b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8

Analysis

max time kernel
2885605s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 00:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8.apk
Size

29.1MB
MD5

548674d18b82bc0d58a1b7722029a156
SHA1

c74b006badbb3844843609dd5811ab2cef16d63b
SHA256

b420db3dff4637f07caaa145b634106e4c2fc559ae1b4b692271cedbe21b62c8
SHA512

76fda6a5c9475a8d4a367649002f7875b9be434d3e28fd370a46e3b83d2aefd60ce24693bc1151dc4f8f18519e03f23cccf4e19c7366055aa803015b298a924a
SSDEEP

393216:z3J8b3SRZd1v3uFwCPwmSP8VbiaOhECW1Fypl+W9ESAHRDQ60/rBxqHoyvc2IGpI:+bKhE/cYxU6A/q3lq2sDIMe+1AppO

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.secure.vpn

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.secure.vpn

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.secure.vpn

com.secure.vpn
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4095

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.secure.vpn/cache/rndseq
Filesize
48B

MD5
0cafa331015897e2b67c9896b878289e

SHA1
275b3a7bcd7f0c8f274e67b313970a2e7410804d

SHA256
c3de424ffc4ee8fa1e75bb40abe71e319c4e5d9e8e3154656189e8439e66e2d2

SHA512
d52edfb61e160f0d40df54857673977bfb4f0f6124ca8d46341dffe6eff12b0eff9fbcabf7423ae09c71cc0d5a8696bfa54724869ac33d91659b775a13013031

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB
Filesize
144KB

MD5
da74f83a4468d8ae2d3a199340ab7c4d

SHA1
10df43b54107ae81c1298bae5ed9d94a02ed324d

SHA256
08f1ccf9412bef2221055fea326eb73e4cd72d14df95fcfdaf0c269d98397d3d

SHA512
e02af9f73b76fee079d51aca892c82c23e739c771fa3d53c75b17d562fe37577741fa27bbd3e9c7539ed577de2ea4d5324c9566c81862b6d31d043d098b8d557

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-journal
Filesize
524B

MD5
259dc8e6f5f023e03a30e4c41f7fc9c1

SHA1
55f541633edeca90280a507ee350ec2a00f7f0c5

SHA256
e16b547ab90ae047534ccf07eac5218d3e61cb48a914a49a9a1fd0ef7149ba3f

SHA512
623cf3a36ae6443a9650e25b76f703119ad4999820611aad760a890791c7f1a63411de71488d79acd111d05a172ceec4a82822d90b44fba7331889d94ee8dd68

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-wal
Filesize
410KB

MD5
3ef9d3d2cb160d772a398197e48fa45b

SHA1
9c69f9a477172703dacbb3aef710f07039bbc0c3

SHA256
871c93144d100ac83fa2fef42bb4dc908783f784222bf7e147eb3a564d57ff42

SHA512
eb0d3a8c3cb233f9069024f85114473c04010e4b7a47bb352cd5859cbbbc4c51872cb5ac61d474624d972bba21c005eae9f8297f99de8a35ba387d2254802012

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-journal
Filesize
524B

MD5
e8cdeb5c24d8019b04be576e5093e067

SHA1
25b4c87ce3a2263b346c104c311df1000a451b2a

SHA256
e696b4ee45d242d714c7a2b5bd51a667c57bd46e8b8aee59cd80df5c73dacd1d

SHA512
43f3e718179d3541c1aa6db01fa856f486e4315d473f70fc4b343462629aaa6fb48cd6c1a800b913f71728d28f01278ddf8e9ec2b27ffdd6f77e343008ca990c

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-wal
Filesize
32KB

MD5
13db7e774f281e42784da6d3e24cbbfb

SHA1
b0f386904b38c0a3554547b423fc969303719f98

SHA256
a55697c7f1201572216a2285eba218fe8a3f4f56c26e3d6c3d9555adbc79e3cf

SHA512
a260373b36de727d4f189cd5b60be6f7dc688e102cb7ee306f82fc60275b2bc04db61c8d40882c3c04a4157b26cf823453af9a8346e180f074e99079b4ecd96d

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-journal
Filesize
524B

MD5
57efbca689514b6f9de57ef84a093733

SHA1
18d89bd69a879408ad23c3db07b279b9cdd3cf30

SHA256
12510e368e5bd6ede70674e554e44882c3b2312f7ae465af0189f513680163d5

SHA512
e13425cb757e33d4c3aedbff961f5d2377b273f3af3d374e5b0dd5483f59b2069cc158586eaffb34b28cb8263733191ed9643ab3f7fb9016e8bb83739fe274c8

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-wal
Filesize
209KB

MD5
b68483d775bb22813beefb81c76d9d30

SHA1
7a2ccd7865262f525b0f04d0025fa6a6aac04ce9

SHA256
fd925e612f15487ea30a853efb9c108ff8de7594f9deef31df22ca6daeb17db5

SHA512
0dc28bfecdb320d62f6af52c6fe06896a2d8b908ee4703738228d6f8f21551d78128fb174ab9b44bd41a6bc2df88b91f43fa0fdb2071f3642cb87f892bcc9d52

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-journal
Filesize
524B

MD5
3b6a80b611cc5f29b45021970e4d646d

SHA1
eaa56b181f582b165ead3185f9852961ebda9cd1

SHA256
e95ca4e2fa71bfbd045721df9a66301c8a7fe25bfe2eea68ad5d8b76967ca287

SHA512
fcaed22df8d0b059fe618105c5a10d15888b46e3bec059f259036e58544f48240581b1884b461e74a881f1a0f7fc49d1fe0119e3389fd42ba6ffff4829af0b81

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-wal
Filesize
189KB

MD5
26b0860d9778f70e4af984ec368ac5ab

SHA1
c94ec5dd92ea6b3846a61aac430203bec96df677

SHA256
485845dedab742d058fa61959cc98b9e301082204f36c798a1caac08836c63e3

SHA512
3c02546181560a75e282166eb868f7e872b301e43130611849376d1a4cd58985644a48ed0f6b8868b65a8e3c0a85267745e7628e1c0ce10527cf7377e410ae07

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads