0b044449bb03739f8f7d593e1e093101cac6ac4ac233746ca0f3d7162f28eb73

Analysis

max time kernel
3077855s
max time network
146s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
26-11-2022 15:09

Target

0b044449bb03739f8f7d593e1e093101cac6ac4ac233746ca0f3d7162f28eb73.apk
Size

1.0MB
MD5

78606e52f4be7ddc3d61d24d684bc22b
SHA1

86706cf17d423de78846db3926d29336f0ac2ef5
SHA256

0b044449bb03739f8f7d593e1e093101cac6ac4ac233746ca0f3d7162f28eb73
SHA512

4959c9373e4d23602419d7a42ea67cb65c6e96db9adb1293c8f57bfc0eda9b126982fbd87f114033c4652e897cf9b28eb374e0f47c5c0a5607d2c7520cb8f07a
SSDEEP

24576:F0Vho8eh2QuFKRyNfkZ+1WuYCm80w9e1gz/bkqfxeiTG5u:2Vi8eYQnAsZgYCm80w9e1ab/pei65u

Score

7^/10

ransomware

Tries to add a device administrator. 1 IoCs

Processes:

pf.omhogs.rxfzpqk

description ioc process

Intent action android.app.action.ADD_DEVICE_ADMIN pf.omhogs.rxfzpqk
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

pf.omhogs.rxfzpqk

description ioc process

Framework API call javax.crypto.Cipher.doFinal pf.omhogs.rxfzpqk

description	ioc	process
Intent action	android.app.action.ADD_DEVICE_ADMIN	pf.omhogs.rxfzpqk

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	pf.omhogs.rxfzpqk

pf.omhogs.rxfzpqk
1⤵
- Tries to add a device administrator.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4007

/data/user/0/pf.omhogs.rxfzpqk/shared_prefs/cocon.xml
Filesize
151B

MD5
4dd4993b83e0754d269d0624156dbfa8

SHA1
7c30565a96b65c71a59dcfd5121a6e9b56b0ee92

SHA256
d0a16f9bf232f6d27d33a6b3e77267bc82aa6bb25f1ac10fa43322b7e7c67d60

SHA512
2664986c83c783db2b77ef05d0c16b0346ab83a3a67fde5626d1b5f673c90b98c90ce0f0b823fb71a14d43f526ae6450ec187bad92a742689e6c5f0720f12968

Download Submit