5216642d0b7168e147951857036ccadd6a2f77ab2c50dcb2482bbe0c17337766

Analysis

max time kernel
3095529s
max time network
145s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
26-11-2022 18:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5216642d0b7168e147951857036ccadd6a2f77ab2c50dcb2482bbe0c17337766.apk
Size

544KB
MD5

9b8c3c086e4f8abd3e2787bdce401cc6
SHA1

55f02e6ceefc806d7fe55936fd94e7844c9b9d48
SHA256

5216642d0b7168e147951857036ccadd6a2f77ab2c50dcb2482bbe0c17337766
SHA512

b81231402a6cfcccc459dabbf2824f9b7ae9db38c4991ba2c63c504d4593386bd6986ea5088d91e953e5f40c218decd95533b3b828477d45ddf488c1045ac5d2
SSDEEP

12288:ADFxXQOit9x4S3c/sBnw2IBpFnyJoU9uCHOt/a:ADbAJ9xw/sBn/WpFn+okHO8

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.MpplVStVZYjv.tuliZGku

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.MpplVStVZYjv.tuliZGku

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.MpplVStVZYjv.tuliZGku

com.MpplVStVZYjv.tuliZGku
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/.com.google.Chrome.WNnNTc
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/Default/Web Data
Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/Default/Web Data-journal
Filesize
2KB

MD5
eb3de8ae39a380661019cdf12aed9521

SHA1
f282928c777a1927f001efa0afff189919127b09

SHA256
d02834baad5b9a1a4ac2b7b60e11d9c4f0ee4bd17b7ba8bd9eacd8b92734ccd2

SHA512
c1a6f45a18089d9517e4ce329b80596f558f6a0496854f5acdcc9f67659edc649b0fdcacda664f047fb2e2db69b8ef4384365b63e68eae13e8987e6c7b62f7fa

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/app_webview/webview_data.lock
Filesize
31B

MD5
4c985cdc46e9089ccb82c5ac9db9ccb8

SHA1
b65a0bac2ceee064f4ad82954821ab44490f706f

SHA256
6fb7317e02d338d53514f5e5cda7183ce3d07248dc22179de47b45ce6bc33780

SHA512
c8d88c950fd27c49c150f544617252874aea5905a041d8f575c4737c234f78258840beeedfd2de7525cb67e8c0c99c029581cb54a8637406a0832821b6be98b0

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
64af25ef896c4775696ec717a0f1c49a

SHA1
29504d95e77a7845ce738bb0f5a78fc91563ac06

SHA256
965ee696370a814e79960d1c0ae8f2bb499234c32ac9a581ace9c41c14c919e8

SHA512
9316a253e5313f7290e0591574cf56c178b7a36bfb80e6b8f5fbe9c141ec341a0eec69ffa632252f86a86472571cf1d720126da8a5feba1d9d67d3d392ba9971

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/Default/HTTP Cache/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
90b139b3c34aacdb0bd28665cddc14a4

SHA1
2f36ed0d80d6000412e249ac8e0911d048a3adad

SHA256
909823760d9166717e7a0de3073b91b0fbc510982e30fa0eda0eca87601307c9

SHA512
91b1ceca5aff4743e36e5b684501401514dc992fb0c9c933f58cfc6e6a6689ba6950698b307bc955ccd222394df66db9e7d429ff5d67b27037b4833c82a21f6b

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
Filesize
96B

MD5
90b139b3c34aacdb0bd28665cddc14a4

SHA1
2f36ed0d80d6000412e249ac8e0911d048a3adad

SHA256
909823760d9166717e7a0de3073b91b0fbc510982e30fa0eda0eca87601307c9

SHA512
91b1ceca5aff4743e36e5b684501401514dc992fb0c9c933f58cfc6e6a6689ba6950698b307bc955ccd222394df66db9e7d429ff5d67b27037b4833c82a21f6b

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/cache/WebView/font_unique_name_table.pb
Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_bc448b49-7474-435b-bec5-c49bb477a5d9_1669542791995.tap
Filesize
337B

MD5
dc8f2a44ae335ce60db2537b96cde074

SHA1
85a50c78728cfd0b09e80d980736c3c43a701389

SHA256
8130ca461d615abd02c81805b8e73e2abec91dde2c818994e5e3d07a0c75753a

SHA512
c4b89a34c8a950cada6e58a0801854b047a4eef5830cdf53471873c149237f20766eca857de56a10e6ff8b140f490513766f7e38ec03a9ed0898fdf5a7694d50

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:crashlytics/638333870122-0001-10A4-FDF54AD0A3DCBeginSession.cls_temp
Filesize
77B

MD5
d215c55f2a09e55184bcba1f5e6c2cb4

SHA1
944239c26b97abacaa5f62023add2856be07b041

SHA256
542341160e1e9bfb03897c1378c0ffa37f50a14b901b8395487395962be21be9

SHA512
dff14264baceb9afbf1619fdc19449787d48c672b64ae71ab9dea7157c23311ff3000d4abeb0824888054b198d872cf58034fa4742dcd3c660ee499035bb4a1d

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:crashlytics/638333870122-0001-10A4-FDF54AD0A3DCSessionApp.cls_temp
Filesize
120B

MD5
6917b5f1a9793bc469445536ba225de8

SHA1
ede2e9c1f24e6ed6c6c00ca575f88dd26d6a688b

SHA256
831c7ddfcccdfc823d3c976c685bdd3ef9cb91df9fab3be1b1be662fd4bb2da7

SHA512
32a97102a3004010d9b9c41d71433d71633427464780b2461d3bc2acc7d6ca5d5dd48cae2d3ae8fc0aec5b320cd85d8bac380f5efdfdf22b921c329a4bd23140

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:crashlytics/638333870122-0001-10A4-FDF54AD0A3DCSessionDevice.cls_temp
Filesize
101B

MD5
8612309efd64fcfddab40bebcb7c26c2

SHA1
0a973fb6dfe6a8d5830ff249decbb02053b212e8

SHA256
b2b5d3ce52114d5633f677cae84009462a5ab86a14f6b5886a8eb21a535e40f5

SHA512
b00e729e41ea7e4c14860763f058e20c1a29c7515d69f248355f17d709aafb362e5926cbc7d8e7074f2dd1fcde156de36f63c1e0f8045f289692a92219bb7484

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:crashlytics/638333870122-0001-10A4-FDF54AD0A3DCSessionOS.cls_temp
Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/files/.Fabric/com.crashlytics.sdk.android:crashlytics/initialization_marker
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/shared_prefs/TwitterAdvertisingInfoPreferences.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/shared_prefs/com.crashlytics.prefs.xml
Filesize
159B

MD5
0a5bb30336697b25d4955a45d054407f

SHA1
8f6862a6d2c802439eb7a197da6db3ca0acd2551

SHA256
d9e7763efae961fadc4800a1a57bc13e0e8fb3cca10396f1d79e716f82c20516

SHA512
5bfe102e8782cfe986a4781b35e60ecd792bdb21b4d27c410db1be3a900d8621b431a8373b85afc5de81199346fb161dc0c767500025a8a76b4c79683ccc1c68

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/shared_prefs/mat_queue.xml
Filesize
109B

MD5
72c63cb25a6ee9d13efa766650d5d0c6

SHA1
0b66633ba147fb38f11aca5933100ad4432e4fc4

SHA256
e6c8e9e82a4ded75a5b8e0bf4f23c6a7847621b0583d1b5c9e591e48a97d62f4

SHA512
fe74f3d2d5ad2749fea6566c05ad37af8a20de7ee08fdab95f4aad1c76e423e075e559ebb3342c39e8ca4aa75d31e682cc248c8b00f876844fea87035c2880f5

Download Submit
/data/user/0/com.MpplVStVZYjv.tuliZGku/shared_prefs/mat_queue.xml
Filesize
574B

MD5
1d725962409207f0bae52fb5d50595fc

SHA1
55df1e1b9a83af3cec7b197a53de429959b3d229

SHA256
889df68cbc11f9e87068584891d930db8311f79dae904fb39b01edb97fe6a7fb

SHA512
4e623b3f1ef6264f0e95538eaf7fb5015904530cfcd8a737592da0914b05e60e753db4f9e953588d0a4d3576d8fa9f12a49d2477a6f8fa2c12aa45495c48a58f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads