0f43eccbb16dbeb6e17ed7f5bf419d896ba71f3f5a8891fd604bcf79aba99712

Analysis

max time kernel
2825853s
max time network
135s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
24-11-2022 02:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0f43eccbb16dbeb6e17ed7f5bf419d896ba71f3f5a8891fd604bcf79aba99712.apk
Size

657KB
MD5

23e29e3a7f0d786195ee299a14ee42a8
SHA1

84e8203f283ffba65df9153ed517411877bd2d90
SHA256

0f43eccbb16dbeb6e17ed7f5bf419d896ba71f3f5a8891fd604bcf79aba99712
SHA512

5a500cc9f50931104a74e33703edd64edc08b3a0cbdbd3df7254a868e50c4f73f230e044abb67abd5cb86a29ec1d36cc2dbd0fe576bb35cf9f7fada83bd0f29c
SSDEEP

12288:DhW3PqQfRKInXY7h1e93BpW5kwOXpiH5EAQACDxZAf7evdP2P:DhW3PBMIYO9iuv5iH5ODxZATevdPm

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 10 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.saloon.eu

ioc	pid	process
/data/data/com.saloon.eu/.塾퇰ጭ	4742	com.saloon.eu
/data/data/com.saloon.eu/.塾퇰ጭ	4742	com.saloon.eu
/data/data/com.saloon.eu/.紣ẅ콒	4742	com.saloon.eu
/data/data/com.saloon.eu/.紣ẅ콒	4742	com.saloon.eu
/data/data/com.saloon.eu/.귕ꊛ洬	4742	com.saloon.eu
/data/data/com.saloon.eu/.귕ꊛ洬	4742	com.saloon.eu
/data/data/com.saloon.eu/.㭖ꕕៜ	4742	com.saloon.eu
/data/data/com.saloon.eu/.㭖ꕕៜ	4742	com.saloon.eu
/data/data/com.saloon.eu/.粱ㄐ篆	4742	com.saloon.eu
/data/data/com.saloon.eu/.粱ㄐ篆	4742	com.saloon.eu

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.saloon.eu

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.saloon.eu

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.saloon.eu

com.saloon.eu
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4742

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.saloon.eu/.㭖ꕕៜ

Filesize
1KB

MD5
e520db605f4ba9a4da851b28d768adac

SHA1
f8b6cf050931674a0e8bae0798c4e99bd2f8a2e9

SHA256
03e7a89083635c1dd31274a7c26534fe1e73399b4773f26e7fbe51ef28718f60

SHA512
fd487818a6b3ac0819b2f8a803c1982a3523271bee1df0f202132bc2c26d213bf96133ce2084b5441db8a4c277c8a3da2c85d8d65b170abdf96c1456a9d00a1d

Download Submit
/data/data/com.saloon.eu/.㭖ꕕៜ

Filesize
706B

MD5
7fe21e1bf33192a438ae955eb1d8fb37

SHA1
5d7217e8c4c34e7b4aecdcbcf4358e0e81c85875

SHA256
d6d8aaa8cb24ead6132e78c452d29f5143408755a0dbda7399a4410685097e4b

SHA512
a790d22c17a732bfe45c989b366c9a2b7dfcd4684a0ae946f188bbb43082e79905642e286ef128921f60df2c75e3ed1ce83f46c08fc1b4f2e877cf30cab3938d

Download Submit
/data/data/com.saloon.eu/.㭖ꕕៜ

Filesize
3KB

MD5
be32140ce20fc9766cb127b76e23ffd8

SHA1
5539f39d135e864653080516b2fad8134720f698

SHA256
3cd5fd5e9397fe662ea959e602b401b6c3a7495df8702427d945692fbe177514

SHA512
f7f5cb1788e09942a4f86d538186ea9c31e679e425b4bc12e350c85b85dc7019bdc8e7010fba3e6bfc1a0470ad156aebe19c515e0dc1f02e59c58a6da8cbda73

Download Submit
/data/data/com.saloon.eu/.㭖ꕕៜ

Filesize
1KB

MD5
cb0c1d210765df48722552fae95bedcb

SHA1
2523c69dcae0635a85513853cc9a5d3b9d3e2556

SHA256
b9049810aa54cdf2951413587e440799f01ee117b704619802fc9f1543e7c190

SHA512
1c8869c8b036f4610e9b413ab228bc02fbe87cacebce4d9f2be5487fe448813539ee92d820a07c3cfbfe2f1e442ea6cef72f5c84f44dc0e596aed94d5fe9317f

Download Submit
/data/data/com.saloon.eu/.塾퇰ጭ

Filesize
1KB

MD5
d24d83cff8bf087f4fc10f2ff8ef1790

SHA1
5b0a0458920367f9ab4268a41171c5b73d7c940a

SHA256
69db8c3b65571f564c91aafeb73fec6dc32cc4a48a17a524ef844184e94bbc43

SHA512
64848f80d01e8066b0d3e67de288b65a8e90de97f31238d5ed13525bc20c0b2eef66a7344b93f7acdf26d1ec22a60f173dfbec4d4de434b73eb483726c8c3dcb

Download Submit
/data/data/com.saloon.eu/.塾퇰ጭ

Filesize
938B

MD5
0d968302c237c253ff741d2831a53394

SHA1
058e4226ba7890f17d788c98651d25126f6a9dc6

SHA256
abc791b8eb87ad50c09e53dbdbf7b0932f3425bdfbc74b71e4a615e34e40ccfd

SHA512
9c478b51d52024521c231e9b3a4bb47a4fcdbde9c8a23296237c5016a45b6b063cc94b913811156fd92b83cc47e6e3dbdbbbc81c5696903c4a6f451f8783cbe5

Download Submit
/data/data/com.saloon.eu/.塾퇰ጭ

Filesize
3KB

MD5
ebae1b4bedbe7260c5db972a6a67b0dd

SHA1
61e5e00642c29ae99d6e3a414aa25513c4c27292

SHA256
beccc76d08ba889d322a31b7d4f0b299c18a66980ca51e0eeea61287a26d22df

SHA512
643b2993dbbe121afbf6fab607ddbece384af87c1f31b6045d7d35835fc9c9a2313043cf3e1e463693bf0906e6f08d8c5a7e398fb4b50157267d7fa54011419f

Download Submit
/data/data/com.saloon.eu/.塾퇰ጭ

Filesize
1KB

MD5
7f27da001b88c368692bb0c1022a12fe

SHA1
8d8720a4f7e28f8c0799a09dbbae95ddfee1ceab

SHA256
561cab29bbc44feba98c1873a681949e6f6cee3abcdc612537e8c9fb4008f471

SHA512
fc46f7d78f3bed8182f8560068c94f2760da114c40767438358024a1fb3fb946d36b890adbe680ff82642d7773a8eac90e8b51b8985834637abea3020163c5da

Download Submit
/data/data/com.saloon.eu/.粱ㄐ篆

Filesize
1KB

MD5
44a4de6b318287be4f512574b9ead607

SHA1
ff1eb2a773892bd4d5de1f8c0168f4be4894e1b0

SHA256
22a50d306f6932e544d5958eb6baafea4f39ed87b08c9e8196f7f71261415794

SHA512
1f320da944c69b064d993db84419ad078fc31d09a3a2a146e54533c233bf8f4deeeb39efd3c3917cc67e727c788fd7d8eb9d57fdf68c34345235e3a0d6b48e06

Download Submit
/data/data/com.saloon.eu/.粱ㄐ篆

Filesize
620B

MD5
497e33f70ecf6e10a8e7ab15c6a575c4

SHA1
ebe7b1af40f17750d131a0197739154fdc9bfc62

SHA256
81706cf3ddaa705185d01f4964c9dff2c40eab50eaed725d19f71235f9a2b8f4

SHA512
f19309af448e1878548a11d3f27b794179d24d37b35447a92a9b386858b6fc2b8499f2eae1548dad7adca8428ac98bf3cbb195ac64443014f751be7fd4670dd3

Download Submit
/data/data/com.saloon.eu/.粱ㄐ篆

Filesize
3KB

MD5
6946113b530d4df64e167ca81c230e80

SHA1
a2964ad58c84bb8c1b8ddcde4c5ddfc9f7ff70be

SHA256
bdaf6106dc5b1ade476affa347a39825dbcaff801418fa20a47feb05fe361beb

SHA512
0617011ccf47867cff2393630d520198878c4b0cfe91d1796fc4feccab699dcb43a8d4404269cdef2abf6a7be4ce9566bcaf63192384fb1c2904ed154278e2d8

Download Submit
/data/data/com.saloon.eu/.粱ㄐ篆

Filesize
868B

MD5
bb8a3e90318a523a8cc4ab84a1725b71

SHA1
402237eb1a4ceb753bf1beb345c868a26a8d7693

SHA256
ec5061e736cd96d21b40099dcfc47a9a3bb20456f4350cbe078e55bb5dbe19df

SHA512
e9af0a5131f6b76841102e6fde7567388b6f253cc1b1cf51d538cc71ea9af0dda51e75dc8de9b651becaff4bf3a2bfb7161c4d6239d7fb0dbd9fac55933f78fd

Download Submit
/data/data/com.saloon.eu/.紣ẅ콒

Filesize
1KB

MD5
fe44588a49507900ee48842498416e43

SHA1
6d0eb5d88fe81fddf0ce1c93ff9f04d03ded0b9f

SHA256
146ed1c379e4aefdffab0f2d19d36b228b3f37386cd9cfae1f7bba6c9aafa32c

SHA512
cdfa886182668588ca03e86fe28088e75daa1be4a34ef53a626344b6bb9b1c320e89b0dc9ad345b1c38fa2485a6e35fefb482544ed061975cf7696fd583281bc

Download Submit
/data/data/com.saloon.eu/.紣ẅ콒

Filesize
1KB

MD5
fdecd787f6a7d68a628d4b4b603e125c

SHA1
f703d7918784b3ca9f5a25fc06dbbe1f3e899cb2

SHA256
40152a69325d1e9415dea9430fd6b420417e53f718fe37f872576d396ea96193

SHA512
095c51629b8ebebc5109f1326255d1d328a854393484eabbb4c8e88376838bad7139f0bd0a2baab1d895b44aae6580134892bc7f60d2abca075d2af38ac257d4

Download Submit
/data/data/com.saloon.eu/.紣ẅ콒

Filesize
3KB

MD5
78536a87223bb9f4603b2102b3ebfbdf

SHA1
24a1dfa7a8b046e12bcfd23d9998aea4e9ea7967

SHA256
7448d6d0b25da89950179b54f0448999a08d83d4d90263b11e3b88f56d791c2f

SHA512
1deb69ef77397e218ce8dc794ff2d43830d15218744af4b1951e1a5e05896c22720de615f98c2ac205e9ef4a6571c33f8481dae60dd1324e82932ea8f86a9ce3

Download Submit
/data/data/com.saloon.eu/.紣ẅ콒

Filesize
2KB

MD5
9f6d551b9e3260f030e13f242a0dfa04

SHA1
431bd7f772dde68243ece8076168e89780b39776

SHA256
8e866fa798b387c6decf242510077fc6f70201492511e732f0b36a614de793e2

SHA512
a5b05c3435898080f23a160ec94ca50fcb268a98243318aa5774e5b7e09ffb91029ae5755790935268317e4b0c36a8769b30b12d1a48e6237ad010fc3b670a6d

Download Submit
/data/data/com.saloon.eu/.귕ꊛ洬

Filesize
1KB

MD5
32031ddb189ce07e558758ccf7c9105d

SHA1
04f91120d9ba674217cf5383453a51f924998658

SHA256
d5d1b1a9c65234133b3fed2ac143579301b3268eed585363b887466838319252

SHA512
d9e820b8b71cb6cb8923c3cd133b24b59f86d057505fa9d64548af1c1d655ea2942d75b24b316dc0b17048e6e13dfbbfb1caebcff4000203adb829ce0dbe0281

Download Submit
/data/data/com.saloon.eu/.귕ꊛ洬

Filesize
871B

MD5
fd0b8ecc64d07eed7f1630def6e1cffc

SHA1
b27e718d1ecfdf21ba3d431068185c7e111a1984

SHA256
3399e518eee8a46b5f6a3d68d0c3dd41152aba7d6ee7f5c5446a4bc9b0b97e01

SHA512
ac1f8765f013011ad4d4f2f20ca08157affdca8f25899a216586c9b5cce759d54494b8a432548da641236f5f5950324d0f52159a980a7c0bff81cbef360a1522

Download Submit
/data/data/com.saloon.eu/.귕ꊛ洬

Filesize
3KB

MD5
6405f5148c93d06d5429ae0234b6dfee

SHA1
e7285cdba58c938c4b8518b716eea48099aa44db

SHA256
337bfc8ed41a6f31a1353356ecfbe2579fb082f4cc4a37b40bd06992af47f7b2

SHA512
b9eba5debc37d5c93b62c8ac18be9f4d26d03913338783ef1520f62ed10320db882e9fab8e23d1347c3076c8bdf6f1d8a2963d47e584dd4ad24f0a53c90961f4

Download Submit
/data/data/com.saloon.eu/.귕ꊛ洬

Filesize
1KB

MD5
f6328caa06f98d2eb60ffeec8a2efba0

SHA1
23efff98229e307a8dd0198dfe03d8701e4d924b

SHA256
3455ea94dbffc4c998947ff852e72764ca5720adfefded0897e2b14765ee0d29

SHA512
0f353317a4cecd0e0b68c3532d56a2c80996a90f330435af7c7708e45ae24a95d131c36caed72bd9f5e244ed1cfb3a2563b5e6a51c45f6b087451ec5fdf3f1f6

Download Submit