Overview

overview

7

Static

static

7

fa1fe4140f...d6.apk

android-9-x86

6

fa1fe4140f...d6.apk

android-10-x64

6

fa1fe4140f...d6.apk

android-11-x64

6

Analysis

  • max time kernel
    2821844s
  • max time network
    149s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    24-11-2022 02:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa1fe4140fe76d6f4672c9f62d5e634353fcfc8dceb687185db62d27daa199d6.apk

  • Size

    2.9MB

  • MD5

    51b57fc5f41ad44e4e9c1b6b4a7147f3

  • SHA1

    c9ccaee94962b66a96f8325ddb693e0f8c6ac1a0

  • SHA256

    fa1fe4140fe76d6f4672c9f62d5e634353fcfc8dceb687185db62d27daa199d6

  • SHA512

    82199fd1878a7b99d63fda33e4d6774a7faeba6c53517ba2307d45b5ff7410c25e54ed9d16c5f6637aa2f118e0a098a1adeb454c10eb789a8c7a93444aeb87f5

  • SSDEEP

    49152:y26aKgaLP/YPU9tj2ifv+ieBbP107K7qiVrjrYFkZuiBMIvHdZ086e8qkzmhuuXN:eaKgaLYU/nxec7GqiVrjrYefBMCr086O

Score
6/10
ransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.zhiqupk.root
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4518
    • su
      2⤵
        PID:4573
      • /system/bin/sh
        2⤵
          PID:4645
        • /system/bin/sh
          2⤵
            PID:4679
          • /system/bin/sh
            2⤵
              PID:4705

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/com.zhiqupk.root/cache/root5
            Filesize

            13KB

            MD5

            c110d1870e0959a5471b2cfd2665adf5

            SHA1

            76373278e47563424ba4970b6720954d23bf9007

            SHA256

            775b6e3621bdb8c721002832a09a4df43c625f74534df511efe78bc1997464ca

            SHA512

            8780800d4fbe01e8c1adaf2204ccc237ad582616713529169468e3588a30ba4c5be77ebd30d3a9ad5208bc794e9e156de65d99c5b9c55e9d1d17b2e7a6811880

            Download Submit

          • /data/user/0/com.zhiqupk.root/shared_prefs/com.zhiqupk.root_preferences.xml
            Filesize

            114B

            MD5

            2b1b57482edb5fa91d914227a601fb65

            SHA1

            4556cdd17be34b54a1bc9639c4e047c8ac2b1d9f

            SHA256

            6bd963d3a93222bb125dab03570b033370e66644eeb45aacb06d895dc4794114

            SHA512

            b42f07fbd33965e46d970bb51476e821f9f49ce9c091d05bbefd106333c67b80f71594851f86686411f91c4da774fe365c6dffb7238215b0dd4f896c435e7c42

            Download Submit