3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95

Analysis

max time kernel
2940460s
max time network
160s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
25-11-2022 08:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95.apk
Size

5.4MB
MD5

bc7704852104861955c76ad27fae506f
SHA1

5ec2377e869384302922a6d2ce90b58b73390b72
SHA256

3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95
SHA512

bb31861dfdecb1f14d2999336c32ee2b03b010b49ea4132e2f879bd4fe5cb92c2b65128ed3913f660ab2107a8a8b7235816c925fa67dfda97a082ef1e4fba875
SSDEEP

98304:LJ0baxuU/hKJU/ht3hMP71SU/hCmnPr/O53kQFIMx6AiUWSU/hd:LJf3ZjZt3GjDZTnPr/O53kU363UWNZd

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.moyu.evton.themestorecom.moyu.evton.themestore:service

ioc	pid	process
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar	4775	com.moyu.evton.themestore
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex	5698	com.moyu.evton.themestore:service
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex	5698	com.moyu.evton.themestore:service

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.moyu.evton.themestore

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.moyu.evton.themestore

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.moyu.evton.themestore

com.moyu.evton.themestore
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4775

com.moyu.evton.themestore:zremote
1⤵
PID:4932

com.moyu.evton.themestore:rmonitor
1⤵
PID:5058

com.moyu.evton.themestore:service
1⤵
PID:5174

com.moyu.evton.themestore:service
1⤵
- Loads dropped Dex/Jar
PID:5698

sh
2⤵
PID:5736

/system/bin/cat /proc/version
2⤵
PID:5777

/system/bin/cat /proc/version
2⤵
PID:5795

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.moyu.evton.themestore/app_/behavior_log_file
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_/success
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
Filesize
980KB

MD5
50bc69285db5c803f7b7b5789468ee25

SHA1
8cdb6d36c3698545ef03e49b31256566d8b0e2e1

SHA256
6e53aeca358c03b2c41cbb1efc9c51dd58bab3bf2cd2db21f5bcc14b6129cc00

SHA512
d5076356f23115f7e38d88aeb1fc28b8ddcebe1d7d11c5aa8fef47018c4aeace78aab7bb04b7e8fa5f4e95de064b691067097bd46c4d0932266c047955b4cd19

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
Filesize
980KB

MD5
50bc69285db5c803f7b7b5789468ee25

SHA1
8cdb6d36c3698545ef03e49b31256566d8b0e2e1

SHA256
6e53aeca358c03b2c41cbb1efc9c51dd58bab3bf2cd2db21f5bcc14b6129cc00

SHA512
d5076356f23115f7e38d88aeb1fc28b8ddcebe1d7d11c5aa8fef47018c4aeace78aab7bb04b7e8fa5f4e95de064b691067097bd46c4d0932266c047955b4cd19

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/oat/lockscreen.dex.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/success
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
184KB

MD5
9c9416e5b583e395df107443deab01e6

SHA1
9d7188b483bfe3dddc3d057a89a7f980006f26a9

SHA256
340df5c81b4b9ac9154746fdb9a88ebfc4046b72b28951dfefb85f1ab2faf358

SHA512
93f690db06ed593061e634c6a4316ab1bf466806a6f3cf0ff971521664cd379d249642549e04c899edd0749a6fe524109fbd1cba51d96dd9d50aa40d23b2ffa4

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
410KB

MD5
fb9bbe1555d1e51bc6b68f73306cb5e8

SHA1
fb58a0adb1de330045ed2a7488f7512dd39e6e84

SHA256
269761b21873b1eb7f433b5b8233e13b54d499765413edd555a115e154884a1c

SHA512
10fd4b83b3b20333d1e54005342d5fcc50f83e3bd967a7b04c0991244a6e7f0bc0eabc74c19a4f746d34db7ece76f4b083101963ebe351c27b4b68c5259a55a6

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar.sig
Filesize
180B

MD5
d720f5a76da8fd9c88b47bcc424a6ea8

SHA1
7d0d284268fd188d36ca806dbed0fdeef6a2a4bb

SHA256
2fec1104f18fc9cc1e801bbe61642ee704a149248de06330ff141ca5238dd51e

SHA512
02c34b3dea7d40c4d30052126cdcc2f8ae359d742fe25f87ad101dc1bd8f80330f149abe2e114663c53e47de9b70d2c3de8b7903d0ea22d2e1ce89cd52a901a9

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/update_lc
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/GDTSDK.db
Filesize
80KB

MD5
9eede8253d10f291454916ec7c95e7a2

SHA1
8fbea4f31893085b47090ddc08d888684297f08b

SHA256
2a6191afd5a728c7f7187a83d81c315cfce21f50caf7df351a75f92e3f0b0998

SHA512
15147482f8a3b1da0731d5ac115546fc46244d9756a188d9cec7036bb65dd4f95c21eb3598719082914df4b35f068627174974c911e5bd1d91f2b1c14b0bf00d

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/GDTSDK.db-journal
Filesize
1KB

MD5
4998097b653d47ed4c8704266443e51a

SHA1
fe70cd22c3ac4a94ac1d5e30e370bd7ddfea69f3

SHA256
e18224bc9d4e4c950e3669740dc95c9b1cc6d992c8abda38478f9db778716e53

SHA512
56eabc3fbd7d85551c7c4de7d7f5a1c9b4283f569dca501429759c62bbce3a2f190b16ff58cbcc87035a18b1e6f84082b7d3dc384ffe3a4fb86306039e096947

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/download.db
Filesize
64KB

MD5
2588dbf8206857b218f4a99813fed113

SHA1
4d65bec91b6b275a1b859e545a9bc6ce1049ef24

SHA256
b7a73cf1096d06ba32b481ccafa3dfc7b530bb3bf66f7f7698989c8facea3eb0

SHA512
36514ebb205ae849e36a9eda203c5668b426e24d9c6a087742f8d46670ef8adfa412b444264829fa4064573f29b9d36e7987e1e4682a294f21e0cbf336db59af

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/download.db-journal
Filesize
1KB

MD5
b5947efd09b146cd22f70c688627d2f4

SHA1
cb47208e28ba158627aa5594545b581163831e39

SHA256
0dffccba6ac07c926e580c1384843bd1e4ce4bb3e8986fc5d562028073cd8315

SHA512
c83e35f65406b9e28726658719701016fccb363b2147b47837d613d947f6976490eaaec2146c0cbe7e5db174253900f77b53025d9c8ce543b1b303597f8e30c1

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/local.db
Filesize
224KB

MD5
a89c6212906a65b64acd041c3f43ac14

SHA1
2a76c7bf5ab31e84f380a28e6d1b92f80ce086a9

SHA256
bf057ac4a7e860f6735d1db9d7ba069a64d8418cbc67c509206814bc2ea8682d

SHA512
ecce169dd24890c22d02a1c43750cd646796f1c76c7bcae0a875b0ea2547ee4ec66750f2e1bbbdd9b4fd7b9c4f8cebbe9a5c990d6ecb5a5b30b9148a2b645f08

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/local.db-journal
Filesize
1KB

MD5
ca8d307950a9ece7488e75bd4c6064a5

SHA1
ccaca21ea6e7f243ee702561dca8a6b70d5c68e8

SHA256
f7fd491a73080bcc38d1fbd4dbeb633bf3e4ab5f05eeedbf41680efdd9a86567

SHA512
71eccc1a55f90fd2a4fbd545d1bedd581d0fc6fc01db6d8ada07796ffbc93f6741ab32ec0c80d6b6635de359579b1b224a7155eaa72dd0c474931efc697c4d78

Download Submit
/data/user/0/com.moyu.evton.themestore/files/exist
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/BuglySdkInfos.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
119B

MD5
a3d6e4375c3d44253da895bd5bcf07c3

SHA1
0a2c3f440a322b08099560f26300ce57b8fed25e

SHA256
1786d26ec49bc657b14adcf4993b26517f2bbedab4edc54a972e6c2e0af861a0

SHA512
1945a325c14d5db361a8bbd61f8d4e5865c8dafecb23c1e9115c226dc28e8edf6a2de151c3000c0e3e81e8b4b751d9358ac4c3779dd0f0cbc08a8d5fa7e64f06

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
119B

MD5
815dac8d8f1e26fe57ad24c548d8e0cc

SHA1
d90897b6f8937a3c83e57043d3c35f5c603f60b7

SHA256
6f34f2f5b81c939c394b62bce126b2476314caee6c036ead091a19c9b721c4ad

SHA512
d4d1581f6bc984e361d76e67fbfb2cbf109c03b32a17a413681c08481210cabcd7b8adbbf8c73f421e9e512063a9dcfe768250fad73d6044c056ee2dc080631e

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
165B

MD5
731f813d637f93ab2bf16e79d2f6cec1

SHA1
affe28503496cdb34cb1687b167d0ee4c2db5c65

SHA256
ce23de99a1243fbb16e385a258882efed2fe480747cec40f2e282707e17fbaaa

SHA512
6a4b90d0beed1cf0c7611c8176daab88fdd9e6ba31f659ef7162ee12e67ede272affef21644486f1cdc7fee673b3fdfe0d05d1c4c2a4746af7c7344c715e09df

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
222B

MD5
57cf1dcb0f6934df8ffd2bb2fe5d3b5e

SHA1
daf2318d6467fab7eb1f1195eed98e2868c74a12

SHA256
46f8b368a0d4262086d1a7405274e66ef409f8070e411963112440fc5204b7de

SHA512
036a35e739ed0d1ba3c1472a64223b16a805fbeca81403251c599c0240bbb8aa6ab321e5d87d20a41d330dc64c1faa00e8ba876fbc29d8fc76a09d02fb7b9277

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
222B

MD5
ffd5157d6c29e2b38974b92efb199114

SHA1
12ef5814602cdbd8dec4acf188d0dd2995ed46ba

SHA256
d4dec0c677e2ad69b6ce2a4f417b9a3ca9bb4de43997f4f6af0fea515ee9d7d3

SHA512
7a88bcfb8e0d101fd4b5f138722698c147506e9b4ada767085ac753b890463ee514fb418395a31aeadce3ec5897afbc1c171b092d682fe86f33e53930b601317

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.behavior/behavior_log_file
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-1453078593.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-237234159.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-762752935.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/1746136050.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/1746136050.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/495475131.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/495475131.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/856268215.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/920975134.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit