8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8

Analysis

max time kernel
2996817s
max time network
153s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 21:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8.apk
Size

6.9MB
MD5

3d89d2813fed6d1c63b1a6de4d4bf60e
SHA1

634c0d0f0afd28a892934d35bbef9c1438909fe6
SHA256

8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8
SHA512

36bdc73ee0348be66af3d8f5c76d0c1e22b3d3b257699479da76f8c6a0495337f0966891dc43d463c2b3e74ff6aea45616dc101272ecdf22fe21a343f4c4e789
SSDEEP

196608:k4vrx8qCxuvWcgYZNLrLQe9Zru+yBKtvCkXF1Wi:k4NCxuvWcgQce9Zru9I1F1Wi

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4016

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4075

/system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
2⤵
PID:4127

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0
Filesize
148B

MD5
044b8b4581039ca50e05c4295b9fa911

SHA1
0d090b856e5ff219adda4aac032c7d6e6e581b4b

SHA256
a29ad0cde424a956303e4cb4a1b954a5d442690db819025b44abb930d338d1c9

SHA512
782a4450e65c86cddc4f347e46d1966ef15da3fe41505812a3d41e143e0c6b69af459f580003104241b7f1249012e61cd61888a313f4b72d2f261994be5850b7

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4
Filesize
314B

MD5
0fa466905c36d866d9aa7126dc1a75e0

SHA1
e6ef2b9544e9e340744523c7764e1483ad40fd5e

SHA256
3e3ecd9425b002457574149c3083ddffbcf79ce79177f97a6744c9d65d210dd3

SHA512
376e2ace878b84e41be74e86a86f945a55133b713e82e7203ac7fafe7ae50d9ec3bb4d36bde569a1229bcab21c18ac501f1f699684619a235d6655acc09f719c

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2
Filesize
199B

MD5
97d8b041b709c9a492a83e85f682a3bd

SHA1
5d8cbf1cf124ed39a6609e2422f9eff817f39c3f

SHA256
870accc16c27cc65583bb77bf2d1d013bbe8edf1dcc7e2fe3d4a79259ff6e23a

SHA512
9336ab285024620b0310d81713078b72a38d90982e6a3799c44e2974daea72d800bad05174c8ddf15ce999a32002340c8886d4b241660ef395c546e1780472a9

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3
Filesize
128B

MD5
7f578ca9ee69a43f99eacbeed0d0308c

SHA1
5528edfac07c05c457925d60ca93899bd34d9142

SHA256
557c0368a682b49bce9881a6cf8837405072335dd686d4a537c15688363edf20

SHA512
f9d9107c1e4262d28dcf34775e333a998e1e764c22d1f3ac163991a3649cfa76ad1a6f904bcaacd0c23f25a2f2f5580c07c081b549fd867e7a1cb63ba4760248

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1
Filesize
537B

MD5
dfb394c51ad142ebc72485abca81a24d

SHA1
a858ffa3b984c5d3adcf12a2f4fc2ef1cff01dea

SHA256
e5c7fcbce7dd38fb60a21d1696750819cf5c78d4a99b2483b0e51b6a8dc28abf

SHA512
cfeb870fbf0b27f170f915a5de0056e335e957ac40953af0dee4fce9dbfd0145eee6c22aae4ae95b28a4161c3f251897333be9dab02cfc5c9b950aa14f2b6e5f

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
f1da859af87b86671a5d01aee77ffd56

SHA1
99c8583d780a1da60c43fa4eeedf713cca93b449

SHA256
005fe6e62e18e57cbe4ca08764cfb0304ef0d1698047c341438aec7bac17eae6

SHA512
6716ef18252fdaa72324eb3df3b7cdeb5e4eb69cd8f51f65beb0e374842aac5443ed65490e9aa41aa906586e9abae3f1fcd32761d36dd82c66de1baf6bb96e62

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.opplugin_V2006.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads