Overview

overview

7

Static

static

7

97a6b7d322...1d.apk

android-9-x86

7

Analysis

  • max time kernel
    2950814s
  • max time network
    157s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    25-11-2022 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97a6b7d322e57a659adfd7537c5e420a61ba63a1ccc59a9c41e43d7b0a0bd51d.apk

  • Size

    2.4MB

  • MD5

    996daa175d11b5f0c4ef3c368510c0ed

  • SHA1

    d571d20fdcb7093d8de6a24368a816413219b459

  • SHA256

    97a6b7d322e57a659adfd7537c5e420a61ba63a1ccc59a9c41e43d7b0a0bd51d

  • SHA512

    02bf1efb3a459c52b9c2ef53c9989458704834028788bed9ad69acc52fcbf7c02185e9725adbb677100a92dd5e242037474f8976bb61db3f8e25c7e6b430e82d

  • SSDEEP

    49152:6wJFY0VVzQNups9t8u+rmHiEmVG6w5PjAsTMXkbrJD:9Ji0Xsv+6HMmJjAsT5b9D

Score
7/10
ransomware

Malware Config

Signatures

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests dangerous framework permissions 5 IoCs
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.ly.tcmy
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4058
    • getprop apps.customerservice.device
      2⤵
        PID:4180
      • /system/bin/dex2oat --debuggable --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --debuggable --generate-mini-debug-info --dex-file=/data/user/0/com.ly.tcmy/files/plugin.apk --output-vdex-fd=53 --oat-fd=54 --oat-location=/data/user/0/com.ly.tcmy/files/oat/x86/plugin.odex --compiler-filter=quicken --class-loader-context=&
        2⤵
        • Loads dropped Dex/Jar
        PID:4345
    • com.ly.tcmy:milipay_sms_v1
      1⤵
        PID:4213

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/com.ly.tcmy/databases/DD.db
        Filesize

        24KB

        MD5

        3197faca0c97295b3739999fcb31bb5d

        SHA1

        42c2c61948389479894f08218d135686991b03a2

        SHA256

        aebcba6e66a598e81e898c96405e68d2e8813f3ecc6e133e60ad3587f6a53275

        SHA512

        73e2f0bd7c01068ea889762449eef1cfd4926648b7f8fc1c59a539fbde6589873556237ff97befda11835a8a5e98e42556d5ced1d94ca34b738b4bc7c9e25225

        Download Submit
      • /data/user/0/com.ly.tcmy/databases/DD.db-journal
        Filesize

        524B

        MD5

        3fef30366a87e5d3fcc3c76cca6f85ef

        SHA1

        b10e0f25453f7afc22491e20ffe738865a349b08

        SHA256

        8f37ba06bbc3b1e4e2baf33e7d37c23440d448c8f828bc3bae8b9ad4b12ea6d6

        SHA512

        b27787a15ff166c78d0f33703d1c731353e344d97528fc774a627ee94c86cf6483dafc54b168d95bbce244a4f4d9160cdd69b01919ece44ea847ce93dcdf019d

        Download Submit
      • /data/user/0/com.ly.tcmy/databases/DD.db-shm
        Filesize

        8B

        MD5

        7dea362b3fac8e00956a4952a3d4f474

        SHA1

        05fe405753166f125559e7c9ac558654f107c7e9

        SHA256

        af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

        SHA512

        1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

        Download Submit
      • /data/user/0/com.ly.tcmy/databases/DD.db-wal
        Filesize

        40KB

        MD5

        30609ab4ae3fa8fc8c8beb3b1a786fd4

        SHA1

        3808eb59aaf9860f055ae8a6b0c037edb0144bdf

        SHA256

        0bc9d81b6ad78143a7a8114c787d541a5171f5f54092162e2fca1ca5fd60c07d

        SHA512

        9b32f91c4ce89221f29e4c269160c7a971a3274f595629a8bc6f48c578662ca07161b4caf91d513019ee867f5615c23b43511950dc20dc649a651a5c74f643c3

        Download Submit
      • /data/user/0/com.ly.tcmy/files/libdmsmsiap.so
        Filesize

        38KB

        MD5

        8880f1724ef530eb6635ec6b51e800d0

        SHA1

        398d6c6d3df2c4f2fce11103b1d2f52c7a728749

        SHA256

        13bfb9dedc1b321ce557da5c338bcfbdcfc458fea8b290a1ef88319da9495aec

        SHA512

        8735e03c227c37050ad4c727fca036dffbc1fbff5d9904d2a47cbe57041df60677b13159c5857402a6d96ed15103650ac3c0082810d54d4ebd40a90752e0dc80

        Download Submit
      • /data/user/0/com.ly.tcmy/files/oat/plugin.apk.cur.prof
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/files/oat/x86/plugin.odex
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/files/oat/x86/plugin.vdex
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk
        Filesize

        100KB

        MD5

        cab9b8f770114d15ed02884c99dc35a0

        SHA1

        348ceba3fee200e104808019253f887f896b384a

        SHA256

        b6bb16a05d03986e24c3cf3fb5699e62c8b6f79ff87a1bfcf015ef44d6e1725c

        SHA512

        f4a0fc739bedd590a3d566ef128437c7bec7c99bfefd395bd6a6c0289f984f260b5bc0cfc17da9b15d1e4c3de4226312e592f786d95e549b5be6bd7f443ae51a

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk
        Filesize

        163KB

        MD5

        81e64540848fb2409160838dba7e4e78

        SHA1

        93fa0283da753581f6bfedb9ec6e2c43597a72d4

        SHA256

        26bbbc7fe2b7ccfebc15c5ba9f6d6497f9446e9a802ef46c0e770b52bfb8cb4d

        SHA512

        fb2565eaf7d417dc9f62ffb266eab2ed5a4031d010f950603774fe696a3c73b63203f0fb714c9a045101ff13631a2305695204a4c0cb05e47ca4bc5a863e93c9

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk
        Filesize

        163KB

        MD5

        81e64540848fb2409160838dba7e4e78

        SHA1

        93fa0283da753581f6bfedb9ec6e2c43597a72d4

        SHA256

        26bbbc7fe2b7ccfebc15c5ba9f6d6497f9446e9a802ef46c0e770b52bfb8cb4d

        SHA512

        fb2565eaf7d417dc9f62ffb266eab2ed5a4031d010f950603774fe696a3c73b63203f0fb714c9a045101ff13631a2305695204a4c0cb05e47ca4bc5a863e93c9

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk
        Filesize

        163KB

        MD5

        81e64540848fb2409160838dba7e4e78

        SHA1

        93fa0283da753581f6bfedb9ec6e2c43597a72d4

        SHA256

        26bbbc7fe2b7ccfebc15c5ba9f6d6497f9446e9a802ef46c0e770b52bfb8cb4d

        SHA512

        fb2565eaf7d417dc9f62ffb266eab2ed5a4031d010f950603774fe696a3c73b63203f0fb714c9a045101ff13631a2305695204a4c0cb05e47ca4bc5a863e93c9

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk.x86.flock
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/files/plugin.apk.x86.flock
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/files/ypay_report_201.dat
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit
      • /data/user/0/com.ly.tcmy/shared_prefs/r.times.xml
        Filesize

        101B

        MD5

        e1ef566249ba7c829ebda3149f605e76

        SHA1

        505f2a0c7c6a3375f586ce4a2135c1f954bd85b4

        SHA256

        072eca118e60a7a559d36431f0492232d1ed8753c0654c95910b9180bdbb66ab

        SHA512

        5c836ada1dac78f358354876635e58890a9ad2152842ae4190b362a549d23b0a8913168529a948202120bb9883544d901eded1f28739e899c35bdccbd53e8e35

        Download Submit
      • /storage/emulated/0/com.s360.start.times/com.ly.tcmy
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit