54cda5369660312d06d75b34cd4333457a4cc9b5239d615f45db54e2ed02f4e7

Analysis

max time kernel
2945589s
max time network
149s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
25-11-2022 10:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

54cda5369660312d06d75b34cd4333457a4cc9b5239d615f45db54e2ed02f4e7.apk
Size

4.6MB
MD5

b45fa7f5250c25d999da645a498ac026
SHA1

85efc4e36a8c20e3216be0277e44407015578478
SHA256

54cda5369660312d06d75b34cd4333457a4cc9b5239d615f45db54e2ed02f4e7
SHA512

d96533a5c4053cbbf6b1b85da4fb0ad6ff851c672db8e3bb5a576201f7f51e58aa8bcbc51cb3b439634fb2d753b5986aac2f1759c990524c1c49dc3cc3d1fa84
SSDEEP

98304:xB/7jU4RFtmNMFK9UFZJOFtwC3xFfBLPvsUncTCPh+RHmEPH5mf:xBc4QNIwUFZJaDhF5js4cmyfhk

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.artsplanet.pesoclocklitefree

ioc pid process

/data/user/0/com.artsplanet.pesoclocklitefree/files/brews.hyt.wfer.jar 4759 com.artsplanet.pesoclocklitefree
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.artsplanet.pesoclocklitefree

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.artsplanet.pesoclocklitefree

ioc	pid	process
/data/user/0/com.artsplanet.pesoclocklitefree/files/brews.hyt.wfer.jar	4759	com.artsplanet.pesoclocklitefree

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.artsplanet.pesoclocklitefree

com.artsplanet.pesoclocklitefree
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4759

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/.com.google.Chrome.8eGC9C

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/Web Data-journal

Filesize
1KB

MD5
a810e356531d0bf273bc3d77452b83d2

SHA1
c9191909823d15737ca2874034f04808134c661e

SHA256
623af7de6b27afc62356e03c98897406fd4590028c9910e20f1c9503694a3360

SHA512
995f3afe14e3ee9cc99e6302427c9c6ed5b86065af60d9a173ccedd29e40d639918986c04c54acec5b63b528cc0c2033bdf2079f382f7af23a4f30e06b16ce38

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/metrics_guid

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/metrics_guid

Filesize
36B

MD5
c405e06ace91138ae60784330c32a3ba

SHA1
17c375a5d057b992f75d88acea94834352a09731

SHA256
43f295ffe16de0c1723a39907d3bd8453ababa033e894fa375b5c7e11c23c4ef

SHA512
bf1f400da31d6977dfa6aaedccda4b5f3c62d441e3e3f386eedd8c6204f39ea65f9d3a5268431a73896f564dd3b730714d201c7d700b81fea2bc9ce6da212f5a

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/app_webview/webview_data.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
f7309f669d884fa69b4b9d9b189c3ea3

SHA1
da75f1bf9a3aac86114dea45723b68613b07ec1e

SHA256
ae76d3a1beb4ea76afdca457d795b2291d03f11f0aeb8234eb99ce4037cca06f

SHA512
4f6a8a504c40f4a4ef9eaf01c1b7c885597a7d878a1621ce9e07367f540b671b32ae3383220a57e99aff5b6975084d63d8aae0b20a92547183d718f1b2220b48

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
569605c98c9a8a5aec349f320cb4da71

SHA1
5146aaea6ef18e605513e58acf0fa078b80dfe11

SHA256
8a732d96f679605b2081761b9734852ad8d97aa789c0eabd633b4bba4f15bcda

SHA512
175eac3eaf8a1b177f83710875d6cc6c244d4de49759040d15d0156803b2fa6f71eec4730de97638779b348e278e2e2077da649db83ab741ab44fc04a1e098d4

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/files/brews.hyt.wfer.jar

Filesize
216KB

MD5
e2fd482b4554db4051460458529fb09e

SHA1
6a1163ab52e5dc9dcfee7fac7e283089dc1616e7

SHA256
252654ac814c2e618a14c33e0fe23bfb06c89ab99534f78bcf895a534fba9272

SHA512
8aeb2a2f223a5a0e3a195fc0f9ebe399f5b3d83866e78283230daacbbff86e244da500ddbc14c2726f9e8fcd5f74b1cd2b928132537dcce51a745f70c7844afb

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/files/brews.hyt.wfer.jar

Filesize
421KB

MD5
82dd84333c519cf97806339a5f05b1ac

SHA1
d85c4cdc8b73526dc860b5e6df4a2125bfa77fe3

SHA256
768b9a242306b1560837b3a0ef1a93773617fcc80d4b9333306d4be5bad9a8a2

SHA512
87b3286157bea723384720fcb4f06d9f47a2fdc3eae76c5fa68877c44de9927f0be1c9ff80bb273805f1b34f936f02d3869c1e977a6d2718646527ec1579f900

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/files/gaClientId

Filesize
36B

MD5
c66856237e40e4f0021de89179c65e45

SHA1
3f96ac4e0ee344fd6148c39477052b6d0620081d

SHA256
47639836322daa7a4bd8acd2f232d146e1d21cd4bdd387c4abbc7d54e9286aa9

SHA512
32ad84e3d189f32f5a3dc4a4d4bd76a0129cbcb746eea9593d77ce6c0eb589eebd08c0b1ace883a73a2840b53db95177ad959c855858908b7cdd9179842e0e8a

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/files/oat/brews.hyt.wfer.jar.cur.prof

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.artsplanet.pesoclocklitefree/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads