ac1a3f73aab11a1b825df7cab1557dea86c7bc9528419bcea9dc4ae0a54579d8

Analysis

max time kernel
2994806s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
25-11-2022 21:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ac1a3f73aab11a1b825df7cab1557dea86c7bc9528419bcea9dc4ae0a54579d8.apk
Size

6.9MB
MD5

2aa074e1d188125061feebde6365ba5c
SHA1

1d7c8aacddfe000440813e6568f90ae7a782142c
SHA256

ac1a3f73aab11a1b825df7cab1557dea86c7bc9528419bcea9dc4ae0a54579d8
SHA512

45874812b70d9170b5f5c576f41a1a1636faed320b4bf7f8fe8d7dc1ea35b97722909097c298a410654fe3b918353a2c938d4866ee497b11a5e43529926d0a0a
SSDEEP

196608:rUMrx8qCxurWcgXMBKtsH/Hnx0byBW1Ze+Ivfk4H:rUiCxurWcgBg/Hnx0Osre+Wfk4H

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.icloud.game.wrzjh

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.icloud.game.wrzjh

com.icloud.game.wrzjh
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4112
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4223
- /system/bin/cat /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq
  2⤵
  PID:4337

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.icloud.game.wrzjh/files/act0

Filesize
148B

MD5
2c39a433cc722305be7022c14b5ca81a

SHA1
d96fba3b80852e07381f7791c138273f2c9be667

SHA256
85a466bd69da7c2a794812a1eceed2ca98f3dcb82c6e57626ad6cef57648a55d

SHA512
bb39f552a3d4d424c3d62375082ba5b5f9177785d77958b974a8da8ca37bfd01d3519aacfa336ff12f5b9ed405537119c6314a951c12de1edd2caaa59dad3d6b

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/act4

Filesize
313B

MD5
5132e4e51f74dc1c85f20dcca113cf0a

SHA1
76e0b4abfb166a583e5134e3eb6440be1cad33bd

SHA256
445e6cbca5c63ed07c20a629456881cf0e8fb2e3593981811d88427d9dcbcac4

SHA512
5cc0129998574e95fc2fd9547a7931b525df9333bd7161a5b93307a3e3dc869d543af3fc6495b81525aa914c9c5f60be8ca786dd6e8e28a1bce21a01a76d0069

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn2

Filesize
199B

MD5
6ccc3cdbf6691e6cd2455bc2ed505ca9

SHA1
37af5ac6d94aff65476469ca8a854e89a6ce2896

SHA256
45b27ab04002b99ac13ffda7f9f2d1b3529bb77358b4e7f7f8327359b03b27f7

SHA512
c7ad5d59b11cd315162349611e7b183ef4661bc3310e3e47ee229dbef65a5f7ff4f2b3e9d019ec73aed8ed6a0a7b189b15d6041e17b1e221617b83943971add0

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/evn3

Filesize
128B

MD5
30fd8ad60ab80780138537590ee9829e

SHA1
834cadb18abf52286a5d7adff7ea599c52039cfb

SHA256
bda4a3c7abbe0573eac99487f0279c72ca481e4d1a32e7294df0160656bd96db

SHA512
82a38256fa7173f17bae0053d35735f57f97032c9c3a4e76466a1bab30e80fd8e2fdf8b15121b0669ea49365696d793c3b702656ea759747b577db4d52a37f9d

Download Submit
/data/user/0/com.icloud.game.wrzjh/files/sys1

Filesize
538B

MD5
7ee0dbf7e930d9d33511cf4e10bdb75c

SHA1
5c5ef4dac102cf9adb1796a246692d4b407ca959

SHA256
aad364ef5878c484ed83fc6b0d187d085cedf81a60c45a3e13410a785146e170

SHA512
e436554fcae80cc870bd2fa2e596056282ec03dba6b183667d72d76b7d5a42e46ad847e73bc10a4a3da11ccb1422386646c404b10ebc1097ebbc4e9146911e06

Download Submit
/data/user/0/com.icloud.game.wrzjh/shared_prefs/APP_START_TIMER_INFO.xml

Filesize
117B

MD5
7afb59a98b77543c9c5bb1f136ae7cd7

SHA1
6341c7a0b8a86e2dfec9fe76b66c85f54e83a52c

SHA256
c096cb7ff1f1387100c7e542c83f26395ad1953cf1d3e816567f80db00e96236

SHA512
8dcf9d8691135dc6e67ea46013afb6e2a77b7559b5bbf65e159988deb4e2ac3f7b29f0a48d904cd733cb4178ddb3b4e163443b7d22b5e782bc33b5b921012f52

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads