d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926

Analysis

max time kernel
2771922s
max time network
143s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
23-11-2022 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926.apk
Size

1.6MB
MD5

6e1a642728ec61cca2c480c28421f9a6
SHA1

86a7e7bdb651b523b419eb9e2045f18f35a5c90f
SHA256

d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926
SHA512

a35f0b79eba748c0de938111094a6df2337752f1f9167223b0781f6ecdfaf8304f5d2fe0a3ff947972f70daef8c62bb93b734f9fd0bf704fcdf3ba3146d15757
SSDEEP

24576:O4yfMMDZWG4iGjTGbx0ECAEokpJ4K9mLbM6qq5MLlIa5N+qMYayebwQSsMWl61ga:C0M0/aqyjeJygU5uXYqydSLWlFkh

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.android.cbdm

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.android.cbdm
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.android.cbdm

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.android.cbdm
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.android.cbdm

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.android.cbdm

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.android.cbdm

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.android.cbdm

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.android.cbdm

com.android.cbdm
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:3993

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.cbdm/files/TDtcagent.db

Filesize
36KB

MD5
d2e4de800126429841ac67c98ffc9b50

SHA1
b69bb7041ae1c47864c29906325a2397140e6518

SHA256
b19a46a3d6bea585bfe9267566b3bfd481c67bb26c6d12411a1a9d8c9455a231

SHA512
edc0361046224a683c461c6c68f5955caaa283ffeeee3c07c81f8fba8a5ffad220377cd77a4cdfab594a46bd86e59bf0052b4b97936e88660171ca0dc4d2152c

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-journal

Filesize
524B

MD5
819e68a47c9be252486d6b75d1fcda46

SHA1
5738e364f640eb250f9f3f95c810c47c938519b3

SHA256
7ade9095f460d71404a1a73085450d6f078379cf5e17ae715852467dd5acd903

SHA512
3c33ed1f6bc94bd59205dad5e59d8047540bb4cb91b2c8925d3a29a1c3037c7f30ee95c3394b7cf98dd46d62f1198c19ff67371de285b6f6a469f5690f69da4e

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal

Filesize
72KB

MD5
08560ba9a6baa98957627f34d91f5032

SHA1
49ab1cda3328c0c1d7267fa723236b97822bd536

SHA256
11b1ebb7b322ac598eecadd4703b96b05a4425f89e8052a2ca8f79f0e935e958

SHA512
298189536bacb0e4e2af9f6d76a7f9969bea9d4e47714a2cb5c6203194c7cc6daf157610fbc3efb37bb67f62d954bce44d2ad2b5bb0c1663b972608175832258

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
127B

MD5
6c1ba3c1d2482c6d2d139f1b98cfe81c

SHA1
826d52f8dd4fbf441456f92dfd7b4498854ee90f

SHA256
fdce2f472746fd16148555fe47bb5d9409fc92b48d23d65dc26f3ea7e0354261

SHA512
98d61f776bf9a91738cf7f241c362e2e9a240130375874e4ac2ee215fc0f56faa458077a7b52c2bbd6bfc934be297b1acb6a655b116e3e5a737a07610979e9f4

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
184B

MD5
a98802de1bd9b6fef65bc3d4e2be6da9

SHA1
630b29b91acd5d8b4a6c231eae74340a584ec706

SHA256
f233a14de7179c7826138fb08ec9feb73a54b0506f0c1c71867a8d8f0a6fddca

SHA512
54107ce46792b3c59eacafad2086c46cde7c3de35a65462f58d60cac89b7a7e4d1e693bc68e6affdd9591053d329dba87f048b3e6cb47b0b48a60c5ecaed482d

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
253B

MD5
be448f74b34599206db59141b61e4155

SHA1
6a819dc2ed6cbc8541dfa264578b8feab3f957d3

SHA256
7c7c9aa95b5d63523a43c9f46b9006a68618cceb17406595c3d25842b94db4b0

SHA512
95740d31e977fa498a29bef96c8e3f95ee8abcd6bd0fbccf7a521f229f5c773ed55459fcc0a5b02fc6ba4b6393c02c708439be030c9a3727f6896df72d7a4543

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
307B

MD5
803f771554e8c101144343a053d88bf1

SHA1
8a3bcdfe2ba5e0a93dee538f8e8548ccde84e9e3

SHA256
4ad1539cd07e53ac0d8e5c79df61d900c6af92b0bb25a261e73b819574a7607f

SHA512
93c465f3c22f46511c29def071dca57cf1bb43bbc5e17152d35a3f3794cf021d8a46536d69fd8cd5f2ce8e92f704dc215d1f400164edde1ef305840ea6253d40

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/com.android.cbdm.InitActivity.xml

Filesize
131B

MD5
342ba22f4c91b39e830059e8914aeb9d

SHA1
a8143d600f05caf414ac10497414c7fd097dd6e2

SHA256
6ed72f5fe03a7e13632827d67a4cad3df95c7b6a8f56c3cb69c00f349104a787

SHA512
5c71a096891eb0f4b454758727b0e9bbc88eb6d82c5597643a529c0df0d8c9a7efb0309c2f12322f344201437b1693c35316eb2e03e1dac038e0d69e4cd8d5fc

Download Submit
/storage/emulated/0/.tid

Filesize
32B

MD5
7101cee15d2f913695d77b112cafa081

SHA1
aaa47f4516feee27d3b8f267bde669e4835da6c2

SHA256
95efba4b752480bebfb18a77c05be19e63b00b3badf1a19a00a60a27d21f3877

SHA512
0c0e48a2cab25ea291a19842c4f0185549f9d147ec22cf976ecd8e9acd9661a2bad6c8ef2f748590c8f0e7f1fbaf8c6320e83e523d5f948df440ecb4b1125b9c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads