2d2932817ae59a820944e7e3609be204c1cfbc81a0d07d565aae17ae4545054a

Analysis

max time kernel
3110290s
max time network
160s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
26-11-2022 21:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2d2932817ae59a820944e7e3609be204c1cfbc81a0d07d565aae17ae4545054a.apk
Size

544KB
MD5

6a080f9d9e06d00cf32ac902b8e1b518
SHA1

31f17294dc00a6484be4c060f447d81255500639
SHA256

2d2932817ae59a820944e7e3609be204c1cfbc81a0d07d565aae17ae4545054a
SHA512

0da83548abffba00a902e8291d0a5de6c8741454871a1e5a1bbfb665dc801734758a66de17d047127433dad071b9d80c1e0421be16c2b54b3cee5a20b2215403
SSDEEP

12288:JfoFxH6+z3tzxCSuebN30/KX05coDgGorTd4quAWTt:JfobacztuQaKsNorJ4qSB

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.GuqmNLNdXLGv.uOzmNfAL

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.GuqmNLNdXLGv.uOzmNfAL

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.GuqmNLNdXLGv.uOzmNfAL

com.GuqmNLNdXLGv.uOzmNfAL
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4717

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/.com.google.Chrome.Ice2gS
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/Web Data-journal
Filesize
1KB

MD5
d83b2179fab4e5f7883cef42c3cf4465

SHA1
706f668dfae6953a8f3ec9e342ff3980760592db

SHA256
3e30b26cbdf212497fbbee52629f6542a1d4e0fab4b04ab6de37841f584ecaec

SHA512
c747db2cdb621382ee9cf90fcfe7fe0dfa1e32474629e15e125ffce4368678b7f3b3528eeaebd0dd0f88e0e237176c5469172abc10b2193fe559664e7df0e6a5

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/metrics_guid
Filesize
36B

MD5
7e50732370d6a41777f38429d51ee32e

SHA1
47de97c7e83220531ae208299c8ea728be66b6c1

SHA256
3be46028400e9f4ebc382b880a552ba7640fe5aa4aefc77c591f6301fe45e0ce

SHA512
19a788f62c873d6dae6bd93abf231975e99ff72dcf7fa366e9ebf8da9a6f5d271789920149c9dcd2b8680d6f32e3a61d888da4f02ff02a3d22d478ab6eae4fc4

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
eb2ecda4deffba50ed95f55930cf5a59

SHA1
e58617ca43e357cf6f406db1d18947a6879882fd

SHA256
d207d1f981c3445cf5dc9815fd40f1f5c7a779643061710d6ed6349f6f86942f

SHA512
048364511d87adbd4dc4fe9462fbaecef3bbb78d40045339ead5a2aa7af33ad668aebac661918192b71defc31b975ae3cc416ea4568275661733e7ed4f4d5fff

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
723a8f18dbe41c80768e767bc85d3426

SHA1
443f4e2ea98af098c95d89858efc16f15051b22b

SHA256
4da4acb83c585feb04e2d2ac8e8978771576a5f4d8f41ad5280378835fe796da

SHA512
e28da1c9e33380e13b01c63de19739f206af1993b68fcfecfa161003e243e66036276308e328409fbba1dbdbcb20cf6cc127b6d90d5c2c5aa083570b05e95cc6

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_ce1a60c5-64b4-4c1e-aa0b-c009e5f17290_1669557535020.tap
Filesize
335B

MD5
a77cb25037680ccb3b009231f35431c5

SHA1
db4ac8d909c388817edd8239ca5a27e3433833f9

SHA256
cf9d1853526fe8aaaffd15035c5199c34deb78e3343e8ca98cb94a9d39d990fa

SHA512
c1e327c0d3cbbaf48389847f70cadbb423c87caecc9c681e510db18dcfd0bbbd2ab55cd3d7838feac456761f15766dd7eb6b23a4d83f0bbb74df1fb767d0aef7

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63836D1E0218-0001-126D-76E8DCE9DEE5BeginSession.cls_temp
Filesize
77B

MD5
01aeaf76091e6e008be88c0d7ff272de

SHA1
2d5c7668144caad1a593e1ad69979ac0622ee912

SHA256
186e894cded342a38908d068cf2dc29293500a80943966c98c9b70804f0136f8

SHA512
9a85b28e90491cb82b2d853704b183a402e5a44cda5211a4ff209df156522c31c139b132f6cdbff6cf88833df44a79ee5d46128080374c598197b0a826ec4271

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63836D1E0218-0001-126D-76E8DCE9DEE5SessionApp.cls_temp
Filesize
120B

MD5
efa3344b0ad197593703a38e7ed44c1a

SHA1
c6e49bc32e2786935b5c66e39189d8b979ddab18

SHA256
ed70ff861e253d8a7c02cc60e7fb1c05564e87f5508edd2b9695756fca806a6a

SHA512
af034dc69ed33720736cac5661f683d4f3560f5c19233b6642a3e35c01d8ddafac8035a5c042ea0d1cee3b13fb43e73f39de5c4eda68e90cec759db209975570

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63836D1E0218-0001-126D-76E8DCE9DEE5SessionDevice.cls_temp
Filesize
101B

MD5
6b90bf89f0dda5d055124c2612d940f1

SHA1
8fb62e9205d10663b70511ca9a9205c7b8cc373c

SHA256
2ed782efd12d109d9fbfce3daf2c878f2599ed2b45cead8febc7b094f79840d4

SHA512
ad85b823a2a0193800af5335e15883ccefc4cf2aaee5079ec3a341239dbbfb6602670920471fe6c99b41e09610e3a7e202eb382da456e667ca26019a4fd0975c

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63836D1E0218-0001-126D-76E8DCE9DEE5SessionOS.cls_temp
Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/files/.Fabric/com.crashlytics.sdk.android:crashlytics/initialization_marker
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/shared_prefs/TwitterAdvertisingInfoPreferences.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/shared_prefs/com.crashlytics.prefs.xml
Filesize
159B

MD5
6f2faa58ccfd589900a77d37cd926412

SHA1
edf25241bf4ff204f7c16ceb97548909f66573b3

SHA256
d84bf14e289e621a27c60ed165a94f357b0959561dd304954433d8656893e342

SHA512
2672e5c0d26855fca3e6a7cd2d1cdd8cd5b051e847a3f3259f2ba3982679aaaeeb566772f0afe58a8deb53de58d42cf443a3afed5f0b7cd903e1eae0c37b5229

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/shared_prefs/mat_queue.xml
Filesize
109B

MD5
72c63cb25a6ee9d13efa766650d5d0c6

SHA1
0b66633ba147fb38f11aca5933100ad4432e4fc4

SHA256
e6c8e9e82a4ded75a5b8e0bf4f23c6a7847621b0583d1b5c9e591e48a97d62f4

SHA512
fe74f3d2d5ad2749fea6566c05ad37af8a20de7ee08fdab95f4aad1c76e423e075e559ebb3342c39e8ca4aa75d31e682cc248c8b00f876844fea87035c2880f5

Download Submit
/data/user/0/com.GuqmNLNdXLGv.uOzmNfAL/shared_prefs/mat_queue.xml
Filesize
574B

MD5
de082197f2b38cee98df463157215a36

SHA1
1f91fba3a004a38d0d1f39082f170d9f5c1eba25

SHA256
09589d0da0868b3f665b0be9a161729d9e56243e30397aecdc721d671c8bef47

SHA512
96a782b36e4e9493ca2f5eb61a065bdd2960eeda8a65bc02f2466fbabd4e11937c2bb36ad8176c0b61fb3f57d8a01169bed8d5c39243591a47acbda389795b58

Download Submit
/storage/emulated/0/Android/data/com.GuqmNLNdXLGv.uOzmNfAL/cache/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads