ac64c31ecaa58bf619ebc46c30e464e85a8d39e2027aba26ade6500be1a3cfe6

Analysis

max time kernel
2947104s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 11:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ac64c31ecaa58bf619ebc46c30e464e85a8d39e2027aba26ade6500be1a3cfe6.apk
Size

1.8MB
MD5

a987d32f2cb019083bb6e330b5ecf0f8
SHA1

7fbeee4580eb44d67568fe393630b84b0bc2d6cb
SHA256

ac64c31ecaa58bf619ebc46c30e464e85a8d39e2027aba26ade6500be1a3cfe6
SHA512

6a2ec4c01a36d504b884a7c034b0becf14949378a7f8e259e677ffe08556bbf30e2d31a2c1e053194ad4b6ebe9619599bdc7d9bf25b850fc912c755d8a130068
SSDEEP

49152:kN7b/njiVnb1qjXOsVhHNFxCGieORSt/0IvroQAdjz:kN//+R8SkHN7CbbyMIDoD9

Score

6^/10

evasion ransomware

Malware Config

Signatures

Reads information about phone network operator.
Removes a system notification. 1 IoCs
evasion

Processes:

com.beauty.shipin

description ioc process

Framework service call android.app.INotificationManager.cancelNotificationWithTag com.beauty.shipin
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.beauty.shipin

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.beauty.shipin

description	ioc	process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.beauty.shipin

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.beauty.shipin

com.beauty.shipin
1⤵
- Removes a system notification.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4113

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.beauty.shipin/app_webview/Web Data
Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/com.beauty.shipin/app_webview/Web Data-journal
Filesize
1KB

MD5
6f041882bd2b4470c07e713bdaa5c710

SHA1
50aff6f2d95e9146bf589b0aff60839aea4bef6c

SHA256
4f75c63bf066b895f015415e1d09e2771ef533bd4888590d650db7bb94180eb4

SHA512
208d65ba6b713f5d594c90ffef1514c45a8d5656f3a7b188555835eb78fcdbc96eea8e9982a7bc086b8cfeceb19ee9763cf1e6589b1c5c211c55bf7c25f16ec4

Download Submit
/data/user/0/com.beauty.shipin/app_webview/metrics_guid
Filesize
36B

MD5
1c3a77bf353b06197011431c63b153e1

SHA1
f2eab14122ef162a9e37ba7e360494e1b004b6fc

SHA256
75801efaade8e266cc60e2b70065049c01b05cfd3b228cfecc42307fb42ac9c2

SHA512
a2fb1b76e020f87541f82a36b61d44b433d830b33e73f06529e841af3080081d755fdf320473dc96ee46ca65de231bbf1f337a98c61701c0046bd60be962fecb

Download Submit
/data/user/0/com.beauty.shipin/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.beauty.shipin/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.beauty.shipin/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.beauty.shipin/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.beauty.shipin/files/__local_last_session.json
Filesize
105B

MD5
2485b5abbb074159e8acdccc0e0ff695

SHA1
637f0b7c42406fc47624eb56963e9c93b6998e63

SHA256
7aebd4ad0f0221f1f10a25e083dcc86d8a9652a8707cda7ab3a17ffc94435ded

SHA512
5e231ade9482bfa451c2f24e8a1f9dcf4e35667c0111fc695c4d0dca8f77c944713aad0110f04c020ed4bcfda65a08c5a6c18c5736a94808cf04a29cb6e6fd28

Download Submit
/data/user/0/com.beauty.shipin/files/__local_stat_cache.json
Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/com.beauty.shipin/files/mobclick_agent_cached_com.beauty.shipin
Filesize
120B

MD5
62ed5782ff237a522a957b181c0efbc6

SHA1
e79015c185960a5c6ece35c804dfe3ba3fb94409

SHA256
4ca28c5688625baa2ecc674bd78a70b8926c3f5099105cd40ac25720ccff67c4

SHA512
2393173578da84819bc926d1db1299df738c7b49a47be96e63493744f1a74485cd6af92f159b394d4b53a28a4ab67b55beb309b594e11987e63b0426ad6bcf85

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/Sys.xml
Filesize
106B

MD5
b178462d2cf3357b10484ce683be0cd0

SHA1
f3813bf732b99d58cee9712591aab21aa5b1f25f

SHA256
7a170fc7eb3548b52a14aa02d74dba3df910c716826facce34255dc7aaf13a28

SHA512
5ba0229d0182861e75d49938171cba48294501d875f7b933f508c4abb9c9be688b7a9b105b6fe4a5a688a042b4f97cc1ec0c9a91cf495e412119b2f2cde0da5e

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/Sys.xml
Filesize
141B

MD5
5c0b35c758ce5e14e70dc05e9ff9c0ff

SHA1
8b305bab3ea46c02779d2ff447ec8719feaa24c7

SHA256
bd46b013b58f527ea5933ece74cb94fd86109fe5a215b20122706335c5626afb

SHA512
b23bcad7064e23b5df98f58301f2f29f364a9e717af8055ef473d968c960813454ea085874116e77b770c6c9fbbd2208b676c1c03948ceba3ac2eab92a14e3b3

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/Sys.xml
Filesize
176B

MD5
db5d2d3e0d6b710be8dc23640955169e

SHA1
4a924e8d43ed02b168f9ff5f0afd314546ebbf4a

SHA256
3a0549455e84e0bc299643808867eee7b5c6dfd403d50bcaa2c9b9d474ffa215

SHA512
348b0e173b44ff5eb717af82369f563b9e0902ba0f606f7ba643dc4ce914787e95ef55a1913896fb5aa44745f577fe520d17932ad4d33136845ca3f079125eb3

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/Sys.xml
Filesize
209B

MD5
3e72e26848d38f232789bc35bb51d37c

SHA1
fa22c4864250376dcb70ae27dbb9aa2c803255a8

SHA256
f7a4dd6b65640b9d457f96eb385fc95be10b89348adf5c31209ead111263d744

SHA512
21e0987f0218c38f1521c1923a5542b55cf89574791dde4e5e6f262aa1029954779bf05679f96706ec338dfb331535c2e63eaa5188fbd6a4e6c1801882bedcd5

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/shangyanhui_preferences.xml
Filesize
122B

MD5
510515bdae08c3279cede61925d2760d

SHA1
14e12d699e00d30cb97a8d9d7f0a0c832f11de5e

SHA256
de4aeca88e449d5038b049d41cbc442c1cc453871d0386d4cf9845d75fd4edd4

SHA512
87684e0e1fc38285e4e300f26eb1f7e9d174561d8404846cd99e1b5f91a20489d973ccf493c2656e3a31844b24c74a5bf94e4fdc5a4bdf2269656f1015f6ce65

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/shangyanhui_preferences.xml
Filesize
163B

MD5
cd95abdf334788e46ad6d6cf7aa284bc

SHA1
d33ce3b8c46baacfdeca9af73f154489fa87f817

SHA256
2814f735cf425d7e3dc35c4eb759e6e1713cfec4434918aee576c18d6e2bf1df

SHA512
479d51c651baf071bb2fa54301e8206a828f341f32b62de487ec01fad3ce14bb6c9a9fd9d5c83a8d7e3d4732b38be44d4b6bc79fe83ff0900798401f95aabd16

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/shangyanhui_preferences.xml
Filesize
217B

MD5
4f5ed1e5ed095e92d46243cc2754876b

SHA1
d7f43f076e9f43518a4afe15b3813a6894cb2c7f

SHA256
e4554adb30e28cba07c231ac54c83b0cf59b0c9980dc454cbb5bd9b024156968

SHA512
9732b5cebe282fd8a799fdd136170034c1022cd124fa27da7068ae65e2f833dbef147a6ee3cf7a0582f0dff3f6a7186bde1c94111acc0d7c9f5c25cc60e74bd8

Download Submit
/data/user/0/com.beauty.shipin/shared_prefs/shangyanhui_preferences.xml
Filesize
271B

MD5
d07336a26320377321f222e119a49c21

SHA1
41a6ce9ea8bac05df0c2fbd98045322cc07fed4e

SHA256
a5c4e982924d30e7899f424f29991ce00a68180cc091afb236f6c948a7e91117

SHA512
687739f2131064b64a8c5038bcd2ecd09ce1c614e91ead57ce6504411168e55a0ca523a64026881022632fca5478593f539654a409994cd1587195f6f0454d22

Download Submit
/storage/emulated/0/Android/data/com.beauty.shipin/cache/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/baidu/.cuid
Filesize
89B

MD5
8f6b40180dd6f675f0381eb6e88b7583

SHA1
8492495dab4365a4fdf9b86b32ca5a331926268e

SHA256
ee6c68ad2320a7e943bbee4735a92d699d43f2926b47c3824ad2e16acd976b4b

SHA512
2e49c48fbbb480fcaa9c04ddffe64cb03b683f810da4c0516697ec4434b2e8cbfc653592eb9e07cd53d20b28f4ea6697410575855a0a409a585a1bdbef8df489

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads