22ecdbfdb6be92901c243252739f0c1611d1d94b409efc45b81ccf4efd044aa8

Analysis

max time kernel
2708609s
max time network
138s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
22-11-2022 23:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

22ecdbfdb6be92901c243252739f0c1611d1d94b409efc45b81ccf4efd044aa8.apk
Size

7.1MB
MD5

0e3576ad845efb5c6a94115e4cf7fde5
SHA1

e1536419d219ae85e6a4624f77219362e1dcf995
SHA256

22ecdbfdb6be92901c243252739f0c1611d1d94b409efc45b81ccf4efd044aa8
SHA512

921d49c7dcde4a8b8103f37364b0280328db4da470dca7b821563c4da4d1fd072b7044d178e44e6aed1665acfc946a0e55c0bd258bc9bdd633bc0855ce9cb0ab
SSDEEP

196608:sJTUrZUia5WxWcgUHBgNaxyZ8gYWwyZ7AOVBSk:sJTSa5WxWcgpIwZ8gYWbR/VBSk

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4101

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4214

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4349

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0
Filesize
148B

MD5
3134d59d61905ca80fc05a4e525ae388

SHA1
29d9fe5ec343ead7ecf682853c10d08d9d0951d1

SHA256
1549a83da8797bd20201e8cd6867c67350c720aedb054916df68b9f81c8db346

SHA512
57ef2f1b4482fe68c9423a49a5409a8d8784387626101ef52487dfc24b10d8e4b6b431d57ed34d22b94453ed30f7ace763dd544768b8a2c868a4440cb390abd5

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4
Filesize
314B

MD5
e3dbe39c8e6cdf7e14762daef355a55b

SHA1
f26a2b7d61eb3014ebc72c5f6e68bdb05d0af406

SHA256
cb8a1859d4d91016a15804eb4e1fd68c42088225463dc87fa6725f3bf6dd0c7b

SHA512
32156c01ffe0bc26f1a31539568e0fd9694a3e780c5aa87dd00c5e06b9316aee9b06cb6f4bc2429cc08b4654fa8903f995711cfe4a21ca2ebe16a3e9e4571a0a

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2
Filesize
199B

MD5
efb1b3fe46a91e3d27d47e4261f04d3d

SHA1
e7601c0b562fd30225fba6635841b87c3a20cb34

SHA256
ce946f9646db36bd791849d7283b658a5bbf5c5307712c5f74e2bd6f2f7f1202

SHA512
737957e3cf000e511b1291c439d3f2f328c28691e75770af51f46d93dccb0acfd4e3bf8d0c044b4b96ec03670cf04b1943f940480aa13f98d0fd8ee926a409b0

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3
Filesize
128B

MD5
30dffada00a79ef878fe35d551d9cefa

SHA1
54059d33c9510b18ed737f8c72409ee8d1d01e16

SHA256
33bd9bd397d058464923c605c01d8bfcb3c2edd1c7813b6d71ddf2c9a6ff7948

SHA512
948bf30d8dbe7ccfd9c9725cd2ae54276e47738a4645d0106e49a56522a90dc5e287b9bb7b2c100530ff9665cac1934cc7e3242774c0c7d7e04b99386145139c

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1
Filesize
537B

MD5
4d46ec9fd3e9436483e5949c3af88e4c

SHA1
8cfcdadaf04c811fc4a7dddaa61a40d85d23f671

SHA256
2b2c4726654434bb2d3657ab91e39251f44eaf1b69d9f779737f6f821a1be824

SHA512
e7f66e31e68859b785a3516def8d10dca39435be13f6a1a9e5fff56772bb9b5292bb96dccb8b17d37ec77d6a99f0a8686b9b7d336328a386163c6a4f478f9f7b

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
726e50987241808d3561aa30a76db907

SHA1
4912376ea4ec4626df41ce75aa06e8c9fe311f14

SHA256
6b8b02889dba97c5478d58048c1e07f75646e34f63524262bce48d8aaa5b481b

SHA512
cc8cb280f0c7a70b7ba58c186c93b711e7dc390a790728a8dc8996122f1983361122a656b66a1675a5a7f3c5b9474c08dc4bb0b3246474dea1454fff55053f1f

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2009.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads