200920e83256a47e22a0fab1de4048fbc3a164d5ce3ade7e9f64a19dd0c29f62

Analysis

max time kernel
3023067s
max time network
149s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
26-11-2022 01:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

200920e83256a47e22a0fab1de4048fbc3a164d5ce3ade7e9f64a19dd0c29f62.apk
Size

2.8MB
MD5

cdeea79978ea539f7115d2bdf48b490d
SHA1

504bbdac11ed81327a23536e5c374cccf894e511
SHA256

200920e83256a47e22a0fab1de4048fbc3a164d5ce3ade7e9f64a19dd0c29f62
SHA512

71723a2b64258096441666aa8f6c133c77a634cc21f6df3795f62126a2920afd1f5ba2658e2bb275a0823af0d360659f8767b21e38d31f09c0cd99c7cf0abfe7
SSDEEP

49152:ArpEORyWGegdd4THe+/GhEa05CsOKhTfgqvMTKat480HHF7thsI9lK5dw0PxSkAu:ArhRyW724TZOhEagh5FYsvC480nF7DvI

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

org.kx.popstarxwhl.xxl2014

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock org.kx.popstarxwhl.xxl2014
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

org.kx.popstarxwhl.xxl2014

description ioc process

Framework API call javax.crypto.Cipher.doFinal org.kx.popstarxwhl.xxl2014

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.kx.popstarxwhl.xxl2014

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	org.kx.popstarxwhl.xxl2014

org.kx.popstarxwhl.xxl2014
1⤵
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4093

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.kx.popstarxwhl.xxl2014/app_/firsttime
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/busybox
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/cd
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/configopb
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/core
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/install
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/install-recovery.sh
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/libkrjni.so
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/librgsdk.so
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/mksh
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/recovery
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/sr
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/app_xxx/su
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/Data/pp2/configopb
Filesize
17KB

MD5
e8665ffe502f58ab682810434504e30c

SHA1
18b839f228997511fedbf87de3b1c880a00dc6d0

SHA256
aeff20155dec9648b8fb09c3e5fb0305dd7a95a3bed3e33397e14d684dad5a58

SHA512
04e0f580f8129334905af9c5f5776ce6b5b076762049f2a586f8e57a9cf4a8f152e5981371ba6b18a6f69fc96c88145e63ace5e21ca68b924a78032571f207ff

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/Data/pp2/core
Filesize
49KB

MD5
09635833638afb98f475282099ab34ed

SHA1
00f2099f391013556cb5b246b5b6d690ec501418

SHA256
fb6b1926c97605df6ee7e25afc32f03bca09125ba356ae919981bb6fa1cf9320

SHA512
397ae42c2eeeb210861d35287693527e524be22a3528064dde774d568f90f4c7c8942e3f91339b577e8597df847195953bfbfadf7e59b4e9de79c02d8db61e7c

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/Data/pp2/install
Filesize
839B

MD5
33e3cec74a999fdeb06e39de1c88757a

SHA1
c3c100a8e8145b4ec3fa145208f8c5e9f4855769

SHA256
f794234aefce933c9ac36349a81d947c0016cde4bfdb7eb7b7367c168e853a7f

SHA512
240ae68e80975a4bd2e2bd752dde68d683c5e83cdf23bdd0a40bbaf1499db83b5987801345f572bbfac126721ff84b1973d3f48efa4dcc79c1e537aaf218a80e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/Data/pp2/install-recovery.sh
Filesize
49B

MD5
dba8600f069a17a6364961cfe32dfdbb

SHA1
62fea06067b04b07bfa360ae661d6b814756b333

SHA256
2149fb27de20cc3cabb0ed90173c29e0d7b62382e9093196860e0a5802a2e5b9

SHA512
8f1f2eacbcccc9a5f0e2923df60d7ddd6230dbb560155a3225697f8eed3c03376fbf8bab9cc3a7c3b88e6b99824781f10bc31a4cea2f39a60d6324104f14f7a9

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/Data/pp2/sr
Filesize
511B

MD5
46c5914bcbc8bc0696e9e91cdcec6fe8

SHA1
43a9ae14a56fbe642ac851b3ee7c6667d93d138e

SHA256
78407b96a4925fab7f057467e274221d052575d9580ab88dc494aba3efd0cce9

SHA512
0b545e0a0eb33d04cee978a0ba7266d1e1dfa6ae5cea23d6e0235ff23bdb438d6b11566382242d6100d6e5b8f11ec3d7e7611843e43908909304d358bcd50892

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/gbmc.cfg
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/gbmc.cfg
Filesize
22B

MD5
326d2fa04c21d81aca0362a1ff198a1d

SHA1
c2d929722c8838c5f3b3bff9ba267d2e51b52eac

SHA256
3e4b09972a9ac53acbf345f77c681265ac127171b3efbfd0e0e45d11ddf03ff7

SHA512
14a0f0b13ab2492b6e1cb9ff4eace7851b2520137af21b6781b76beb6f6c50c6c94f491f020e48dd5c7d72dd65291962a6113e76db1e6c23ca1be576f0be1146

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/krLib
Filesize
486KB

MD5
3db7dacb3fc5f4dc104bc58e85275107

SHA1
41156aef3d66cbf903c7a8be472b8893ea236d00

SHA256
36d9268d310c93763474cafff1e171edea18cf5153df26cc99d5f78106650ea5

SHA512
bf86f9a2c9d02d6ce7ec1a88703e867c1ab32c7e696edcdc39775a8eb370677ef40a07875f1ca95a6e0f7a45d63697599b59267f3eac912fdc60e5f2706fb591

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/libextbillmod.so
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/libextprogmod.so
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/files/~tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.kx.popstarxwhl.xxl2014/shared_prefs/RecordTime.xml
Filesize
202B

MD5
8c170e115e125d7eee94a659b8a5209b

SHA1
9f5eebd060b1f4f5f2e00181224c6d68394a9b74

SHA256
1851aebbca5bf98c71433b2e725ec59ac4d91b42928f69a1ff10d51e8f249e68

SHA512
515c769aa331ae71b756d8473b9ca6e1fdcafe64afc8bc28ae70fbbe81e5cc3513c86130e18efccfb294b8cb1940afa2bd068bf6a551c33b333f405a0cfba32b

Download Submit
/storage/emulated/0/OPBKEY_72310881b46b5b488bb9863bfd5088aded38
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/opaDC.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/pjsssdk/log.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads