06bd97deb8ffad39178f63920d081c88e507f13782f3aaceac02be252d046fb9

Analysis

max time kernel
3080410s
max time network
60s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
26-11-2022 15:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

06bd97deb8ffad39178f63920d081c88e507f13782f3aaceac02be252d046fb9.apk
Size

1.8MB
MD5

48eae2e689e87ca4b32136d6022e9a9c
SHA1

f68e74a7833fb0bcaddd8c7f78b04d9624dae971
SHA256

06bd97deb8ffad39178f63920d081c88e507f13782f3aaceac02be252d046fb9
SHA512

244038e1ed02f93945d435fa40dc435c1f3ba1eb53ecaa15c507a2b7b6c2cf3b1951a5678e06c67a6676a39158f2ba2f2e4734de31643839d82dc87f461df6ea
SSDEEP

49152:G4UubVS1ajDu533LWcThB/d9T+x0pUVjKQiQCllw7CiHlOdDHB8molg3L:tUubVgWDc33KAhB1I2pUsQiQCllfhXoK

Score

7^/10

ransomware

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

Processes:

com.sex.position.superman.advanced

description ioc process

Accessed system property key: ro.hardware com.sex.position.superman.advanced

description	ioc	process
Accessed system property	key: ro.hardware	com.sex.position.superman.advanced

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.sex.position.superman.advanced

ioc	pid	process
/data/user/0/com.kingroot.master/app_ttmp/t.jar	4731	com.sex.position.superman.advanced
/data/user/0/com.kingroot.master/app_dx/do.jar	4731	com.sex.position.superman.advanced

Requests dangerous framework permissions 11 IoCs

Processes:

description	ioc
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Required to be able to access the camera device.	android.permission.CAMERA
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.sex.position.superman.advanced

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.sex.position.superman.advanced

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.sex.position.superman.advanced

com.sex.position.superman.advanced
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4731

sh
2⤵
PID:5439

sh
2⤵
PID:5472

sh
2⤵
PID:5507

sh
2⤵
PID:5546

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.kingroot.master/app_dx/do.jar
Filesize
15KB

MD5
f7fae58e12330e2351b9ca95f0685f87

SHA1
6c3e8614ffed7b09793015ba8ab79db058bf4af1

SHA256
d832410ba9400a60fd8b6cff8ce635f46d570f692f5060faca0526098e7b571a

SHA512
afdac6a1ffed6e0fb1434f4499ed2e7bcbb45a4583f2ef54704707fbe8941743df2ea5db68b007ac3916cf48564fa7ccc4b244ebaa16c27c5428115b46062e88

Download Submit
/data/user/0/com.kingroot.master/app_dx/do.jar
Filesize
34KB

MD5
9b2fca6ae1b6463f5d4ead087b5e6587

SHA1
848b97f6ad5f27cd8c84cf74637af73f0b34789d

SHA256
4b10e73c9957fea2ddd846eebf8e13197f86160f95951b67a97a408ba4306b42

SHA512
d0fb7d2b9f842ea80bd914bc8800987ab9892ca9708224ef24a9f65932eb2aa97b593c3f6d1a7fce712c82da285c655e6f40ada19516497158603b3f99450716

Download Submit
/data/user/0/com.kingroot.master/app_dx/oat/do.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_rtt/SettingProvider.apk
Filesize
24KB

MD5
4d014a5e8129647cd75e05866e89ce63

SHA1
cd0f98d39cff89dc6a48980bccf13b095e25752f

SHA256
c05b4cecea7cacd30e875644b5bf4a29db608611e4c6b03f313e925e4d6f19e9

SHA512
4e044da13f08ac08150072e3a7f7c6839e50614b94ba40bebaead83f3864be5e3d9224a8e9f2047b89c698be9617f014908ca7a2b16cbd160ab5d6f93397345a

Download Submit
/data/user/0/com.kingroot.master/app_rtt/dtlrt
Filesize
68KB

MD5
1df194c96e813ebe22f02fc4938e7e48

SHA1
6016ddcfa641e5f114091599fda9e5cb0a79e02e

SHA256
0ebf055b0518543611f4a3c19c25147eef3a7a11a0088ce8f00f3a46d5782458

SHA512
153cacfc901b197a428cb4af9d4020e09dca033ebe46a4718a067b6c62c24d999ac0d9190c02181ecd623dadeac0b16087a10e5c6b120910fe7398971e5d5957

Download Submit
/data/user/0/com.kingroot.master/app_rtt/etlrt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_rtt/nis
Filesize
21KB

MD5
62c3cf862f30d0d06ae94113386db837

SHA1
c2247bfa1201db8e68f5ef61ad0dce21edc2a781

SHA256
93f15ffd1a95787751e874352376ac71d96ae9c8d3b7828835796510cce66b95

SHA512
7293716c464c0c5a5f3e94c6854e45954c63c32765ed0b1437ccf404cf49829cfada9918c5b40e42e300fd2d43e7ec14353fe96b13fd2eb6514ce0e87f0a1981

Download Submit
/data/user/0/com.kingroot.master/app_rtt/r1
Filesize
27KB

MD5
c27e59f0f943cf7cc2020bda7efb442a

SHA1
c72596d5db85c791757c7eacd030d11ca96ed1e4

SHA256
2389246bc2687dcbacb4fa592175393cb3e1b0322bc52380eb744a095f4fa7dc

SHA512
17d6fc29dfc525b06f0038e159ac5411d4a085bd613239465382c21d560faa820fe25c99fd7a1bc52207a7aa45755bae2e4faf02b813d76142785805582c6806

Download Submit
/data/user/0/com.kingroot.master/app_rtt/r2
Filesize
13KB

MD5
368df668d4b62bdbb73218dd1f470828

SHA1
566e3fd17b4d984785e8a513bccad7fee33e3da3

SHA256
03b1913aac00dfc09269678e6b272aa1c6bee6edaef68fff22ceed57f0fd9c1d

SHA512
9375c5c7430736195a62da522b2c31c675bb2cd280c0f3b52c9574b137a016306ffd5190ffaa1a05f2b70f00129a56424de47aee804354a91ed7afe6818bc49d

Download Submit
/data/user/0/com.kingroot.master/app_rtt/r3
Filesize
17KB

MD5
fb8449d1142a796ab1c8c1b85c7f6569

SHA1
c381e2aba0c023dd322b2bf1222f9404d61e12bd

SHA256
1427926697bd6b766eee626c41129503df9f436692d5e88ad62e259daf5293b3

SHA512
165392d72d8337ff0eb86539f6ba8b27c621a1b0bd1c57e5f72bdf957734d0d557bf8e6003a1cbe6c1438f379c1d82ca101cafccad38183ba122517f1ae0957c

Download Submit
/data/user/0/com.kingroot.master/app_rtt/r4
Filesize
13KB

MD5
04dd488783dffcfd0fa9bbac00dbf0f9

SHA1
3d6f71f4cc7562b813364b70950c577b04541627

SHA256
4fc98a1df9db3598b4c490273ed961e0fce819fb021bb77d277324cefb7851e6

SHA512
b914b97daffe3c1da68294ae6cfa72e107e393a45ef49e7b7f989b9297de7548f5eb8236e0b0d9cb343a4a372ba8d03e8e856a1fe40269d589292d6ccd93a373

Download Submit
/data/user/0/com.kingroot.master/app_rtt/rsh
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_ttmp/oat/t.jar.cur.prof
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_ttmp/t.jar
Filesize
104KB

MD5
c76b4c615a6be8670e68f00a36e038e4

SHA1
771f645a59e0d8c8623d62c5e15b219b6dc8baa6

SHA256
d8358f897aa498032a706a0eb846419ffb7c9d9e055007a9f9ebfba7cda149d4

SHA512
ea90c5fb93d150f3de42779efac8ce80afb03e833eb839fa85968ea7ff519600f580b324d009c17d8667d2f4a88a7c421c96d7eba31001b93ddae4fea862fda1

Download Submit
/data/user/0/com.kingroot.master/app_ttmp/t.jar
Filesize
104KB

MD5
3040c40b063f22c33d98489460100bc1

SHA1
0edf4f33579ecf1e641557442f9739bb78418064

SHA256
19b9bcd5925ba2b0fd7a4110d9c27ba93f85e36dfc29aa4f1167ee35f13d105f

SHA512
c8c5ab838d9b3e7e568500cbbe20f6111d07f454e5aa4b19fecd280511f899bc8fb8c3491afcc4dc6afb1263c99e5467cfb67db9312a4253d419a853e205213a

Download Submit
/data/user/0/com.kingroot.master/app_ttmp/t.jar
Filesize
250KB

MD5
15ae69a75d62bea24c6692b49eec1129

SHA1
0553cda03040782db315bb973dbbc0b4d12ccc43

SHA256
89d4a2b347eeb0c09379803f3df4e36a0d4be30dafc2974f7f0a8eeb25e812e8

SHA512
173b688fbe5ef107b4764361fa216fd0cfb3531d1d711dcde64bbc1116b28feacf77a951aa6d62dca6a4ec6d0becf5bae1a26e1ef816ca13c134747747bdae84

Download Submit
/data/user/0/com.kingroot.master/app_webview/.com.google.Chrome.30Fk70
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.kingroot.master/app_webview/Web Data-journal
Filesize
1KB

MD5
54f57d58c6cb0d139e57ef7e4afff13b

SHA1
dc17800ac076bb3a66abc22e9c978cda623532cf

SHA256
a388962bdf609aacf547cfb43f623d29d6bb853f35bda0c1f345b2d4e34ae674

SHA512
d91de2d73a9f2520114adbaee5bcb68503fdb13e6051a5552badb5f050230beb60fb64aa68a5c28a0e0fa2d9aa7e705e7a9040d6a0412f66432b2e25de8e4569

Download Submit
/data/user/0/com.kingroot.master/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_webview/metrics_guid
Filesize
36B

MD5
964339e1a50e6cca0da2ee588c515c66

SHA1
7a4a8dcceca81ed6996b99b7bbeca9cae4a1cd3d

SHA256
0f0902a108bc5beaf99612341a6aeef99398aeccd8743a8c3c8c0eb7bab99e21

SHA512
41bf7f8b2e3e399f869bf38a6a498bf9f6689372bb8d87751d0951488d5a1ad52f3a26d67f079aefcf3ebfacb720c70145534f402f45940ed15d24f8cb6b80bf

Download Submit
/data/user/0/com.kingroot.master/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kingroot.master/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
114d61160410db75e5f06fbe8d5def91

SHA1
028bcef8859b281796b0a2c1429d7c183069fe81

SHA256
e2a3d0eb805c940d30c6f1162f5e1daac17975557cd6a4d07e3681ff35f412bb

SHA512
f6440647b0ab9553430265ecccb8cbca4910730de80c7e11b8840cf8fb216d76a59ae54e39b8a05f26eab37b33dd9ffeaf32a82a0472c97bd585ec77ed766c0a

Download Submit
/data/user/0/com.kingroot.master/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.kingroot.master/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
76e7c2372bf95aab5078edc521688421

SHA1
c887cd398c907c4a44e26ffad90a943ed74dfd7d

SHA256
11c89ce49cb675db340fabb2f922265b554b56ac86696cd6d812531742965368

SHA512
945bd2d10d3fe5161dc42e1a6a78c51b65db575057654dbfcfc4889f6022b36aae7be491a0212076437caaaa752d22869287559b7e089feab9e8765055abbf83

Download Submit
/data/user/0/com.kingroot.master/databases/content.db
Filesize
303KB

MD5
ffb1c532e56eab317ecef4e0768a13c5

SHA1
cb8c1cf85ed07a35765e593cbf9bf6a2c58c9453

SHA256
de3a7a84ae471ace55a13aed71e16cda21bbc84879ca0b0b30d86241cf3acfc5

SHA512
951dad43f10a14ddaa16055870319a39b15584b150b3a9501154fadf62fe74880b7c450c665a515abf8f26441ca5a34d0a6704ad591a57428c68e40acfd5e39a

Download Submit
/data/user/0/com.kingroot.master/databases/sdkdb_data
Filesize
184KB

MD5
ce96f012f65900212ae47c5c980a1458

SHA1
d60f9c26a49a1f39de886aab5263a0015565a20a

SHA256
b7923811cb34b01418a4cbe81ef0900275a1b9ba0253977b56af3343af9cab2e

SHA512
b2de3875f274b90c85651ec8746f0df42414d1ed2b5f4e2228b0b2d1ad2a20eb5a14f2afd34f7365ee9ca62d6acbf9bc6785bc03d288aa498dbe9e7d07e80cad

Download Submit
/data/user/0/com.kingroot.master/databases/sdkdb_data-journal
Filesize
1KB

MD5
a5ed0059ec42de1b0778013695597489

SHA1
c68b7931876cb6466f2b4a1a2945dccc780f642e

SHA256
733bafc8a863686e79102921479d0d471aaf55d52e5e375e6c66bb1e392449f1

SHA512
66e6947621f1673d2a2702d71e8438fcc14c8064ce5e59002f589c3e034439cbbda640eb8c328c5e5a8ea587b332429cb0e250ec4e3ecd50c07ab4b2171a8fb6

Download Submit
/data/user/0/com.kingroot.master/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.kingroot.master/shared_prefs/com.kingroot.master_preferences.xml
Filesize
102B

MD5
9af6bcb4adb779dcfbfce6b7d5f01a27

SHA1
b1e2aa5e8ce6932ef476b21d2dea55342c8b140e

SHA256
a4818e00394d2669170436df0e93990f081d1daa471283e84aa1d8731b3b59c4

SHA512
f28f7779e5accbec7ed974b48f4b7c5b8883962c207696d9f1d5166475c1bcc8d2e3afe1114042672f87d4538f240339b18f11607a1764bcc879fcd74428ec83

Download Submit
/data/user/0/com.kingroot.master/shared_prefs/com.kingroot.master_preferences.xml
Filesize
146B

MD5
92db6d6688bad481e0ee91e45cc00a00

SHA1
ecae547cdfea2ccc99ffc7c6aac6f6cc9f739f0f

SHA256
4bc8c9a1e73538e2cabfdaa0169b4c3709c742c3f00927048ccd19488af275cb

SHA512
2bfc7850259696ea74e68bcf74289dde635833237001f07d00b8d47b9ef68f5d7ba404a930a33d0de74cecec147ead4edc8debfff3c209fe0a23b900fd6cb2dd

Download Submit