02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889

Analysis

max time kernel
2951615s
max time network
156s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
25-11-2022 11:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889.apk
Size

2.6MB
MD5

412618759e88ad1d9f27132f3123ca71
SHA1

9357d591d70c8b847d9c9bc253691527e0b2df2a
SHA256

02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889
SHA512

9ef56b41a576fd4d0692dfcb994386aa4ee2cd952b68e30082820e1d55bae1df7d55a4137f98d3ff10d56911c88455125cf4900f13e2c18c67bc11e0618473df
SSDEEP

49152:GiuIV0wTSUSzE3IcKh8USsZerSEgmr7xbyJQOog3dyWBu//HHIsBIyisaKsvG9tD:GiuIV0wTX3IcKKUdeOmr7xbkQ5gMtHHh

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

vn.soo.zalochat

ioc pid process

/data/user/0/vn.soo.zalochat/cache/1582435991586.jar 4752 vn.soo.zalochat
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

vn.soo.zalochat

description ioc process

Framework API call javax.crypto.Cipher.doFinal vn.soo.zalochat

ioc	pid	process
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar	4752	vn.soo.zalochat

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	vn.soo.zalochat

vn.soo.zalochat
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/vn.soo.zalochat/app_webview/.com.google.Chrome.DDNvsN
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Cookies
Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Cookies-journal
Filesize
1KB

MD5
72a54534d66280787f1a26d8353de317

SHA1
dfe109da16c75a1d49b7858d0302b98e1a67049e

SHA256
ff8245c555edb087732a901a1c0eeeb04be5fb6000f7ad3f73cc031ebe921659

SHA512
4d0fdaa64baca6304e01737815a4c2b2a3601c231d28eef8f366fe9842c3281a43634a75fa27e96513b520a8630f22ab9c482a5518ebbf8951f7c5d41c5c33da

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/GPUCache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/GPUCache/index-dir/temp-index
Filesize
96B

MD5
783ed37efcb59b2245cfc7b8e486d64e

SHA1
bdc968483137178633e70ebed8ac7f55c501c4c3

SHA256
59372e2e70106e2beaf7058482a0279642d23f7c4b826b80e6798404600277b0

SHA512
3964977fa939de88598eda68c1f86c8a52f846e76f6318b17efcd354ac9a9b8acf154dce5bfd2db787daa3078b14237ecb9a8a3e8b23b55f016e2539fe906288

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Local Storage/leveldb/000001.dbtmp
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Local Storage/leveldb/000003.log
Filesize
261B

MD5
5e85984bf60d553696fd8e45a6212bd8

SHA1
6546344a284ac1ad0f81954822c1632e820b729e

SHA256
624530906734141ba28ea96b043cbbce50c71b0b241f0f26262b68b2ca0fd567

SHA512
1a2569d3b5b4c4f298a5b7510402c43e4d886ce741b374399e38337d03a0d48946a359fffaf9aa919c34de12d0be5d853f37ab100577b5827d3923d4c7dcbc1e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Local Storage/leveldb/LOCK
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Local Storage/leveldb/LOG
Filesize
70B

MD5
261c0e369fefc446c8b686b540dee990

SHA1
77b5d35701be61bb8dd3ba6a2b4dbfd88efe81f6

SHA256
df0da297d0fe31b03dfec8b573c9598f292ab0a1323cc1840f65679116cda1ab

SHA512
328c426ffc636021fe5c26f499b787a4daf7d658f83e81f9df22ca269a1171a8560a92a1c96d36df4e2a5798bf35ffa9171b8195f01f0078337b24865cd268c7

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Local Storage/leveldb/MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Web Data-journal
Filesize
1KB

MD5
3d43a2770618d867e6f938b402e0922d

SHA1
be4180b2d77c1349982baf214673f0f1f1d45ca8

SHA256
1351e61ccbe60c755323f60c3d26be5f983f84a8b828faf0692bc902ca54116d

SHA512
b0a0a5d892347ca5ec0a0dea616d4748443bf1f318b92d80b4a7586eb8f7e326b7ee962408c79286753d94771d2eea94153d393b7f32af0b22b6bb5f9fb832dd

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/metrics_guid
Filesize
36B

MD5
671f495bb724c5d86869df94354ab776

SHA1
43e6bde1098ea483c849b9fcbb3221bd1c598e9f

SHA256
0fe96929778ae342e2b19f5aa9f1612e0f822e430d35341012dd2b42859f6e33

SHA512
64a85641e17269a4973ef6fc931168c62f8b6a5592c702364c367b64a33f37e07952740a6cbfe8467ae92d2b84f46f29c0d8c5ca63d8a709b22df918381990f8

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar
Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
d3fff0a1d8a3955e9300a01630d418fa

SHA1
d039a77d9942869dc0dff0287a68847eb4dd4834

SHA256
76762f0c1027f9088326e02b9b3502cf8a9a85158264fd8a6b618652e165122c

SHA512
4e4dc875592629b79af4e156ab499dc76e92b372f5cf5dbba4092f330e91dfb9f6890683ee5ac9123559cdc4a9c89a4c3f06dd398d18ef4e881f21edeaad290b

Download Submit
/data/user/0/vn.soo.zalochat/cache/oat/1582435991586.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/75aad0ef03ae2d91_0
Filesize
294B

MD5
9eadc4dca5f4c78b547c175a528b0c3a

SHA1
feac273c0aa8e138208ba778978b7a6cc29f8fb9

SHA256
4931f01ed440e120cf97508ac400ee854e706b09e94cd5fd0be851044da5a705

SHA512
83c3c019ad55f50926f90f5fe7143d9ba74d6ef7e37ceb366dc176486461691ef46a211cdd10617b9bfba2bbd82723bbdc7c3d3522c1b34911ab91db9a10b4bf

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/Code Cache/js/e06cc44686ac5311_0
Filesize
548B

MD5
3fae4f9b9c730718636fc30fdf1a70f2

SHA1
ddc41a58fb405e05153463adf8e9b26b0cbe4fea

SHA256
e583bfa41b87cce9677285ef09b402c5226218b89630f8286ce48880f59a1de1

SHA512
baa997ea01483593a7149e800df2eeef052c805e4f36cf21c7bd24890bbe37bc7de2c7d34559cfe12bdeef8efe458a42abc59f3d72874aabed568f6df2f65a4c

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
144B

MD5
e6e4a7c375b37ea7ba1dfc55ba9a31f7

SHA1
038aa95e11ebc8d2316cb566d1b57abc211419e7

SHA256
2c513e9ccfb42d547522967823e8bcef0cd8d401b25b4cb770fc6c48fe355e59

SHA512
fd359a80aee3a3d0158ca00c3c9cd7669761c2223c942375e60028209c72e834388837deeee99819d9c5fd91e62b42a0eaae34f45f7c25cd92ea6bc372cdf337

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
0e8f35c6950a255080c3b5e7d8ba52e4

SHA1
ae831078f013e3e146cbede3daf537570dbae80d

SHA256
b319d0abf34261f4790305336e99615466cffddc6dcf7044d19314eef543cdb7

SHA512
108601e3e70076b596bdadaa83693057b1a95f9503e949bcf662d0a707ab8d24982ca9d7626e6e53314f96f109cbd1942ae5b23a7cc031a197f63363fc1d8a25

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/c41101269af94bb0_0
Filesize
10KB

MD5
71cff958398a1fab5ea47a36b353309b

SHA1
00f5989de9e5e8616ba86a6851458f0c2d66a007

SHA256
620b69e8ce26c7a9f58997ec55f29c1ced993c93c4d4534d230086a9b0085950

SHA512
a6354afde23f1947e69af29ae950142d0f733902664fd6bc5db5787e21d9c945fb72f166b7d2f1edba1724e148ffb3d2b58519ce5ccb71e9684276ac2810334c

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/f038e94cb33282ab_0
Filesize
245KB

MD5
4a02be4ec2e62ee0df65894fa1b00463

SHA1
ef8f79a0e19591e948bb3a097f4fd840fca528d6

SHA256
0b9d9fda27d139c7591c4b1e4aec2465f01e384ea6d1afb0e55e208826b6e847

SHA512
54050c82a99494bd87b557f9d53a84427d385e89b34d06205b5ff328d80d6fb02ff96bdfda285881310f01e266fda2b35e8267ff6ed367ade81dd3438d165835

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
96B

MD5
1499280de0c8f9fe33bd372031bb3ad3

SHA1
2a5d7d51d2fceae12a2f2a390a40f3900263d9df

SHA256
bd9a82a853e0bb1893baeed5b85867d67cd28feda3c3edbfc3490c6fac3a6fb8

SHA512
c6a22f31aa214f91ed12194eab4b3e7b759067fefc4a5f55552a4d34f3ac0c746ecf0548f144b4f310741893e2c5c97cc3d000db46d4a8d5ccbaf96b240c791a

Download Submit
/data/user/0/vn.soo.zalochat/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
192B

MD5
afc3085dea3180640dece5d1c9dcd05b

SHA1
d4cff63904633dc7f9a2df21803d4039f244e1de

SHA256
be6a45cb661b8ee56352c32e9518a1851a984d5aad36dd89e68d5430ea31f8aa

SHA512
a385ffbeb8276391e715c4070d9252232d653f8f4239ad50765535a9bf3c955acc3410795c8c08f2079f52a392bc1e14dd94370d8152ae78b2d5d8ab19f4d4b3

Download Submit
/data/user/0/vn.soo.zalochat/files/gaClientId
Filesize
36B

MD5
24c0d026dd651a3e2a7523b6e8bf65e1

SHA1
562688dad4a4ac70b6e856d76f42256940fd864a

SHA256
eb18e7fc5c83f77d513d294ee536c266bd242a81a67cbed3ca239445179d31a6

SHA512
7749b5c06e45c5d0e869fdc18b008f015327273dcb678461152291fbdf3b7e2be1065fd858cd20c8ae963505c2cf1dbe0b41c591e011559f7c70b1bdaf6aa9ca

Download Submit
/data/user/0/vn.soo.zalochat/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/vn.soo.zalochat/shared_prefs/admob.xml
Filesize
133B

MD5
66b66713719c06fc25cbc091f63f8f3a

SHA1
8006e3d16ed193da60144805b91edd59b3549c20

SHA256
32efed306766b431bc82a70d44d5d44e0ec5a44d0b26d1084b41c77fb8d35c23

SHA512
e48b492998d19cb3e747fd01a64664a699a961b38ae32d60ed9327b7f0bab69e951907f51a03c39a82ee6bba14999dcb541286a7e4e2ec7795dab468ed3844d2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads