a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b

Analysis

max time kernel
2885702s
max time network
135s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b.apk
Size

29.1MB
MD5

7ac30a4488748e4be24c04325f147c9f
SHA1

b54fff5a7f0a279040a4499d5aabce41ea1840fb
SHA256

a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b
SHA512

2bde3d4bb8a5df81f1e0230cf6e1464853bb52c104ce3da594a0218fee62b83610d673b999c186b158b469c50213be4057c8a23aea2b693fd9083293db44cc9c
SSDEEP

393216:bjd8b3Stod1v3uFwCPwmSPkkbiaOhECW1Fypl+W9ESATJXQY0/rBxqHoyvc2IGif:SbKhE3cYFAYA/q3Yq2w2AEZ+1AphH

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.secure.vpn

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.secure.vpn

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.secure.vpn

com.secure.vpn
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4047

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.secure.vpn/cache/rndseq
Filesize
48B

MD5
95b294c11aa057ddc5dfd29651f99f75

SHA1
fd3666adf65500d6f2ec5719daa64bfa4d912fd9

SHA256
acc8693c26e63332efb67e2a0c7cd0e2f6d6b79f978001d02af4737c3ef55b58

SHA512
faf956aa44e691a44681c3e63f5c0d1722d975f6567d1d71bdd4c93b9646263a1af1a6d8c5ceb950d59b3215d197f2fe2a9554656c510c047189da5582d92b8e

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB
Filesize
144KB

MD5
a05d07d1a1ea5f858afd4cf3dc3a3d88

SHA1
0f755830182436d13e0b55a81dfd0c932721fd9d

SHA256
e2d640859c963fb467e904586d22e31f6d4b84caf66143fdb433de3e9da0d6a6

SHA512
799983b7134baa5e01cbcf52e6a3fd32a3d610f16c7a280f8f3ab78fa8c1534dd8ce47ab5f0844b4efe3bb817aa6d5dba2b023ea80e2da5cf8c501dba6e90d35

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-journal
Filesize
524B

MD5
71c79c75d11f4db1f541a0b8e62d31ad

SHA1
e2734689ef25883d5a91d6787896a671e487ce18

SHA256
5e0662f716fd62bf4cee52cd1960a61b6f594e04dd4bd036e7afc86448bdc96d

SHA512
1193b42803e4f56faac0861e55883ee3b8f9b80a9b0da4f4adf02d997988fae18878dbd0d8f45b964e84c65419743b53d2cea79387b5cca5aea49b7b3b9d3c2e

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/MonDB-wal
Filesize
410KB

MD5
007d6d2533cdf2b675e2e4f8bc1ba129

SHA1
30fa7df241cec5ab4a6673f74f1521caff282ee4

SHA256
c38a2cd6e82fb9010a0a39a1e146282ade0d2d57f12242ae880c960269a20571

SHA512
adb7be58236bd030d97940d1e11a05d883ce984dea7aab79c38323a0b568e9d1fd8e205a3f1938d8eee0ae9fcaf85062fc857f771c9b8f40224f5fddf1275e09

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-journal
Filesize
524B

MD5
b4d7f00a33d6f576800b271a72fe111c

SHA1
cbca2a18a46bb7482eecf6a4239fc55da86980e4

SHA256
6b40c675a1fda6fa64a3d46cef38c7b92bdea731f970a60b2bcbd5455839fb8d

SHA512
4c992ac9b49819ede363e63ab7cf24edc801ef5e465e111d6f717ee4e535f6c03c11e2d786bc27c6e3a778bc28ce09ece8287153fcabe180ad0d3a10036ae19d

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-wal
Filesize
32KB

MD5
a71d17322b51f4e9fe58643ce64bcf50

SHA1
ec5c4c82e847bf3ec61b4229ee56ec3429552423

SHA256
dfedca9c1a9a155f0dd6163eb8580ec09a9bf852ad79501fd31d8fb166cea8b5

SHA512
dbcf25eca2fbff908f83678f04dbed0d9d387027c94d9edf4b83772b0a6536aa0201294e59191334e29f504f4f7331f8167e85b38e404c3b0708701fe46c53aa

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-journal
Filesize
524B

MD5
18c68e0bc1116c6e311afc1a28ee143b

SHA1
2a2c89b0085f7cf1977ba00451a3765289dd1834

SHA256
5bfb0628691ea2795a526662d1eb975a8f56f9addaf754501d6f9d0a36c69a47

SHA512
3b590862023f6bafccc6a8d15f32d62848da324aac023eb1f7af511bc4df9093b4e755e42e596e85a280257036587adef25a3e9e9e6f44b02f458267bfc227a6

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/databases/key_value_store.db-wal
Filesize
209KB

MD5
0cdaad2778c941e07512b811b121649c

SHA1
db0ad9b3c5463f7ce9a36683a69a7c9360cbf34e

SHA256
88ab75e385ef5c80430ac1e9c8b8469be98539de700181b76674257de45db515

SHA512
e8c7544d6d43efd6c073d44420cdf6499fd627d68164b041c76bc0130473a9a8208edb73f2b1a9e6bf5003e18a3fc729bc75f5b7ee4e2c832cf2b50191d89f05

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-journal
Filesize
524B

MD5
118ec3fdbf1930e8e3381f88a5ab770a

SHA1
839074195208b7566e9bec18cdfe5f04f78dda72

SHA256
fde9ebd0ab5d0e05f8ac9a934c9517301db365bc3bfa78282fc41acc10941146

SHA512
4e7c7baef623a128327591d54f2b33cdc18f61235221aa66e3db8fb35a11a1096a4533dcfcf12b3943f8fd2c53618fb6fa2c64d2b3b2835fa86fae22b9c1c8fa

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-wal
Filesize
189KB

MD5
148ca1f381ce8b559bff60fb790ef9bc

SHA1
9ae7633b70c5a6ebffd11f3d19071bd726aea97e

SHA256
9c716254e6e96c97c8275b1188801a5f5fad4805e41a715088c1a1f7c31fde4e

SHA512
0363986b73051b89116a8652198ade779fc7afa78536639af6d9a55455a75ad775e9d5e13d88e3436a9927f964d8b038fde3401070e66cfa95a1d16725b2ec94

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads