d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926

Analysis

max time kernel
2775266s
max time network
166s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
23-11-2022 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926.apk
Size

1.6MB
MD5

6e1a642728ec61cca2c480c28421f9a6
SHA1

86a7e7bdb651b523b419eb9e2045f18f35a5c90f
SHA256

d681719c51d99cd74d9e933f041525f9ea3687f6f6ce94ef6b59cf9af7e76926
SHA512

a35f0b79eba748c0de938111094a6df2337752f1f9167223b0781f6ecdfaf8304f5d2fe0a3ff947972f70daef8c62bb93b734f9fd0bf704fcdf3ba3146d15757
SSDEEP

24576:O4yfMMDZWG4iGjTGbx0ECAEokpJ4K9mLbM6qq5MLlIa5N+qMYayebwQSsMWl61ga:C0M0/aqyjeJygU5uXYqydSLWlFkh

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.android.cbdm

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.android.cbdm
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.android.cbdm

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.android.cbdm
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.android.cbdm

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.android.cbdm

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.android.cbdm

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.android.cbdm

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.android.cbdm

com.android.cbdm
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:4606

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.cbdm/files/TDtcagent.db

Filesize
152KB

MD5
badcedeb2bee26683a3198e90dd235e2

SHA1
b49033eb7cd4ecd818c00148aaf0375edec94bd7

SHA256
b64def9001dd923c68a91c1ecc7e89eab460107f2b60ccfa3de3ebc6dad5ef83

SHA512
7897961f8269c07a5160830538d02854066b4da3a9e0123ab9bc684dc1ff5889fb5c9157bf0269bad9d26ec64f7a0f53eaa5f6ee4fddad618aeb7665e90941c8

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-journal

Filesize
1KB

MD5
8c95defc2b28ca1e92cd632426a4c910

SHA1
a6910fe6dc4edcc1381f33a76db1642741e32b9e

SHA256
c5458c5bc119085dfe9f4900bddb98d7d3c52253fe3ea2718e94f7891df9a5e9

SHA512
f09f3d0cedbe8f330edd61c8a18e2965df7f8dc95520eac068827f670e1c5cc032c76093681ab4b5a4060529b52fd3b70cfba4db6944c96a1e919ffd7c0ae682

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
127B

MD5
6c1ba3c1d2482c6d2d139f1b98cfe81c

SHA1
826d52f8dd4fbf441456f92dfd7b4498854ee90f

SHA256
fdce2f472746fd16148555fe47bb5d9409fc92b48d23d65dc26f3ea7e0354261

SHA512
98d61f776bf9a91738cf7f241c362e2e9a240130375874e4ac2ee215fc0f56faa458077a7b52c2bbd6bfc934be297b1acb6a655b116e3e5a737a07610979e9f4

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
184B

MD5
cf0cee3555fe1c7482ca70e09cf3a2ab

SHA1
fdef96e7e78150b1b8b93fb40f6a7f45c221e07e

SHA256
9c9c566072e226bd6916360a59c315e7f1eb3746303daa0371a0aaf95b6ab152

SHA512
564fc10e96d600bbcf7cb70cc7751b98a80986cce6a37c80ba3f29a5321e8b8189f702565c110736d3704bf112832a7b98439f8c3971289ebb83e9e085e555a3

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
253B

MD5
83c103c3c7b23d6d1188ba8a974624e6

SHA1
911c542ceff18a71d38a9c195172daa7e268e08e

SHA256
edefb865efef46ca41a88e960b2abf3983721fb35390def6e804f3aa7d7629d0

SHA512
4dde3bad8ffcb15f1556f809cea1682ec5ab22e7465bcb60cf9dd0bf525b6b7a3d5466b2604c47dd5f3967a6c630c4db289fca3ba2850a274eedbaa988f02a1e

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml

Filesize
307B

MD5
d91febd66adaf655ecb720998e5f9199

SHA1
314c0c3d0a0c188c233c64c50e5628b6adf4e578

SHA256
78ccb2d8c9b5ce54b847c5325f2d8013b193afa4ff0f7cf80b55f54ecca19432

SHA512
370fc06208b284cd3b37eb8f4fd59540b2411fbf57d489aeca88cbe2c4f12b9556b672585c93d1bf0efac1400fdefbf0d731f1db05825bc044f563cb7a7474ff

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/com.android.cbdm.InitActivity.xml

Filesize
131B

MD5
249c9a7e1f717b63f3f8d0cb00767887

SHA1
d09ae1522366d8442c54c1160df4889d4af1aeec

SHA256
5874dbf96e7fd8e76fb833dd1e3b2fc3e3eb24edb776bca19fd921890869f550

SHA512
d0b5368cfa2759536b918efb8bf01bb995ceebd66960cdbd5eac3b2259c9ca48873d0e8c257dc93edda3b1c9fc94042daf8119999f0b4b4cea7befcaab1f6915

Download Submit
/storage/emulated/0/.tid

Filesize
33B

MD5
971d0ba21d65af671c81a3026b8a4d59

SHA1
18518fb00c6dcb7e9ec55a5c782166b9d97e233c

SHA256
40ea1f57b8ee49eb10784c77b445c4036883cee0e25308996d2de396a602eff7

SHA512
fa19b98edc173f87e0bb416a4cceb1d475b7761cf5e528de8263059b3317ec38d5f96a0ce91506caa288ab633dd9d9730160cb481a0887a5b4a187f254529185

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads