Analysis
-
max time kernel
3091903s -
max time network
139s -
platform
android_x86 -
resource
android-x86-arm-20220823-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system -
submitted
26-11-2022 18:12
Static task
static1
Behavioral task
behavioral1
Sample
db83841aea863e0c3bf8fd11b6568cfb43415b24f455235dec6b6ed77f94225e.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
db83841aea863e0c3bf8fd11b6568cfb43415b24f455235dec6b6ed77f94225e.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
db83841aea863e0c3bf8fd11b6568cfb43415b24f455235dec6b6ed77f94225e.apk
Resource
android-x64-arm64-20220823-en
General
-
Target
db83841aea863e0c3bf8fd11b6568cfb43415b24f455235dec6b6ed77f94225e.apk
-
Size
1.0MB
-
MD5
89a3d206a43405b42ac051f057fb003a
-
SHA1
d2adc5eef2d8aeb251fda094ec072072455fbdaf
-
SHA256
db83841aea863e0c3bf8fd11b6568cfb43415b24f455235dec6b6ed77f94225e
-
SHA512
deb17b88971bd53e2f8dad197597166b1f0c51c219d0525e7fa8a825ec8cb2cb5850388f29989fe94e0759e3f87268734e9d50a7d95f176ba67bb79c0cb54e3f
-
SSDEEP
24576:7tyMaUekQduFdRycfZKOUwj+C+HyU8eQBzfbkrfwev0k:5yPUebdkNhKY+C+HyU8eQlbSIevB
Malware Config
Signatures
-
Tries to add a device administrator. 1 IoCs
Processes:
il.vkpbqkwm.frgzbqodescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN il.vkpbqkwm.frgzbqo -
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes:
il.vkpbqkwm.frgzbqodescription ioc process Framework API call javax.crypto.Cipher.doFinal il.vkpbqkwm.frgzbqo
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/il.vkpbqkwm.frgzbqo/shared_prefs/cocon.xmlFilesize
151B
MD54dd4993b83e0754d269d0624156dbfa8
SHA17c30565a96b65c71a59dcfd5121a6e9b56b0ee92
SHA256d0a16f9bf232f6d27d33a6b3e77267bc82aa6bb25f1ac10fa43322b7e7c67d60
SHA5122664986c83c783db2b77ef05d0c16b0346ab83a3a67fde5626d1b5f673c90b98c90ce0f0b823fb71a14d43f526ae6450ec187bad92a742689e6c5f0720f12968