5cdef2ec7e8495d8ab9532c17e3488ed5f9620173bc87d2e7d9908f2f0d5e715

Analysis

max time kernel
3096158s
max time network
160s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
26-11-2022 18:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5cdef2ec7e8495d8ab9532c17e3488ed5f9620173bc87d2e7d9908f2f0d5e715.apk
Size

1.4MB
MD5

d2113159c467b88e5027a0ae39396e75
SHA1

5e06dc53386e3040212df6d8529e3a08b310aae0
SHA256

5cdef2ec7e8495d8ab9532c17e3488ed5f9620173bc87d2e7d9908f2f0d5e715
SHA512

9cddcb036dc7b26b9097bfdcdca0b0d23344974785d37d1efd69d50f0d1a239716ea9b8bf322b3e25ff3269ca1b1bcf3239722306434171ad7db3d5badb13d9f
SSDEEP

24576:udxKhrrK6zzShet+ayxTYo/KMyy8d7TXDbPRrC61fP2+9qj9aQgN5BdJLIy:uWJC0+ayWR5DDbPJ399qIrdJky

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.iapp.mmapp.x

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.iapp.mmapp.x

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.iapp.mmapp.x

com.iapp.mmapp.x
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4813
- /system/bin/sh
  2⤵
  PID:4856
- - ls -l /sbin/su
    3⤵
    PID:4892
- - ls -l /system/sbin/su
    3⤵
    PID:4913
- - ls -l /product/bin/su
    3⤵
    PID:4969
- - ls -l /apex/com.android.runtime/bin/su
    3⤵
    PID:5124
- - ls -l /system/bin/su
    3⤵
    PID:5237
- - ls -l /system/xbin/su
    3⤵
    PID:5257
- - ls -l /odm/bin/su
    3⤵
    PID:5276
- - ls -l /vendor/bin/su
    3⤵
    PID:5294
- - ls -l /vendor/xbin/su
    3⤵
    PID:5317
- /system/bin/sh
  2⤵
  PID:5995
- - ls -l /sbin/su
    3⤵
    PID:6014
- - ls -l /system/sbin/su
    3⤵
    PID:6032
- - ls -l /product/bin/su
    3⤵
    PID:6050
- - ls -l /apex/com.android.runtime/bin/su
    3⤵
    PID:6068
- - ls -l /system/bin/su
    3⤵
    PID:6089
- - ls -l /system/xbin/su
    3⤵
    PID:6107
- - ls -l /odm/bin/su
    3⤵
    PID:6126
- - ls -l /vendor/bin/su
    3⤵
    PID:6145
- - ls -l /vendor/xbin/su
    3⤵
    PID:6164

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.iapp.mmapp.x/databases/DD.db

Filesize
96KB

MD5
6e6a124fe77ed45ae7e20ca1a696e4a2

SHA1
c1861993b0bb30f6c82e79dfaf8bcbfa623d48dd

SHA256
4abcc06c6bb5a64d77b155748e3bf0a6d8933ce86e3fda45d5414851782b45b5

SHA512
8021d85584f1c43ef9cd03eee2cfe38925f1e22b793be9b8d7507fa576b9c329770d9a67205c3033ad79bec4b94b9273c1f6289709005268f3d18c690b4aebfd

Download Submit
/data/user/0/com.iapp.mmapp.x/databases/DD.db-journal

Filesize
1KB

MD5
e43da9e3e7129298e54dc39b70568aaa

SHA1
7ed1f73887ce4ba1be5ac93bd6f67d499276ab7b

SHA256
271af8750c570289548eab0c54cceb6e1ec8800c3160c8319ed1b77a1603658a

SHA512
1697b0fe9e83c3638bba6e005f127e89884b766b01afff9236de32c997c869ef7ef117e54a6db45474c79dd7f60ba190544f20f9566e0a313b01c250bd84dce5

Download Submit
/data/user/0/com.iapp.mmapp.x/databases/mydata

Filesize
176KB

MD5
f66bdce29505bafcd02fc61c7baadf6e

SHA1
24be0653a32fc40deee4895e7c8a52bdb12cfbaa

SHA256
92abd14f765c6572f86dab8fac57d2d88ba0ab37d500f6fe7b4e983019217420

SHA512
416a748649628dda300f9fb47602bd592de13a1479ca2d9219bc82d253769d9bf1a86d51eba037553365bd9fe11f2dd98acc0ec148f6581407392661cc0ff8c8

Download Submit
/data/user/0/com.iapp.mmapp.x/databases/mydata-journal

Filesize
1KB

MD5
93d6027926dcc19119aa48efa1d18149

SHA1
9c4b25c1e4488f0d91117139f9330347d6626455

SHA256
4e5f67f9a57d20cf5d24e28edbb38e9a7e91dae547d71f77c4a18b18b6118d11

SHA512
17c24aff8379b2cf8dfa6db11f60cacb06f48d76ccae5e2ca129c30e4f353a83f76e6c9a0c7bfbb085be10fa8c5646a1cda9b6811d3008a8a11c97b51a2becff

Download Submit
/data/user/0/com.iapp.mmapp.x/databases/qy_db_pay

Filesize
168KB

MD5
af28dd2c966664cce3f40b0b3c6038eb

SHA1
61e64787bb67a211972d635fb862b8f4f849a72f

SHA256
38e5ecdbb0b02e8e61ee01b5189f63fa2dfe59cd0c826752263ad180de02e45d

SHA512
45b5a895e2d18f7dbd0c191cfb852e4076ac5d3f965c40686b6f064a2a3291bbf76b0f1578f2e21b0ddb5b0d00ad039f621e68381ae06b0f9af9de71dee8f62b

Download Submit
/data/user/0/com.iapp.mmapp.x/databases/qy_db_pay-journal

Filesize
1KB

MD5
866d21ecfad1de3405082de26fba120e

SHA1
ad22ec3d96417c7e17d8b61fc84a4a71bb5f5201

SHA256
eefb6d34e80057a0826784829cc3c4b4037ade45539f90a4a1209f8e1949450c

SHA512
158272f7a3f7e17da46a689f968f1926cd09d1e12fff927de9ac566b729f0ccad979cb8d56e89f5f95038728a05db520b8fbd780f46e2450b43ab95c7108c88d

Download Submit
/storage/emulated/0/com.iapp.mmapp.x.start.times/com.iapp.mmapp.x

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads