02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889

Analysis

max time kernel
2951601s
max time network
156s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
25-11-2022 11:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889.apk
Size

2.6MB
MD5

412618759e88ad1d9f27132f3123ca71
SHA1

9357d591d70c8b847d9c9bc253691527e0b2df2a
SHA256

02ad9327bce6a0558fc9451eddac678846454bf92ad840d2387831d11b802889
SHA512

9ef56b41a576fd4d0692dfcb994386aa4ee2cd952b68e30082820e1d55bae1df7d55a4137f98d3ff10d56911c88455125cf4900f13e2c18c67bc11e0618473df
SSDEEP

49152:GiuIV0wTSUSzE3IcKh8USsZerSEgmr7xbyJQOog3dyWBu//HHIsBIyisaKsvG9tD:GiuIV0wTX3IcKKUdeOmr7xbkQ5gMtHHh

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

vn.soo.zalochat

ioc pid process

/data/user/0/vn.soo.zalochat/cache/1582435991586.jar 4429 vn.soo.zalochat
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

vn.soo.zalochat

description ioc process

Framework API call javax.crypto.Cipher.doFinal vn.soo.zalochat

ioc	pid	process
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar	4429	vn.soo.zalochat

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	vn.soo.zalochat

vn.soo.zalochat
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4429

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/vn.soo.zalochat/app_webview/.com.google.Chrome.jYSqjO
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Cookies
Filesize
64KB

MD5
dfb2098ca7b3bf16d6f5f1e7d3839af5

SHA1
ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d

SHA256
e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224

SHA512
fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Cookies-journal
Filesize
1KB

MD5
2fd999a9da12f28f887d7e3346d69da4

SHA1
1145304b12a4b38efce773629081ce4eb84ac573

SHA256
d65e5621167b92d9578491c3e13debf48565e490196e0f0639b7d3af439f6dee

SHA512
6c6e482a78c52cd314742840d3df2676da99e624435039c4bd85f267efba3c5935ff2c5ed6df3a65ea85d615f207cd617bf5b6efdb35d8168702612fd9309fa6

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/GPUCache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/GPUCache/index-dir/temp-index
Filesize
96B

MD5
b8c896d213722c26d74c3933d5e958c4

SHA1
1758ddfb1c83a72f07901649ba5a0158a8f34f50

SHA256
54e0937d312b102456e840b39ba52810f0cc39025f26c568e12b884975d5697e

SHA512
8aef503d3044f273ff74a09d199ab04309553169e6a5908775eb8bdce1defa367b26fe5e9f76e2752d96ed74db4ec41a39bd1e0cd93a8093a649836f94c1b4d1

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Session Storage/000001.dbtmp
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Session Storage/000003.log
Filesize
61B

MD5
9f7eadc15e13d0608b4e4d590499ae2e

SHA1
afb27f5c20b117031328e12dd3111a7681ff8db5

SHA256
5c3a5b578ab9fe853ead7040bc161929ea4f6902073ba2b8bb84487622b98923

SHA512
88455784c705f565c70fa0a549c54e2492976e14643e9dd0a8e58c560d003914313df483f096bd33ec718aeec7667b8de063a73627aa3436ba6e7e562e565b3f

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Session Storage/LOCK
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Session Storage/LOG
Filesize
127B

MD5
28de31921ac983bffa68049217ae6928

SHA1
549b63d926c613295ce50843255a1669ba956dc5

SHA256
1e9bcf66b18cac3b38cf1d93e50609703903a4de8c58007fa15079744ec6015d

SHA512
7c979059f00e7747329272dc245ad61c2637f58c9571824ee919e471e1afbdaa47f6f2305666f526dcdf53a7c60917f3c8e9f3d8c73cade34d66f5578a477ee1

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Session Storage/MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Web Data
Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/Default/Web Data-journal
Filesize
2KB

MD5
8fa27233a258c1c82ff1bff0dc088104

SHA1
a2741da65878a44103c90dac2550b636cdb72e37

SHA256
e0b680a3dfcd746bd682bd626005d7dffcb229f479fd00381a6153c8bce2f288

SHA512
3d186810bcf3d369c038dc0a71e194c143d1411b01a7571958119b6303fd7c27b931bdeb09e287db14e6201cc46dcaf69dd5743824ad06dce2ff75d6ac378bbb

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/app_webview/webview_data.lock
Filesize
21B

MD5
4ec0f852abbc260bd0029ed1251cd804

SHA1
54d4f95c2d5fa65b7d50ad393b32a40a87e931bd

SHA256
47d4c09bad7f890f592c3952fc52be5586cfc09cb6043d57375f72959642a324

SHA512
bebf5abffcc24300b576ab0fc81b6eead45ecf2acf845126482d7cf7c43c27ea80e99f1c783ae73f219266c18cc8ba5809115ea9e1a26f946842fad1711877b7

Download Submit
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/cache/1582435991586.jar
Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
ff2d75a44c8ba54576cf5760c44cc1a8

SHA1
e1769be049ad0e785b01f39ee62091c9806f8dac

SHA256
791f593665529c8e86ae34f5cc5600716d49d417af9ce3b872252bc63b8a9a35

SHA512
739585f7b56cc1972ee1c842bbb48bb8b84323e45f0f75f76ba56c19d9488e414991fca363746282a7da83e0c3b925ebd2c7475578a476dde6aee9ba2ffa8eb2

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/75aad0ef03ae2d91_0
Filesize
294B

MD5
9eadc4dca5f4c78b547c175a528b0c3a

SHA1
feac273c0aa8e138208ba778978b7a6cc29f8fb9

SHA256
4931f01ed440e120cf97508ac400ee854e706b09e94cd5fd0be851044da5a705

SHA512
83c3c019ad55f50926f90f5fe7143d9ba74d6ef7e37ceb366dc176486461691ef46a211cdd10617b9bfba2bbd82723bbdc7c3d3522c1b34911ab91db9a10b4bf

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
91df1bd3b9700c4710f5f07895fe0fa2

SHA1
596fc4d04c83a0ae3e2b85685189a0c30294612f

SHA256
f53a3f5d19fdaa62a72c7a56b6f61c3f3e2d9b5e1d3e16478205e6a3ebe27b0e

SHA512
b54c1160aac85deb71a8bd2c23d0f530fcc7c1b84278035f8fe481744d8c035e451bea0f41eb10bcbd28bb2df5f6138d87a3a2d95fe2f494138b59bccf13980e

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
Filesize
96B

MD5
403551a2f9c11fa149239a3f578b46d8

SHA1
005a1b725956b005a9c7c8a22262cf6023810746

SHA256
8bfee7e5db9d8b5c9a73d85d4c1a4af8aba49ce8700441db39082f4345534096

SHA512
31a4713c9d7c8928333a202b3b39fcce1154754fe848a8733f4dc8a86027f62f00359f23fc529ca25c2669d50bbc4312b32ad2c018a221a67cdad2e81fdc6071

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/f038e94cb33282ab_0
Filesize
400B

MD5
a62b20c6608b3694260e345c1d80b467

SHA1
ea6bec313d9a059a7f4e1e72bf8cfbae621846d8

SHA256
6da95ae1acbfb719cf6466b2e0cbf3379ce393df0f2f7061acfd4048ccd3a929

SHA512
f68c3bfae54b8f75d56a63cd823e99ce8c6472db38a5120508540b4ecd1a724f29156f93dca5a61939408c74312689c0fc58084d2e2240e584c87d5a3a4bdd8b

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/index-dir/temp-index
Filesize
192B

MD5
98fdb53fe22d5e96b8dd9031165552ae

SHA1
749c106c440b9a2541886217991e08b5427faaa1

SHA256
ddd70fe3583e30dc34dd9141063feaac3c6378325720c151c8e65220d25dd6e8

SHA512
73907d2e31e2b350c637d6f71ac1f531b5469875f8b7a7c4855deae6f10eeedd00e105febc30b3f1602848c061043dedad75754280dcc231c6644cb7208f450b

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/Default/HTTP Cache/index-dir/temp-index
Filesize
96B

MD5
4162d56bd796b3a10613b4582889c6bf

SHA1
fff2ba85e0a5205ba7d0133e47bbbeb25d757232

SHA256
f98dd31abe9f9f59fcb46a6eab50d71b4ffafe1fdeb884b1767b1d24422b75e6

SHA512
e624f3a6a49b0843dbc2550bbb19aba9e9ba156740906229fe1d3e527a467c9083b32005f95856fef65328f69c7492063607307998bf6be8957c5d6f630b899f

Download Submit
/data/user/0/vn.soo.zalochat/cache/WebView/font_unique_name_table.pb
Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/vn.soo.zalochat/cache/oat/1582435991586.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/vn.soo.zalochat/files/gaClientId
Filesize
36B

MD5
4485129be02946ca8c76c523bf949079

SHA1
ee0863ad5b744615a07b1947b5bc491e29dbbdd2

SHA256
925e722467f1d709629ee3c392a2cd80ff6e28cc2d137e19186c3d7744e08594

SHA512
7e3442a83a807bc7441a919b9cf244977a9fd2e16b4d158a43a2cc4eb98db989ee765f9ffea920943158d67c3732d5fa8353dc997b0a604e425e141a3ed2f948

Download Submit
/data/user/0/vn.soo.zalochat/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/vn.soo.zalochat/shared_prefs/admob.xml
Filesize
133B

MD5
e912a483ab262f77b76a0eb640a51b25

SHA1
a8319bc95bb56133dbdb310d6188ac9c4badde40

SHA256
9aec5753dc2bbcc8da835c66ac43b26e26451559926ff6987e6f3066b5d6e5e4

SHA512
2911072d8e59cdcc7d17fae7e64239762fabb0af9439b2330221410819aa3a9f3680c74b252772b9538f84e0f9b8f684b3526af5140bdfa6958f496a58dbd573

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads