3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95

Analysis

max time kernel
2940501s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
25-11-2022 08:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95.apk
Size

5.4MB
MD5

bc7704852104861955c76ad27fae506f
SHA1

5ec2377e869384302922a6d2ce90b58b73390b72
SHA256

3b3a3c45629cf9fc2b4d9f93ce3bbdbb9ca213982fbfa89a83de876b234b3a95
SHA512

bb31861dfdecb1f14d2999336c32ee2b03b010b49ea4132e2f879bd4fe5cb92c2b65128ed3913f660ab2107a8a8b7235816c925fa67dfda97a082ef1e4fba875
SSDEEP

98304:LJ0baxuU/hKJU/ht3hMP71SU/hCmnPr/O53kQFIMx6AiUWSU/hd:LJf3ZjZt3GjDZTnPr/O53kU363UWNZd

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 3 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.moyu.evton.themestorecom.moyu.evton.themestore:service

ioc	pid	process
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar	4427	com.moyu.evton.themestore
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex	4552	com.moyu.evton.themestore:service
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex	4552	com.moyu.evton.themestore:service

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.moyu.evton.themestore

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.moyu.evton.themestore

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.moyu.evton.themestore

com.moyu.evton.themestore
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4427

com.moyu.evton.themestore:zremote
1⤵
PID:4515

com.moyu.evton.themestore:rmonitor
1⤵
PID:4596

com.moyu.evton.themestore:service
1⤵
- Loads dropped Dex/Jar
PID:4552

sh
2⤵
PID:4654

/system/bin/cat /proc/version
2⤵
PID:4714

/system/bin/cat /proc/version
2⤵
PID:4733

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.moyu.evton.themestore/app_/behavior_log_file
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_/success
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
Filesize
980KB

MD5
50bc69285db5c803f7b7b5789468ee25

SHA1
8cdb6d36c3698545ef03e49b31256566d8b0e2e1

SHA256
6e53aeca358c03b2c41cbb1efc9c51dd58bab3bf2cd2db21f5bcc14b6129cc00

SHA512
d5076356f23115f7e38d88aeb1fc28b8ddcebe1d7d11c5aa8fef47018c4aeace78aab7bb04b7e8fa5f4e95de064b691067097bd46c4d0932266c047955b4cd19

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/lockscreen.dex
Filesize
980KB

MD5
50bc69285db5c803f7b7b5789468ee25

SHA1
8cdb6d36c3698545ef03e49b31256566d8b0e2e1

SHA256
6e53aeca358c03b2c41cbb1efc9c51dd58bab3bf2cd2db21f5bcc14b6129cc00

SHA512
d5076356f23115f7e38d88aeb1fc28b8ddcebe1d7d11c5aa8fef47018c4aeace78aab7bb04b7e8fa5f4e95de064b691067097bd46c4d0932266c047955b4cd19

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/oat/lockscreen.dex.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_apk/126/success
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
184KB

MD5
9c9416e5b583e395df107443deab01e6

SHA1
9d7188b483bfe3dddc3d057a89a7f980006f26a9

SHA256
340df5c81b4b9ac9154746fdb9a88ebfc4046b72b28951dfefb85f1ab2faf358

SHA512
93f690db06ed593061e634c6a4316ab1bf466806a6f3cf0ff971521664cd379d249642549e04c899edd0749a6fe524109fbd1cba51d96dd9d50aa40d23b2ffa4

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar
Filesize
410KB

MD5
fb9bbe1555d1e51bc6b68f73306cb5e8

SHA1
fb58a0adb1de330045ed2a7488f7512dd39e6e84

SHA256
269761b21873b1eb7f433b5b8233e13b54d499765413edd555a115e154884a1c

SHA512
10fd4b83b3b20333d1e54005342d5fcc50f83e3bd967a7b04c0991244a6e7f0bc0eabc74c19a4f746d34db7ece76f4b083101963ebe351c27b4b68c5259a55a6

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/gdt_plugin.jar.sig
Filesize
180B

MD5
d720f5a76da8fd9c88b47bcc424a6ea8

SHA1
7d0d284268fd188d36ca806dbed0fdeef6a2a4bb

SHA256
2fec1104f18fc9cc1e801bbe61642ee704a149248de06330ff141ca5238dd51e

SHA512
02c34b3dea7d40c4d30052126cdcc2f8ae359d742fe25f87ad101dc1bd8f80330f149abe2e114663c53e47de9b70d2c3de8b7903d0ea22d2e1ce89cd52a901a9

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/oat/gdt_plugin.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/app_e_qq_com_plugin/update_lc
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/GDTSDK.db
Filesize
80KB

MD5
07d91adffc043573efc89bad84001f9f

SHA1
68d38a4c503ebcfdd090fc5a91b090e2498e4acd

SHA256
a6cffe261920f8b3f534c493a0d63821f3f9a8588989ede1044b40bdd4e576be

SHA512
70b6cce8414ffd8dda20f09559784caa127724ff0f5dc05f87a76ee183805f3cbf690852fbbb0cac5f1a0a37b3adc56550552f3062be262180267c393f28cda9

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/GDTSDK.db-journal
Filesize
1KB

MD5
63b470abba956afbfcf64e28911f9d3d

SHA1
f5cac0d7c3fea309716541bee7f904da045be8a9

SHA256
fc7704bb67d536845ea50eaf319b7b2b070f0141fe4511bcbd4af9897bc36047

SHA512
df0d7b90722681fd7ab76be6c323510c6e610097582bfb18052f701164cba9deeaa2eea319aa6ff55de81295c2bba525f9a0747b046af6115be9668749ecd08c

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/download.db
Filesize
64KB

MD5
3ff7f75f6c6fc9e3c709d2b3238e448b

SHA1
a5f4d15b5f829fa996766882b02413e1e5c805a9

SHA256
292368e9ab949ea6e6d6fcb5c8aac64ceb08441ef61d3fd9e5ff34a95da8b81f

SHA512
3fd3526fd165eb36ec6dff5a06faaa1ddd9699e60ae2133311a4c1fd68bd1e7666502e6c83c2d073101866b2c5f7bb331f843c91769b29b4a0cde468c7c844f0

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/download.db-journal
Filesize
1KB

MD5
6c360e63fa262bd60a52981958106fdd

SHA1
81c3b61a695565bd4497abecaf36a2cbde1071b8

SHA256
8b6d11aa932c21d34708b46c082467a2289fe63712abb0b759ca42512d38609e

SHA512
bf2d169d8afe4b60c68158a418675a818dffcb4434b6503643855edd0654201506d70fe2d54e94e9a6f411a1bf89c9316e73837878c8dbbb5b58e021f1f9367d

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/local.db
Filesize
224KB

MD5
815169b4a3ec505ea51c5d0f668e9bb1

SHA1
735bea7c36341f85054d11264f77c24889e74727

SHA256
bdf825de3166d503329e074a0c44d343b2f534fa6ea781584fb278d60a32022c

SHA512
da903e9d4cbb468e43b1f370f6ae995b53846f2d2c677cd3a33fdf8aaf7f86d04a90b00529049a143a9cdff46c3049c499b3e3630743a86ed3fd5caa145a302a

Download Submit
/data/user/0/com.moyu.evton.themestore/databases/local.db-journal
Filesize
1KB

MD5
c8a976de79d419508c776591865a0568

SHA1
2e7f34e7a29fab65e0e1ee6bf95edbf840c7793f

SHA256
51324d542c9ee18569a4dd436ce341011ca25ce9a444b9a6d86887111a6be056

SHA512
b5400d624e40a88203b124d8c692ee5e68afa2facadc22eb028f60ffc1febf593a38462a4da7ca77db891665f9dfe2d1c1238c2e78c2371bec31195edb5461c3

Download Submit
/data/user/0/com.moyu.evton.themestore/files/exist
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/BuglySdkInfos.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
119B

MD5
a3d6e4375c3d44253da895bd5bcf07c3

SHA1
0a2c3f440a322b08099560f26300ce57b8fed25e

SHA256
1786d26ec49bc657b14adcf4993b26517f2bbedab4edc54a972e6c2e0af861a0

SHA512
1945a325c14d5db361a8bbd61f8d4e5865c8dafecb23c1e9115c226dc28e8edf6a2de151c3000c0e3e81e8b4b751d9358ac4c3779dd0f0cbc08a8d5fa7e64f06

Download Submit
/data/user/0/com.moyu.evton.themestore/shared_prefs/ibimuyu_info.xml
Filesize
119B

MD5
815dac8d8f1e26fe57ad24c548d8e0cc

SHA1
d90897b6f8937a3c83e57043d3c35f5c603f60b7

SHA256
6f34f2f5b81c939c394b62bce126b2476314caee6c036ead091a19c9b721c4ad

SHA512
d4d1581f6bc984e361d76e67fbfb2cbf109c03b32a17a413681c08481210cabcd7b8adbbf8c73f421e9e512063a9dcfe768250fad73d6044c056ee2dc080631e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.behavior/behavior_log_file
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-1453078593.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-237234159.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/-762752935.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/1746136050.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/1746136050.tmp
Filesize
32KB

MD5
cc893a34f75804acbeae299443eda0a3

SHA1
2be7aeb0e2d492aa4b7f9d07c784db968828b699

SHA256
83f3cc8eb38c22d46da3eecd5fc141142249de6c7ef863bf6bff39b73e498e65

SHA512
05c30948c9edb93724a9d1de6c6fd74d52c5b6a2b22bfd19ef47e451b163eadfb96cafc4f70324f42d4f7cd163bae91859db78b6b55b0a21075188aae66ea59b

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/495475131.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/495475131.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/856268215.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/zookingsoft/ThemeStore/.cache/920975134.tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit