8b171c39a4b4d6b5eda5c260a1de8d03f0a8f570e8aa27bc38bada831b31684c

Analysis

max time kernel
2847220s
max time network
139s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
24-11-2022 09:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8b171c39a4b4d6b5eda5c260a1de8d03f0a8f570e8aa27bc38bada831b31684c.apk
Size

7.2MB
MD5

10a36cc772649b05d09cb9c5ba586c94
SHA1

0b0b693a213cb8aa6affd0ad2ebe195a92a1d01f
SHA256

8b171c39a4b4d6b5eda5c260a1de8d03f0a8f570e8aa27bc38bada831b31684c
SHA512

0b028c261b2b46a83d39300b232ebd49cf6c2e21dd14431d9471a28a479614fb24c24ab500ca9ae64d467b7318969d8891f957a53823e3b1e7d74ebb240bd658
SSDEEP

196608:DJLarZUia5WzWcgQVKxYRbjYC8ggyWyZx8qjNqNJaH:DJLga5WzWcgYKeNkC8ggyFbDgNJaH

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4068

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4208

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0

Filesize
148B

MD5
dbfe04060ddfda03c85e3146d8b630a6

SHA1
2da4aa1f19a2ac8456ddcd8af1c6da0342040971

SHA256
7df682abe88d533b396ffe0e2ee8d4af3e4a3d9d86a76fb45c86a444b82985ec

SHA512
5ac9acb450f8bf5f4f8b6d1f00d406397de6e8fc38ff0998b105183ea6fbde646d535c067a853c4a58877663d656276c992ae535b4386acf5d84082a6f7caffe

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4

Filesize
314B

MD5
da6fcb4eb7d9253fa7829e02cc9278d2

SHA1
ec7db7142be6aadb12d57f8608c00ca4f392748a

SHA256
bc80b8e6d5c45bc24acf61d46e703ef566ab8117a9ccbd2d9f38de8677acdaab

SHA512
a2835f3a62315334b4c59fcffe8a8b0988f436356dfe8ac80e038b74bbab3f869e48f3c69bfaedd06fa23246b870c20c0a4b1452853568ea80edae21b846d2d4

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2

Filesize
157B

MD5
7291f1a5a308a2a3a2334aaf5df9f0d4

SHA1
91ab820a32449d8e64901815f4a68f1526f22208

SHA256
cd797e67dbd98220759a4fc48a908fd9b9f31674019674f6bb69ca4ffc32cd6e

SHA512
a791bc909ce571b8223c5fa0f57f32245de033e45bbe23ae4e94a7bafb479867ee78a3859ba695dbc698c8ab38a61427409586b6d7dccec0a57865dd57ea35c1

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3

Filesize
128B

MD5
dccfb824e1032509ce7996b76e399ffe

SHA1
e84b87f5bd4cf7c27284268fb22c33b3385940b1

SHA256
ea873f2d1a34c59a9015b8e5027148c5f045e0ad3449e3e9f53d14946d144b9f

SHA512
d0cd3c6598abe3ab33fa708e18b55f7f88c995f7cb9828ffa6722e43da079df608df0ff25cfac0d1a553169e1e8c122912a3132ccc62b3dc7e0ee4db975b44af

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1

Filesize
534B

MD5
eee45947702ac29e58dcafbb2436fe2d

SHA1
538894eff853f23d507e8a8d83fa80de99843f26

SHA256
77cf434487b4097811dfe49e6166520bb1f8de64b6ea031afab3c6422a471c48

SHA512
7f668eba6ab0e78f2f77ff75894c9dce05279a777c2077149f133ae02ce342996c589b60d20f9ec1ab4e8df4407c809350937863fd29e47ca5b03b0a139c5f3b

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
3b75926005c4a045573c2e2356bed83f

SHA1
a41a7ac4f6eb710fa3933c8d465ad0ac77414748

SHA256
0e954750bf5988f360385e94647ec5b85f30fdcfe5fdc5bece43278846b87f7f

SHA512
e09188c9a373ff4ff9c94695e6bc0316c898eca1e6adf6c8fce45f2aac3bd23241d72b93c54c4dfe9226d84d205c386a5ab40723526cd38a7c12c5c9db64ce77

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2009.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads