8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f

Analysis

max time kernel
2775321s
max time network
135s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
23-11-2022 15:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f.apk
Size

1.6MB
MD5

5816131ee36a5d08686c9ab9babc59c1
SHA1

67b42cc66d8562510985ee9c4b3ad7d2447f389a
SHA256

8780e349963c4e30602bc7e349c49157c999f7e044a0c30c1d3e0cbf908d423f
SHA512

a9c951ee874da0c0ebb37a14baa24cb7b743ca6c63c9c12bcb365eada27c2ffe31b8cf9f4b0f8c2cef6fe345a9f6d14713dd0172496ee3365874408836d6697e
SSDEEP

49152:lZqwa/JNrF0jWl/wc3/EP0UIJP/Co8AsH:lcwsNB0KjEPRu3CHJ

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.android.cbdm

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.android.cbdm
Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.android.cbdm

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.android.cbdm
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.android.cbdm

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.android.cbdm

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.android.cbdm

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.android.cbdm

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.android.cbdm

com.android.cbdm
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:4375

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.cbdm/files/TDtcagent.db
Filesize
200KB

MD5
76deb1dc808d8e2085c1bcc2a54aef6a

SHA1
552531b321195f5a49ebf6c3dfdf263759632dd9

SHA256
462efdef7a4c7170c3d16a1ca0d07e883a863c130ff0242f00b8f807e1f2c2e2

SHA512
1d9edc8c9219b2213f0743139334ceaf733f3e40dc2f86764c1180600a41897ea2cd4c1c1ffead63cdafe824a7e99b43ed01cfcd43bd91c122eba901164c6801

Download Submit
/data/user/0/com.android.cbdm/files/TDtcagent.db-journal
Filesize
1KB

MD5
d3c73442f4f5bb447408a4c44924a0e0

SHA1
cf65c58da87ca2d75969e19543210722fbc1b021

SHA256
431e0530c400b296de7f5353315e9ca7ee4fd58f7967a07c1b652356bd27e347

SHA512
c59cff8691b70315b4f0e42885c28c010e31f69c7cc5c60cbd2bc6d13ad95461b3a93bdd9deabeeea077e29fcf12e99c3f8fd71cf15456b2f49a49abb1a8ada5

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
127B

MD5
6c1ba3c1d2482c6d2d139f1b98cfe81c

SHA1
826d52f8dd4fbf441456f92dfd7b4498854ee90f

SHA256
fdce2f472746fd16148555fe47bb5d9409fc92b48d23d65dc26f3ea7e0354261

SHA512
98d61f776bf9a91738cf7f241c362e2e9a240130375874e4ac2ee215fc0f56faa458077a7b52c2bbd6bfc934be297b1acb6a655b116e3e5a737a07610979e9f4

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
184B

MD5
ad790fc955be2b93e9f81c8d8a741ae3

SHA1
10981f7410b36a9356579c58eedadb26781289cb

SHA256
14247a87e3a4e6b53342fe24dfe6399127d2bc9d686e87462287a9f259135bba

SHA512
c527595e145be9af72ab7678dc95b209a4d95309a05b52590a143ae2927b526e86a412abf1d9286abf31e17f8222c259629e44e77e0def82e72ac246a221afdb

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
253B

MD5
2d6b0411c329586772784ea0fc5e5173

SHA1
6bd59343397eed09404d50dd89b37b65dcaa8acd

SHA256
06db5a1ed6fc277e6a65ccfc047dfc3d9506a0eb09a7704ba1865f18c00e917c

SHA512
268a288b8a8dcc0a331e4304f1d2e355730af16ee5e22448dd1ca83e9eac1e87707449e2e35fdc37f113a130c0a8140b3c443fec278d63d5a947bcbf1bda1721

Download Submit
/data/user/0/com.android.cbdm/shared_prefs/Params.xml
Filesize
307B

MD5
1603cc200aa2ae5bd5ecef56d4bb1208

SHA1
749fcbb538359d1bd0aa8068437173f355379919

SHA256
ae00a310b2d677d4d4e28cb1598dadfafe21e8010ee0f3a00ce95000e02c6b70

SHA512
8877c9aa884867475b656f51aedffe5e04f53890cc8fab4799cea758cc7c31fc5e27c70ff2da51ec2987e1aefd8f8459b86f41eb9dd72012d2db2f9a1b81d6cd

Download Submit
/storage/emulated/0/.tid
Filesize
32B

MD5
78414c2ce43c3f2e6c2cdbe37df55e89

SHA1
ff1fbbc74b49d4f0da88dbaf46300cd86c5478ca

SHA256
77303d0e1296562c44f681579f0b3b1c7b896264a4db3a34c30bb4d136701da7

SHA512
451681d13e3c1db8bdc13365927519a18656c91dc5949e4c6ab66d9df3a820344643a7578b6de7e448a695fffeae2f8035eebefac8ad8c70b7769c9f3c306813

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads