abc0616cd2290a

SHA1
7418a65a8e199763bb8ce2dd65d1b0c2470bf457

SHA256
5d7d3f06ba40b7fd7987338812ba5a59e146bf09aa287b0b707fdc16b62f52fd

SHA512
dac757f4bc98f252faed8691256abbf74dfb52f6da3295e921a9b2df064550e4c2c57d719d251196b15e90a8fd3d4aa3befe3e3822b227390de6e84d3f00e432

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212744.zip

Filesize
241B

MD5
8dc2e1e8ed037ae99cb767a5272217fe

SHA1
db890eb3c593746a440ce4d2fb0cd2a57496fc47

SHA256
7fac51013dd272f3d13e0e04d570e55c3d66cd89c1d5677c4a0a326661a28ce5

SHA512
d7a95590df8dd3140253b58c7337b99719eb67866e1f6d663bc6c9f5b303127eceb28dbb22cc818ef85865663b1ce9b68b9d837435ffea8a683fadf957d32e85

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212883.log

Filesize
256B

MD5
17e01d386be9c4839b18ef328608c0b5

SHA1
405bcb2b98c0967af185877b8fc75d54856d912d

SHA256
0f102ea47de2812b86132d60511044ad765913bf9c7e8e28f6cfe990cb44dadb

SHA512
18fb3117213fc5958f3b441f5844bd9650911ed72f617077a6580571e04aaca000b0a8ebace6857e39073db4bf7de09a323959b31344418b2fbee9c4f90afe69

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212883.zip

Filesize
241B

MD5
a780a50c9a00b047749eef871d485423

SHA1
33d537dd1fdb68d107267b5690d79db1b22ad78c

SHA256
26d5aa7ade20382b1431fae548cbc5c9641fcbdc54160faa4156cd11f13b583d

SHA512
239a6cc8fe2ecc5efffa7bd8d81372efc159a1be92eae0e647dc8669da8af88d006ad596be0f6bc50156e5b90bc37d7e32db8774d1ab6a80a665904c50066559

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212924.log

Filesize
256B

MD5
741dc032a2affd20d0d9f99b1fc7b5a0

SHA1
266b11b2ab13f69aef167cedcc67b089909a4910

SHA256
aaf63ecb0ef322d699d823a212b925785722711b401acf562fd588c28e63a2dd

SHA512
6b15ceb9dd20a3ec24d7ad27557642a8ec5e9c316b643cc6534cffd39d90ed52d855e32aa5e1716bf1a3904718b087ba07c2fda1cc4de0da19e027656e7ec95c

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180212924.zip

Filesize
241B

MD5
8c765cc49a0cef246bd05f466ad9ae38

SHA1
c69855f4397cb8d87a52c7bcf0d6fc86726484f3

SHA256
4e1b5f543010a634918ba1fefbf8f3f3a4f99b3ac02d3954a637d89e5ec0c57e

SHA512
a0332e706360dc5259c8553c72e8f7d3b9f9f1539e85c140e3b2b372b1d384f6bbfc509a39f72d352876cc91e8a14e7d528ecc24d8e6eb1b66f38fa79b5dcbbd

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180214291.log

Filesize
256B

MD5
7d57f4269de32b50b1363c952ed487b3

SHA1
f63d6ecae250f403ccb9a88e84ff6877ba585d24

SHA256
a99df186361c939b314f9bb47cba1d0bba592c46d8ed5894953e3c741fa3da40

SHA512
d5dd33ae54f455fe381e89dffb44fc978776a32617826728b8d3bce09ec07850186a23b39ff44d32aafd867571349728af3a02d65f18edf3abcf877dd07ef23f

Download Submit
/data/user/0/com.apps.amaq/files/363f2be05278049d_221027_180214291.zip

Filesize
241B

MD5
395e13abfcd1acc1df97b3752ffa79b7

SHA1
da277c1be53a21a73a63e3d9fc2f7d1a99fce429

SHA256
38804c6801aa4d8a491d4ebc473f196733bf5b4b63046f1fe74a088cd1367c99

SHA512
b75a60790f229bff9ef28e7222cf4bf32d85a5808f3058cea6732330bbff30f0be0379c0e39032f951c567e62cfd616708003c8fe0d518b3131383e57e3be8b2

Download Submit
/data/user/0/com.apps.amaq/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads