f61531bd2b9deb9a7cabd3b132e3f3d2999c769ff664c4703cbef0b74c29e2b8

Analysis

max time kernel
3076413s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
26-11-2022 13:59

Target

f61531bd2b9deb9a7cabd3b132e3f3d2999c769ff664c4703cbef0b74c29e2b8.apk
Size

1.0MB
MD5

a97ade17eff5ecd7beb3f22739ab029c
SHA1

fbc38d62254f6ebb936f37430414709ee7a4457d
SHA256

f61531bd2b9deb9a7cabd3b132e3f3d2999c769ff664c4703cbef0b74c29e2b8
SHA512

e9dde2d25c51ca6c0a8d8adf1f9db4f7350104055a297ad180e89755defa13df442cfafc1b867c8994b080e6cb4bb22389d789c6ffc7687a100e43c857c20488
SSDEEP

24576:2AxpI4edSQuFWRyJfIZSNeKcCikE0BexQzPbkqf9eerfT:Nx64eAQPswZQcCikE0BexabPVeezT

Score

7^/10

ransomware

Tries to add a device administrator. 1 IoCs

Processes:

lsp.qfvhaqd.syij

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN lsp.qfvhaqd.syij
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

lsp.qfvhaqd.syij

description ioc process

Framework API call javax.crypto.Cipher.doFinal lsp.qfvhaqd.syij

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	lsp.qfvhaqd.syij

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	lsp.qfvhaqd.syij

lsp.qfvhaqd.syij
1⤵
- Tries to add a device administrator.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4023

/data/user/0/lsp.qfvhaqd.syij/shared_prefs/cocon.xml
Filesize
151B

MD5
4dd4993b83e0754d269d0624156dbfa8

SHA1
7c30565a96b65c71a59dcfd5121a6e9b56b0ee92

SHA256
d0a16f9bf232f6d27d33a6b3e77267bc82aa6bb25f1ac10fa43322b7e7c67d60

SHA512
2664986c83c783db2b77ef05d0c16b0346ab83a3a67fde5626d1b5f673c90b98c90ce0f0b823fb71a14d43f526ae6450ec187bad92a742689e6c5f0720f12968

Download Submit