e9a270a23aa545669536847f00366379db969b68b0086aa2e3cf8dfd117b933a

Analysis

max time kernel
2864868s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
24-11-2022 13:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e9a270a23aa545669536847f00366379db969b68b0086aa2e3cf8dfd117b933a.apk
Size

7.2MB
MD5

b53f1373fb93049067297cf2ad20fb64
SHA1

cf376de7b18ec199e7c9bdd6b9451a7e5a64abdb
SHA256

e9a270a23aa545669536847f00366379db969b68b0086aa2e3cf8dfd117b933a
SHA512

c5ff7944ada1e694045a825fdc592b158b7a612b67584b7517121726f0efad674cd556aac7ae9f3e274419483034695f07cb4a16a27c8bf21fb9d4362eb508ca
SSDEEP

196608:BJ7/rx8qCxuEWcg4FyhIh2viy/7JxyyBNh17Nyh2:BJ79CxuEWcgQyec6y/7Jx5fhRNyh2

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4382

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0
Filesize
148B

MD5
fdc2554e117b71cbb25b7472e27c3160

SHA1
ddb20f299c927f1217bc1c91a03d2b1ceb956771

SHA256
732a689bb31997e901d977ca71b37e6850866fd5299f8fa45cb5476f38227b83

SHA512
16a621df23751d7c54188b81b2268f0a2ee565a52ced70e2a521c877f90dce7cfb5ef0dadd341978fee06d99305775b42238e0e60e9f35f3bcc1d37a579ccb92

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4
Filesize
315B

MD5
010370d3f79ed86064248f6bc28870ad

SHA1
31f18639e40fbc77c90593cfaaec271a30d5f98e

SHA256
970a49a905075ab7a19d89e8381aa9aa34bf6bae7c2bf7b3f60f2c85241ce390

SHA512
77c7ac3c4a92c6605cb1f36446a0e0e2fa7fc9a2ad90891c44e9ae90b61022a7700fb622b0d72246109a32d584509521540f0adf176a13f5c7d079cc254eab80

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/com.skymobi.pay.opplugin_V2009.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2
Filesize
157B

MD5
87a6121c9f60339836a2dbf533393d5f

SHA1
90e95526ac336e0c867b3d9068af2955164bf991

SHA256
6c9b532f29ccb7f2e8da827f0c7c00064d989d7bc7cc72588418db01e92a0f00

SHA512
d70c66e48c11ed5f4c6af6f03bf13dc91c5e40ccc2997b0e9218c535b836fc268fc049c80dd3d5dc115159951c6a7f9cae88a3495c32b399f578af58baf45425

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3
Filesize
129B

MD5
14d5863fe59e554c24e98d3b96272280

SHA1
93c81655cfd189aee55ab1ea7cdb2b27b787ea60

SHA256
d08b63dc96e940080e2b931a71e90188002f757a5e9ee3e82248efaf0fc84def

SHA512
bd804563e7ef076685dff59f5ae793230765cbec2560cd24ea0f0f0abe8cb6f994ac367b35df3440be95c82792dc8274c6c4de2915bd26fe2af8ca20b404dae4

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1
Filesize
505B

MD5
690bc471d5a95fcc006183d8514a68fc

SHA1
cb27e131f4fd95c35f4c87e8834647dab7d61aa8

SHA256
8b2a59478b8e4458343cb80484b6380cc1f293c7705b17cdc759c2a7a2e57f84

SHA512
9a5d8a4d6b01ff105dc15e627113ab5aeeb47b70655b7a95da5fdec05e606d35cf1e0f54222353951f1ccb2a7e337748c92fe2b879af4f549df20e94a02435c3

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
5dc0409e37a7c6ed5476d5c0e6564369

SHA1
7365bfa114a357f05f9a7d58a70e51238d025319

SHA256
13d72c005fa3eacb323e666db48e763d58631aea402605f81b3275716367d3f7

SHA512
af4dafec6e901944458ea1a346197da878e766f8e3496ee7f49e8128a43b2dffb364c7b681ed44bcb531e70a2d515675d8291bcba71f426f249cc6f89bccbd26

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads