b5a2efa986f1e143d80be46995ab91bdff3cee1ca17f19b38222de7c4226ce1b

Analysis

max time kernel
2771970s
max time network
147s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
23-11-2022 15:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b5a2efa986f1e143d80be46995ab91bdff3cee1ca17f19b38222de7c4226ce1b.apk
Size

1.6MB
MD5

a52ff18b7677432d274f28bdb766cf57
SHA1

281d6161ae3631c25b24f23b5a52d107540a8c43
SHA256

b5a2efa986f1e143d80be46995ab91bdff3cee1ca17f19b38222de7c4226ce1b
SHA512

b41dddaa201ed614bb9efb9ef67ae0dd5b70d19bb6f9d596ae46710f73714c2e78f7f870aa8dc74bed64937b7383fe1644fb5a73776c9cec93cf42bfd3b7febd
SSDEEP

24576:T4yfMMDZWG4iGjTGbx0ECAEokpJ4K9mLbM6qq5MLlIa5N+qMYayebwQSsMWl61gE:v0M0/aqyjeJygU5uXYqydSLWlFkn

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.android.cbdm

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.android.cbdm
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.android.cbdm

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.android.cbdm
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.android.cbdm

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.android.cbdm

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.android.cbdm

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.android.cbdm

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.android.cbdm

com.android.cbdm
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:4049

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.cbdm/files/TDtcagent.db
Filesize
36KB

MD5
d2e4de800126429841ac67c98ffc9b50

SHA1
b69bb7041ae1c47864c29906325a2397140e6518

SHA256
b19a46a3d6bea585bfe9267566b3bfd481c67bb26c6d12411a1a9d8c9455a231

SHA512
edc0361046224a683c461c6c68f5955caaa283ffeeee3c07c81f8fba8a5ffad220377cd77a4cdfab594a46bd86e59bf0052b4b97936e88660171ca0dc4d2152c

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-journal
Filesize
524B

MD5
89a5d209e7edcd3bb51b78d8d7a5b42d

SHA1
1afc0f6405047ecb2ac534b95ee199454f13ded1

SHA256
974a4ee7f08b55b8269088f4536ad88622a663cbefbbc58f4605ab83b78da1ee

SHA512
52b7d6247dd71e4995f54e51df6924516d8b21149351d3ba389da42f07c1600f217efbde9a5a876df28c328a7034facf58417d3efec947daf3fe6bb58ed90127

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-wal
Filesize
72KB

MD5
4121dbbff7aed7dc6b07cbea9d0ee0ee

SHA1
187f1f176a4543b989dcae448de0ff83c856b113

SHA256
0c4026fc3314ba888f0d108445551163d9acf86de28f37c0e1c22b24acc8e69c

SHA512
98c1dcf8958522624a7fb8f009cde306bde0df1680341d5dd563289ee173fa41d25d0316e5ee49707024f9951cd5ea470884d3da3d8c09359763c8e2d291b274

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
127B

MD5
6c1ba3c1d2482c6d2d139f1b98cfe81c

SHA1
826d52f8dd4fbf441456f92dfd7b4498854ee90f

SHA256
fdce2f472746fd16148555fe47bb5d9409fc92b48d23d65dc26f3ea7e0354261

SHA512
98d61f776bf9a91738cf7f241c362e2e9a240130375874e4ac2ee215fc0f56faa458077a7b52c2bbd6bfc934be297b1acb6a655b116e3e5a737a07610979e9f4

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
184B

MD5
73fd120f6516f3dc3f05629f7dfec47d

SHA1
aedd3d0aef329113371344a3b24a18f5f446c8a3

SHA256
da3522d25302c0c8727b2157eca2beb390ac79589e77c3ee740b495a01c022ab

SHA512
8e444a454a0ccb7a51b2cfb9ca28286c2130503a47ef6ac370bb0ef0d7e4801d2030ec5a9e7acd00d207799d4ec63db970cce177eed3de692fa98c673eeea70d

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
253B

MD5
279f2d175b5ee731cc83e809829cabde

SHA1
40347a79a264afb900e082dfae018ec324ce0afc

SHA256
db3646f14d0433c9ff53fbcdff3931095f2deb62bb6a7fa772172eec44e2ec3d

SHA512
06b3491492d26077cd9afb1222a7d9448036a15e2ce8766061dff1d4c7ca3ea563ebb89ad1f8567821b9d84cd5d7ee7b0008b81599d8fc437c7ea45a68cea674

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
307B

MD5
2fa811b2de27f7506685615e9c8246ca

SHA1
3f9d47802dc8c2410406ff33041f45d1fc07deed

SHA256
920507a91ec7187ec7334dd3513479f304b0397c5c9e49e8619ad43068439070

SHA512
a4e4db5295ac545f1f7b75d07276df117b7a0285619bd09ac0baee372046d9f2dba199f29ae15e1d73f8fdca71d7890d5ee3f4ffc77e3450176ac112cf79bc91

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/com.android.cbdm.InitActivity.xml
Filesize
131B

MD5
ea042091ae5fdf7d67e6977cee0f953a

SHA1
4b679bff6b20226cc5cd721ccafbc4e8ae7618c6

SHA256
1187959210c1aa9277df939ad27333c5bc4c71cbe097b97b91b8adeaca0f826d

SHA512
54a845928240e883de1fee825cd8e56cba8c626808be335aeae5a1b679dfa043e5a2c9a28f6a1ed5e22ee782536319041807930b904cd64777795acaf50300fc

Download Submit
/storage/emulated/0/.tid
Filesize
32B

MD5
7101cee15d2f913695d77b112cafa081

SHA1
aaa47f4516feee27d3b8f267bde669e4835da6c2

SHA256
95efba4b752480bebfb18a77c05be19e63b00b3badf1a19a00a60a27d21f3877

SHA512
0c0e48a2cab25ea291a19842c4f0185549f9d147ec22cf976ecd8e9acd9661a2bad6c8ef2f748590c8f0e7f1fbaf8c6320e83e523d5f948df440ecb4b1125b9c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads