Overview

overview

7

Static

static

7

fd5fa6a0b6...be.apk

android-9-x86

7

Analysis

  • max time kernel
    2951088s
  • max time network
    143s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    25-11-2022 11:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd5fa6a0b6e66d6adea50e65726844235db119c90fbd7a9a63f9cd4980b6c0be.apk

  • Size

    8.8MB

  • MD5

    b68cd28a135441f9e280bc44c094dfe5

  • SHA1

    18d703bc2aff166b625078aadb6a5ec823427d8e

  • SHA256

    fd5fa6a0b6e66d6adea50e65726844235db119c90fbd7a9a63f9cd4980b6c0be

  • SHA512

    ba8ba9b0c5f408efff004eb42798541d958a01255d8f5700a69edaece513114cbadf8d11f29847c33f4c4716d87c6498fe33d88c3f2e5e53987ad86b040d8015

  • SSDEEP

    196608:ETt8Qw4Xi2aIjPQDd5GcFaex3wROFviIAIqJdLRPIVTY2xsEed3r2X2Jh43Cew:y8eXDrQDqcFx9iIAIytIV0EE3r2X843+

Score
7/10
ransomware

Malware Config

Signatures

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • yct.game.ttdfj.zyf
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4089
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/1.apk --output-vdex-fd=52 --oat-fd=53 --oat-location=/data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4139
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/1.apk --output-vdex-fd=53 --oat-fd=54 --oat-location=/data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/oat/x86/1.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4206

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/1/1.apk
    Filesize

    13KB

    MD5

    bef9074b6db1c5d4b90aa277c8532b44

    SHA1

    694d95778bd6ba69b4e88877f06c304df37bfead

    SHA256

    02572318e210d4a2fd7e5bed60d0fdf9777020258583fd2a7fba79a350e14f0a

    SHA512

    773565c81720cb636a3a47e458081791166888d1c137a429261cbfaf214406d11750211f16fd86312cd95e61d082a2ee22064f3f47bff1487c5e55be54975603

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/1.apk
    Filesize

    20KB

    MD5

    e2bcde840d9f83a1c59f3592266df748

    SHA1

    50ae03d1a2711d5e19a9b2a3da72ff94dc30752b

    SHA256

    c138614fdd3e0b6c1dbf863822691aa03abc11e7fe3a4fa12fead7377beb7911

    SHA512

    2ee2783cca4596730354b397e242a9ab8446bfd29435921b93d9dca5136890bbbedcf66d7ab410e34c7763bca7b625e73e635e22e809d982a333f913548643fe

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/1.apk
    Filesize

    42KB

    MD5

    d51cb7b192e7d9df72c4d585e8d81509

    SHA1

    e27beb4db1e20ec933d7a8a5ef3261ba44dba56b

    SHA256

    945822784366080468abeb41d4e67dff89ff547676e6dd73fd1dd87783f0dc45

    SHA512

    7f1d73fb64017560dc18bc59ed87c50e6898fbea2345e77664ca8cb475b84fb01ac944042f96e0e9e0bbeca77a5a1e15ea4043eb359baa7529c6ca6a0ca014cf

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/1.apk
    Filesize

    42KB

    MD5

    da5986860536b4e0f34fa49735750fb6

    SHA1

    e65d6be14c262130c076d7740869b832fc9773e4

    SHA256

    5c35bf6dd4bfb8289fca4f8407e8679a51c8f12e3a145e911937147ac168f777

    SHA512

    4e1644a330ab326d6f9c9ac8515b389fb22862e55ad9834da8b89d75f0579529905304bff702be83ab1a1ef565192b6e4845a299c95f08016b67ae438a6636a4

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/1.apk.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/oat/1.apk.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/oat/x86/1.odex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.api/2/oat/x86/1.vdex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/1.apk
    Filesize

    209KB

    MD5

    5fd130367d5cfa5b51c2d03b07256626

    SHA1

    8c694f2e1b58d4512d62fbcdb405c88ac57104d9

    SHA256

    26e2b05a484a87d5d5aa9a8828b89628a983263c0875c5fed54d3581cb16204f

    SHA512

    9e68bb711cb4a934bc2ccd9076582aa37d05d2839f474d3f4ef34598e5a359e3188585334298e480adba61dcdd6a731d103a8cd54c4567e6f3d654fb667751a4

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/1.apk
    Filesize

    240KB

    MD5

    01304b8f1060312ca6c05222c704c45a

    SHA1

    9b4d388943451d16173f1c81421194b3b0e66cc4

    SHA256

    f9316d066cb147662de9773106bc54ef377bffbd92b54950974bdedc41e6dc46

    SHA512

    4006d103dd641a930b1049b477964fb49e5351e5a1acc6196a621254783642ea61dac06fd00119106dd08a96d0646fb40e6b3050bebabc57e195dd1993c0d503

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/1.apk
    Filesize

    240KB

    MD5

    6846945d82638657ca9fb849ca33bb9c

    SHA1

    b6511cd3724e0b3bef56cfa500bb8721d617fb40

    SHA256

    918815472ff8c2e8c640d4343d21ca744fcf226ac7819896a00de55eb3c422ee

    SHA512

    b7b6e9db3a7724ed5e31a8b358c40ef018f24ee54888c5e1e651ec9dab1dd5e6896aa70489fdf228a3f8a6f07abb554d74a77381d4f472f3f1cd050f24feba51

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/1.apk.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/oat/1.apk.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/oat/x86/1.odex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/org.tomato.matrix.plugin.help/1008/oat/x86/1.vdex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/files/repo/plugin.description
    Filesize

    1KB

    MD5

    73957a42971ae7da5ec47dcc2b23d9d1

    SHA1

    aedc88d5cf3f3d1de66c482d05bea6170cb669ac

    SHA256

    9084d75fe6d78864242c2714f0a8efc52ce1b36bb4ff13500a40fcd6ec3264c9

    SHA512

    93de4a97783da30e5ca3d103372559b4ae21059909bc7c682d6c425f5caf9e1cc69898353785602fd89ba0c8ec58d0151526d5a35ee8b72afec936d61677098b

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/shared_prefs/APP_START_TIMER_INFO.xml
    Filesize

    117B

    MD5

    0f648406d61ecd577a218ba02592c897

    SHA1

    b39884a8dbdc06791515441848c0e48d0b1fb19c

    SHA256

    ced51fdb6595d2077da6e0c6f434b9f990fae3147a3ac3fd849206adb7ad94d4

    SHA512

    9a5908bb95721b55f5b717a7dc3affbc3796cc8052050fad3bae924f224d9880ce07f5ff2a4c1f32c7303199a5c74a6fe432caeb1c54cf5d1fbfea9a72c9176d

    Download Submit
  • /data/user/0/yct.game.ttdfj.zyf/shared_prefs/tpservices.xml
    Filesize

    121B

    MD5

    d7ba1775a9ef1a99a6e139b9f7bcb62a

    SHA1

    cd674ef6e5e61626cb9ad2c0e4bb5bac13a031a1

    SHA256

    3ab33dd09ef4f8be7bd3492d55686a05a92122d67802a2dec73dc553cdb3a36e

    SHA512

    bfd6e785104542627029a95281344b90646c487b372975d38bf4cac6adf629481fc9871daf78615d57e98e038175ab7939527870cd42de6f8fddb7c6e9f551cd

    Download Submit
  • /storage/emulated/0/.tpservice/tksetup
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.iplugin_V4003.apk
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit