Overview

overview

7

Static

static

7

e9a270a23a...3a.apk

android-9-x86

7

e9a270a23a...3a.apk

android-11-x64

7

Analysis

  • max time kernel
    2861244s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    24-11-2022 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e9a270a23aa545669536847f00366379db969b68b0086aa2e3cf8dfd117b933a.apk

  • Size

    7.2MB

  • MD5

    b53f1373fb93049067297cf2ad20fb64

  • SHA1

    cf376de7b18ec199e7c9bdd6b9451a7e5a64abdb

  • SHA256

    e9a270a23aa545669536847f00366379db969b68b0086aa2e3cf8dfd117b933a

  • SHA512

    c5ff7944ada1e694045a825fdc592b158b7a612b67584b7517121726f0efad674cd556aac7ae9f3e274419483034695f07cb4a16a27c8bf21fb9d4362eb508ca

  • SSDEEP

    196608:BJ7/rx8qCxuEWcg4FyhIh2viy/7JxyyBNh17Nyh2:BJ79CxuEWcgQyec6y/7Jx5fhRNyh2

Score
7/10
ransomware

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.icloud.game.wrzjh
    1⤵
    • Acquires the wake lock.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4103
    • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
      2⤵
        PID:4197
      • /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
        2⤵
          PID:4372

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/com.icloud.game.wrzjh/files/act0
        Filesize

        148B

        MD5

        4ef72fe924739d54de6a3ddafbf0119f

        SHA1

        5f9926cdc1f5d48da2d6f2b11dd3c82f993debfc

        SHA256

        45abf30279e04c00a5a8a729fbebfecaaaedc8b828886259258b285bd4f41af7

        SHA512

        d9dc7fe9c971cf4dea1af1e9a8448b4188f1ecf1966760740f8465ee60ca8a740cb7618c3c4f37446e1b7e306589db15e57eb09d9708371e979712a861f7cb8d

        Download Submit
      • /data/user/0/com.icloud.game.wrzjh/files/act4
        Filesize

        314B

        MD5

        e48d4cf5657faec7acd3be1008bf4e02

        SHA1

        1945232c20e82d48395fdfd3ce8eeb8626d2db1c

        SHA256

        6ad429eafe181df767edf91938814bbf8d5b5c6f68dfd77cf74e5bc5dfc1cca6

        SHA512

        c74761c93b277c7bcfec33a6a66a5ea5b0d58b67fbfb053c7b1f03ec02456eb4f66b20119749fdd16194235e7214f0f1051b97c6141584e51fb6e4b95ef1e0c9

        Download Submit
      • /data/user/0/com.icloud.game.wrzjh/files/evn2
        Filesize

        157B

        MD5

        a8117e02068e67660e78fe1d0ab6624c

        SHA1

        ee58687af9fb774d8edd345cc9c044d2e2fd023b

        SHA256

        4a5b37c4ac82cf62aa95973efdfdef30aa85c63e36fe4a75c904c9b3caa74b32

        SHA512

        5df4af89041be60384c8533d2ab5f12afc8b6a4358ce846252c0f3864a1d12c1828f9b0d4e30f73f2b8c939fa65e55008b7d742260a79019c7c8ef06059113d6

        Download Submit
      • /data/user/0/com.icloud.game.wrzjh/files/evn3
        Filesize

        128B

        MD5

        7982a1e2689dc2f89ecde1248e9a3ce3

        SHA1

        88b0d3a82405f0a85f1845010fb90b77bdfeeca6

        SHA256

        00110d9e27b20be9cf4c1a681ca478b23ea096939b1e57962f0186948ed75fd7

        SHA512

        8928d7bccff8ca809a0923803d1b4dd6f09f9d53f277483f294d51e7a3c916300fc3496dd424416e06138ab3d1bcdba8ba4fe05a8e515274a99b275796f70ccf

        Download Submit
      • /data/user/0/com.icloud.game.wrzjh/files/sys1
        Filesize

        534B

        MD5

        46dff63f57706bc9268955e54f819d25

        SHA1

        b812b3963a3e1281d40a45943a7da97aa8c6a607

        SHA256

        ab93ea5f884c14769db3c394454e1b1a21f557477163b7f0be2a209322a3d84e

        SHA512

        a591e7f5890e7b82434accc6a425f948349542f5c43a8cbc1bc9b070aafdc4005d08b71af36b55c68e6ac7de90b53f8abf8e2fbe59d9abf76fee10bd52705790

        Download Submit
      • /data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml
        Filesize

        117B

        MD5

        7615a787dc52e7389d257760db61a880

        SHA1

        33fa48585384ef9b581f628290c47650ed358008

        SHA256

        c2ed37fd6aee4cc4877350e62bc16e7cd3007ff4fa22a41ee2df5bf2f49a700b

        SHA512

        6526a6df92fbb63aed7fa0fff0a6f1dd603083f1f5f714520a0ca7745a7338e96c1a04bd4ae1abfe87da7b65a387c51eb4682c48c21c0fde6e19f2d589f69bae

        Download Submit
      • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2009.apk
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit