8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8

Analysis

max time kernel
3000445s
max time network
165s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
25-11-2022 21:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8.apk
Size

6.9MB
MD5

3d89d2813fed6d1c63b1a6de4d4bf60e
SHA1

634c0d0f0afd28a892934d35bbef9c1438909fe6
SHA256

8bb9da0a51a8929430d058efbdb2170d46fcac52dc530e039ccf2e2d1a1081a8
SHA512

36bdc73ee0348be66af3d8f5c76d0c1e22b3d3b257699479da76f8c6a0495337f0966891dc43d463c2b3e74ff6aea45616dc101272ecdf22fe21a343f4c4e789
SSDEEP

196608:k4vrx8qCxuvWcgYZNLrLQe9Zru+yBKtvCkXF1Wi:k4NCxuvWcgQce9Zru9I1F1Wi

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.icloud.game.wrzjh

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.icloud.game.wrzjh
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.icloud.game.wrzjh

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.icloud.game.wrzjh

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4407

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0

Filesize
148B

MD5
149281c0bfde750ad5a62cc8d312694b

SHA1
9d1d842bf45829d655c335dfc18688d03d42a568

SHA256
417e8227f18beff63a7e47dedd0f95d5aa7e3480ee1521b6cfcee62edbe71fc8

SHA512
5ba461e18d6b91310dc98ca804a1564612eba6c1d42ea35b38b3abc683eeddd8bff6b96a6f648f0ab9d7f42da65fd4521192d3773b69265fba786e3f9ddce280

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4

Filesize
315B

MD5
dd279d38f3383b2fc8224b7717165993

SHA1
2ee89d3b0291b698ff5f45a76386cbafdb3259ed

SHA256
d0bcf1f2e077b1cc1bcbe4d1f62a2ab0853fb55960bc4b13d41ea96cd680eeaf

SHA512
856fccfb3783670a765b86e17fa6cd4644fd337e43f0dc75f4a52171469cdaf805f6cb032f950a77c61c829a07b9ce63783835057f544eff5e12058b287a359c

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/com.skymobi.pay.opplugin_V2006.apk

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2

Filesize
199B

MD5
f7999b66ccff4e1d571d3e088ef4fb07

SHA1
8e9801375c72d73cbd2c9cb0ef0f5ab0b8089c17

SHA256
2027b86a8d2a3b27ef3e375388cc1cf44df7d2bc92608ad5a2488f7603377bff

SHA512
044e7c2ba194a92f14ce7ea64d251f3d58798db5ef5a0af809e76bda9ef87baa18a5ff758734da92cf36452725bc49a57624ff489cd64ca50436938d5880ca4a

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3

Filesize
129B

MD5
4691b44254fd451f9f2cc218b3278c73

SHA1
cdb4c829c61a76b10ef809fa1dc57a48a1328508

SHA256
d8546c3ea6f9d4281c88b0d262e3037c15238d946ad93267a2c629316a4bbb9d

SHA512
2de86759b9ef85f7e010cd255379893b8bdff10ae33b0a39af1e279ccc18be9c1b20f67f7a7658f73cbcf9aa29109fb9c975e3caa6361729bf628b4699de0754

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1

Filesize
508B

MD5
7c995b2cc7f70390924e5f61adf98130

SHA1
c3e6487eea4733aa27ed2ef4569f950363e8da2c

SHA256
d250c817535a0df7120f0b7ac286304d420fe819d6b7d5c684f3634097ebc3d5

SHA512
04846f9b54577bd07dac45ac43a85ac87fe54d8e78b0ddb3f799def2d5873468e372bc59d3a91d22df83f77559870334d25c6be401e3a9fa5788bf053a1fd09d

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
de5753d1a96b9da73fa63bb6d8b207a8

SHA1
2345da041ba05d013029585108805590fd7bfad6

SHA256
ab7f886f17355950a94809a04071fd8dee7e7fdb546706224aea09df000f48c7

SHA512
a19dfd3a2fe32e742ea20686ce5c0113582ecd4619731577124842ab31106c12fcfc49c2ba980ad4aac4f50ad1664adb1c668d7e9ff78cebbef08d7ae373bd97

Download Submit
/storage/emulated/0/wrzjh/com.icloud.game.wrzjh/zhajinhua/log.txt

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads