1a89482cdd1e8d609b57d62a7c3b59029578e3df0c21defa6b5bbd6d1a798284

Analysis

max time kernel
2708736s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
22-11-2022 23:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1a89482cdd1e8d609b57d62a7c3b59029578e3df0c21defa6b5bbd6d1a798284.apk
Size

7.2MB
MD5

6dfd521922e106cc4b2d058eb617c3bf
SHA1

6996184d3026cf8e791843fb572270bc176ba5ad
SHA256

1a89482cdd1e8d609b57d62a7c3b59029578e3df0c21defa6b5bbd6d1a798284
SHA512

db32a2e6e21505d69aa651300c027a65859e034bbb354fb389700e0a7017dfba7e37ea9b7223bd03b80f0ab5cb47273503db3553161748020fc6ce60d9ec0465
SSDEEP

196608:VJw5rZUia5W1WcgQBKNYZ1Lj08gUJkyZTSqjRcMiXx:VJwHa5W1Wcg0Kizv08gUJ3lxyMiXx

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4102

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4194

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0
Filesize
148B

MD5
21b3e05f7b50a7cd9a3a50d11656a2ba

SHA1
59e0e94398e3627b666f80fc8da4a558ce9fbf51

SHA256
6de89c6d8744eafed8a11fc753d003ca94a31b97a30b60fdabb596cc076f11f3

SHA512
753699f9e3fb0a22ddc55601f66f617b6d7078165d610a5f5879169202a593c99a35ec31c941e09fed77dc165149ed98797d3051ca9e1ee068a67eddb4635f37

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4
Filesize
314B

MD5
273a8904e991b10f96f2a7318103b4b4

SHA1
b1ca6e823f460cd3a696d8baf427f3403620377d

SHA256
5a8c616d680c4e1f38806d4904c87cf990bf442e13455e7f9d3ad88f2eafc43a

SHA512
2e4fa0aa8f39523c20dbc5e6963b173ac8928d214aed5bf487845d2cc987eb6be03c9d6c2691b603ccb3f03be33ed829f570298d175151e33f98ce3a2b65d07c

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2
Filesize
157B

MD5
9cb273e8d18115bdad927c71faba8168

SHA1
54a51d419e366086c431275778e717d8843d738a

SHA256
be16e46625f810d4f087438b3ca30a06e12ba44740be691445928e767350f662

SHA512
beba07f2b51790da88de6b351c5a7e2a3794ed7e99c06f4bb766ed782b0fc39c9c79e579129a49806a2dd351f7e29be8d5ba7ea9a3fe44610ebb1e207f3899c4

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3
Filesize
128B

MD5
33e4b83e5bd867ca818971df457788b1

SHA1
5fa92bfd2f381cc6518318c275dafa0d5b5f7212

SHA256
feb28336676e3a14d80b5bf407632227f30ff363c53f8ecace1c4ad0bc7986e4

SHA512
431e25969962ebbe7864822252718585b330aa451970ab246978fa200290b591df9e51aac1128b5ec0179ea4f6469e7677da8e5779fec9d35a31182fda1847a5

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1
Filesize
534B

MD5
c3026b945f77bba2b96c15f1c172b9aa

SHA1
f3655112d47cb47ad2adc84e3cf988767ba63e02

SHA256
a3b5035a72651009a1da8cd29404d7d2bdd2aed3f41df7aca7124d6e6b8c6977

SHA512
20ac3a7425b29c32c6030eebb17359936bdb16a1b3bb40fc0a456074a233fdc0b9e4d8c7fec65dbb0fa0cc995f3260ae06d1126c37b2b6050787ce78c5183758

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
ec70ac8fccdbac1e27e7b430113ce46d

SHA1
e8991a2569c38803ce284d50ed7b730e67556d88

SHA256
2766a19d70b3d9961e2667fc785a361c1ca34e87d1f43cb96aadf388840b1d9c

SHA512
b6551a9c9eb99211ca2ddc44c6a3fe0d4f36a730947ed3955c9258c58d36335173b947b0a49b1c9371e635613f6793acb715a98e487a769c0639775ef3c054db

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2009.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads