Overview

overview

8

Static

static

7

847bc07585...1e.apk

android-9-x86

8

Analysis

  • max time kernel
    2951605s
  • max time network
    156s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    25-11-2022 12:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    847bc07585f3e9427e9a47d1a06a644e6290a8d45c560f9727fa3251aee99c1e.apk

  • Size

    724KB

  • MD5

    94a08b2ed11c553e65b4ace27bb08e44

  • SHA1

    42139f9f5c9e8e7c7836802e72d05aede2b72dff

  • SHA256

    847bc07585f3e9427e9a47d1a06a644e6290a8d45c560f9727fa3251aee99c1e

  • SHA512

    088a719199338234fef0d9f8b572d580ee6655acbdef3178f92f6c670304b79c5eeed929a242c4ed812727df4442aa1ddfb6ba2cd0e3ed67b3d29260d463575d

  • SSDEEP

    12288:28IbpO2X8zY0zRMqRjk39l4ZxB4YccpBWkkydYM86q3WN9FoNwouCaK:h1g88Ckf8CcpVuM8Rwmww7

Score
8/10
ransomware

Malware Config

Signatures

  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.android.example
    1⤵
      PID:3973
    • com.android.example:remote
      1⤵
      • Requests cell location
      • Uses Crypto APIs (Might try to encrypt user data).
      PID:4067

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.android.example/shared_prefs/pref_key.xml
      Filesize

      134B

      MD5

      12dec3641df9a4a6b033fdf1782c6aa9

      SHA1

      eebc71628e43c2ef5bcef88b5e51ec8cbc1ee8d1

      SHA256

      c2fe824a517a1ac38b5b34d638decb1767fce091068888fccc040eaebb402181

      SHA512

      a349f98c79352b171c25b3415d002039fe149ede65c1d86f84ed380f7f8758394007bbec5ca8164e41b47155ce2304df34b5d571b995ae0b2ff255a8d64815a3

      Download Submit
    • /storage/emulated/0/baidu/.cuid
      Filesize

      89B

      MD5

      191501757376168099d59cc106cb496b

      SHA1

      094cd5e3ee5eef535a8d5ac250d33759f64abba2

      SHA256

      9ad830de082c7faa7e45a9b3ac36ddd871114ef7c414dea1bd121f436506e582

      SHA512

      66acaa826de6b8367df7b37d38deacc5d88d1309df5fd6cbea4229cfe995d647bdce034b0d6ecade8c44c1213829eb657cb29d0c423b22034185d9108e4d9f40

      Download Submit
    • /storage/emulated/0/baidu/tempdata/con.dat
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /storage/emulated/0/baidu/tempdata/ls.db
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit
    • /storage/emulated/0/baidu/tempdata/ls.db-journal
      Filesize

      524B

      MD5

      9dd11c1aa74789ffecce4709a95ed06c

      SHA1

      7e9dc4f6c2381a9e5a524d952b29afcaa2196759

      SHA256

      e7d211f503e865ac9f83f3832bb8eb65c2c860d2b34037add4f75e85014d56fd

      SHA512

      dc067d7e248e8bcb4ff9bf75decafd2476aa8ec2448e316ab7ee68820540fb376ad740be03d384ae919c00e51dbf36685af4ed23c8dc14f7464f207aa5909611

      Download Submit
    • /storage/emulated/0/baidu/tempdata/ls.db-shm
      Filesize

      8B

      MD5

      7dea362b3fac8e00956a4952a3d4f474

      SHA1

      05fe405753166f125559e7c9ac558654f107c7e9

      SHA256

      af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

      SHA512

      1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

      Download Submit
    • /storage/emulated/0/baidu/tempdata/ls.db-wal
      Filesize

      32KB

      MD5

      4692ab928158c4748905bbd23f72b3b9

      SHA1

      f536d963b324b8c6624e23728bee1288d843b9f7

      SHA256

      f934ead743d86bad1be226ad84e6dbfc83e4e4393d1b17d6fc86f3c9a2c67574

      SHA512

      44390a96f2e846df516b74d62391cd9d40517e0be848bb9937a9acecff36fb0b8ce5d9456da0d4af96ae237324a5b0c647cf7f9088f54fea227484e79ed838e8

      Download Submit