557a03d67c1d2e7a05b8793b813b7a0278a2b110b0a27bd7ff8b15b60972d497

Analysis

max time kernel
2823519s
max time network
155s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
24-11-2022 02:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

557a03d67c1d2e7a05b8793b813b7a0278a2b110b0a27bd7ff8b15b60972d497.apk
Size

706KB
MD5

d396a168dae32a5cc7674ad1b89de35d
SHA1

4f2dfbc15933bdc50ca531284aaa6eeffd7c7608
SHA256

557a03d67c1d2e7a05b8793b813b7a0278a2b110b0a27bd7ff8b15b60972d497
SHA512

305142ff93fcebb5d3e43f8aa3a4877992e9ca48385d47d2dd2c52c87cfe1e98b1cd16d4e0bc57631e31d607167e952145ce883649742ae018cea381ee8561c6
SSDEEP

12288:Z/YF3coE3EIu5GaSgNosChWhhu+d7fjED50bR2ZcopiA4AYsKC:ZQy0J5/SgNChW+APEoY6oiAtY5C

Score

7^/10

infostealer ransomware

Malware Config

Signatures

Reads the content of SMS inbox messages. 1 IoCs
infostealer

Processes:

com.ly.jqkb

description ioc process

URI accessed for read content://sms/inbox com.ly.jqkb
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.ly.jqkb

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.ly.jqkb

description	ioc	process
URI accessed for read	content://sms/inbox	com.ly.jqkb

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.ly.jqkb

com.ly.jqkb
1⤵
- Reads the content of SMS inbox messages.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4075

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.ly.jqkb/databases/afinal.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.ly.jqkb/databases/afinal.db-journal
Filesize
524B

MD5
8ef90270964d50a8999ce41501d62366

SHA1
2c960a22894190f3e2f88cb0bf1d28f7340e4b44

SHA256
790c7afd51690cc5a8f2f31ed3a73ccbd0f44a3dad81ba634257c8140c273c2f

SHA512
9ef23f915e8acdf374e33a277e436c2e544a561ec523037d561ae0ce83154aca2bcef857000afb3dac1a09f44756cbcf46e92a9b131244b4d529ef5801c87212

Download Submit
/data/user/0/com.ly.jqkb/databases/afinal.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.ly.jqkb/databases/afinal.db-wal
Filesize
36KB

MD5
04db92c74ad07a18777c25c5bec5f96a

SHA1
aa7a9a8bd4bad06cd8a1d63cebed60b75a68b4ee

SHA256
9f8cb5060add9cfe3c33c0115d18125bf8bd97d8ad513d0774a42ac16feaaabb

SHA512
262c38a8eee114f0f883c81f79fc1f6817a6ddf88b29db21b6e3b8f85558265469178ec1674ac1339dfc6e2de038860c1690b7eab7bd5b788d82c138511435bf

Download Submit
/storage/emulated/0/cache/user_cache_jqkb
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/com.ly.jqkb.start.times/com.ly.jqkb
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads