eb5a548c1d7565cf7ac3c3363edf9d2b13be83865c5f40aeef23097f34bb3cb5

Analysis

max time kernel
3224913s
max time network
130s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27/11/2022, 21:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eb5a548c1d7565cf7ac3c3363edf9d2b13be83865c5f40aeef23097f34bb3cb5.apk
Size

4.7MB
MD5

d4a845ea47b3bf8893f964cc883eae41
SHA1

4a2527c77451ce9db795f0354543a6c7b3953362
SHA256

eb5a548c1d7565cf7ac3c3363edf9d2b13be83865c5f40aeef23097f34bb3cb5
SHA512

8a562c785bd3d658f4ee390fab2f5fd7199eed54b52a328ea47a471fb2927786d2172820713d9e0641dc55e85fbc255f1be9cbe8580330fb0155a1749765bf3b
SSDEEP

98304:oc7C1cRBEm/gc9v1m468bWduyYZIuL+DsvKbs8f5D4Bm6Y5gx:NC1cDogs4Zmxs8R8x

Score

8^/10

ransomware

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.shuyou.zjh

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.shuyou.zjh

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.shuyou.zjh/app_cmnraw/sdk_base	4084	com.shuyou.zjh
/data/user/0/com.shuyou.zjh/app_cmnraw/sdk_pay	4084	com.shuyou.zjh

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.shuyou.zjh

com.shuyou.zjh
1⤵
- Requests cell location
- Acquires the wake lock.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.shuyou.zjh//niuniu.db

Filesize
10KB

MD5
8202f6bfa741fbe79961e41892b72511

SHA1
2dba53838985060bd2a333d74f3d5e00b100c460

SHA256
fc5b880272bb0e61daae8d59a2e0317a887309aa61ec7af57e224db9cddca92c

SHA512
9a2a4a12bfb163503e195cae862ada82f5a06340696feac42ebc40323bdcc29de509cb67be3709a7d323ba03a1b5c6e036445972462b8e1c145f2c1f02ce624e

Download Submit
/data/data/com.shuyou.zjh//niuniu.db-journal

Filesize
524B

MD5
4b4ca9f90a5a1e244d08c376d277f186

SHA1
6cc2b871b14519556ea459df3a11e7607962aa61

SHA256
9165a3cfa4ea749f0fa1cd6dae5918f8c469057651c3053070ec6533b09d15ee

SHA512
1a65616b40228d86010af66d62e9a0e95862209b38f7bb6a75b7d0d486ba4dc6afc63f7ccd418c021e471a9b4964c7655baf447c5577960ab880555a12d4d8a7

Download Submit
/data/data/com.shuyou.zjh//niuniu.db-journal

Filesize
1KB

MD5
987bf6b375cdc8f46629dd08b060eae3

SHA1
bb537110b259141e7b58d38e0c8a714a8f63953a

SHA256
22f75f0dc41c858080f488af9ea846126189e9ea83aa92dd4def7cc3a480c1b8

SHA512
ca59005defc0a75c9555e78a279233198e9653ea674dcc23d61ddc2fb2486a932ca8100ae25d86b2c66cfe3242542d66e2e9713ea5680e5040f7c7b244869828

Download Submit
/data/data/com.shuyou.zjh//niuniu.db-journal

Filesize
1KB

MD5
dbdc67bb904f100cbceb29ed4ea9fe4c

SHA1
23ec003a15786a85a30fc2b1b50ffc1ff812b471

SHA256
9e0db9d54450e2d200d6958bf3bc6980cf6c2d28b36507251f6dc0ab82d1b144

SHA512
d77f65ccabb7a62f09edd605de660cfdec176f3751cbe2d55a1a051928f1047ef0b752bde44e1e653d6e1dbcfffc80c0b53f84d87e479d78bb2e447b084c31ad

Download Submit
/data/data/com.shuyou.zjh//niuniu.db-journal

Filesize
2KB

MD5
36491da20887f5229d37c7e9ee4d803e

SHA1
2ef0369112d92b46c9fa7d59f77f8b4811455206

SHA256
0eec9dbde4ad97f60d9f1602ba54206619c1b50f765236f4c84ef89256df8796

SHA512
b586fdb940a7924d077f7fee515ceb32436f2ffc474073d7afaf096455e46db09ba76934a5fb7e6392fd1b33c3463d9b2b732ff07bf1c5c8761ebbe51ac4f369

Download Submit
/data/data/com.shuyou.zjh/UserDefault.xml

Filesize
41B

MD5
4a8226e4211ccb4cb79f54d4ee35a55a

SHA1
7144e993ff784e4458c4d53d6f9f29930cf13fb8

SHA256
8d5bfd20db452314b315192d7160e28bce53c777c98a31aa6df7c93345a692eb

SHA512
7d7480da93b3363306438c7cc08fb913e29098eb19c4f6ac40ac5282329ecd8eae77fed695822955183a4b7084d18da89c2c937af5fcdf43b3f1bd7854cc7041

Download Submit
/data/user/0/com.shuyou.zjh/app_cmnraw/sdk_base

Filesize
40KB

MD5
5551eb560f8513ad1bc7819c71ae0073

SHA1
77a9e9fe123070a4e8062369417b8f879b30b30a

SHA256
8bd35ebca054abc3e68f455c6626a3f52788a050985e89b70f810f4cd7698016

SHA512
03b2ff7f4af8bbc5634b1fe867c782fd8560205ebf8fbe4cb16b3ff12bf176d9a7c980aecff87e5f7d13b3ffebc13c052003340e2d1315acb3d8e0f37ab56511

Download Submit
/data/user/0/com.shuyou.zjh/app_cmnraw/sdk_pay

Filesize
162KB

MD5
0a7fd93c055fabbe842b290b7244a420

SHA1
d6d5094baa916e74186b33897933404ed9816217

SHA256
251ac10079a1317a5c2df040dc279f810fe980329bd79a09042fa23fdcbc90a2

SHA512
26da6075082b02ca6037004017e5633102468e782bc0464d72de61f99acca58820d9f0b3e58a6950a59a19ab389de9cada0b49943a022a9698b1be5b296daf4d

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db

Filesize
28KB

MD5
e73a2242ecf58e57a32cf9392374ad84

SHA1
7fe227815d53459f77085e32e94dba984a681082

SHA256
a919c4a029abdabb9ab2c656083ae1013b835db2c5479f77a562a7bf1cbbab02

SHA512
668b7519c18f4502cd45ab52fe38d142b24652f35061dfa1b447337e4535e9906fa0128bd28a586641a1bc2f4d68e7be50363c55de7b8092e952d2e6b7d630d2

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-journal

Filesize
524B

MD5
36794e0e6b9bd6f0ab6e1158c179d865

SHA1
826c5b1266ebcbb1da26dee524b8610b2c0d8b95

SHA256
e114977b92248817a369cd0fc946eec7bf1e3a95c674020dbbb3cc5eb64a58da

SHA512
55dff245c6f5c4221626f3db3910480046e59921ecf10dcc2fa80549fb48faf0798c3a6a58b4c6d7df343ca1d113aacd89a2f4f38622ad721ea85e9b39dd61cf

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
44KB

MD5
23ceb8913b2f5a5d9d51211fca415ca7

SHA1
5f69230e1e5bcf3cf6cd226185fd3586b87d3f80

SHA256
028edd2d181d87a90dd5705bf1add5b0287ed7db7bb81b23be8bfb154c87994b

SHA512
0a038e931666f3a2cba6bb84ff94f77eab094792da4475206f16c255f3aaa07cd37f21b79873e370837107a6ca3ffc181f6feadf4d17f98a6ec8245b83a7934f

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
471749e6e54c38652ff1570cf327036c

SHA1
667a99f46acb3428328db439312d3de04a78496e

SHA256
f720ba9118d811806dedff919f6815e9f73de319fe78a8c886b965963fd141f2

SHA512
321086fd9d2baae3ef711d9d6057e5ce1f1bd70c16aafac802bde7702329fd5fe41663e26bc3df9ea7d660b7aa3646209389c317ed5ad497c417a8dda4e42c15

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
42e618aaed508ce10dedc1a370ccd212

SHA1
fdb82cbde3744a1041045b53c9b7d468f4c57fdb

SHA256
6ef497b1fab05b6bc24dbb1150f98509d2a8537a9c3a254a31e2b0fcf917380a

SHA512
c1f16a0a32dfc9d1f2d1de4d3a8cc9f476dc5d25df2ea0ea87f5f753482be7c72f73a6d36b49adb801ec62ab275268615978790137e6ab7c52534560c65437ee

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
c4da467692af15352739b5ee815d7792

SHA1
c5594fb32aed6b648f31169b5049cdc27e002643

SHA256
2eb23eaacbe25e885ec20428ad9dde763eb3c33020927ec53fc15685c37c9cb8

SHA512
b921bbed2624602e65c7fc853b2bc21c618ab974fbcdb1461474270bfccdefeee6a67948435f5d162218500710c5598650c0a8b34ae3d257de669747b21f9cb8

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
8dff6c38a279cae24b9b8b634e4da31c

SHA1
cf5ae65aa8a5a0916066961da568a8d19a7ef0f4

SHA256
3d59d10aec284b43c6b28622db7c04e43c2555633632be87808da38f9aa38e3b

SHA512
8f23367d3fc412af9efb3b41d86e79c55399eb0a4de95fdefb0452350230f691f7717bb914b9cb88ade8c610e9c9c397c56ba37cd1dbb06d0eeb3a11c245dfdb

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
cc6a1bec32876d84d2a9e9efceec0901

SHA1
81009a33ffe63a5b675d5f2e55f2d445da768b09

SHA256
572b7f8065d4d1ed3343de2c4ebd12f83ec802bb7893b1e7d86523005acf7552

SHA512
236e9f3d2e306a63552ef8e055ef5b0bc5615547be5cbc48be0f881c25d92d69bc2019b41c6d030355a924e06f460a449ed4cf24e188c13fa5b64073aee762a7

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
624e74e0476feaee367f93629856195a

SHA1
a2b9472d26e3963ee1d6c4d2759582d81c6d9dac

SHA256
eb201eb81bdb5c6ca8d5b69216415d5eca2d1f18ff26cc1bdf287ccbedf4c2bf

SHA512
47abd28fe6241842d32eb315159df89449f814814f6d3769f995ad0eb334a93f9f15fbbd7ba4632504326eabc5c25c70ee212ff96dba2aa1284916063b5934f7

Download Submit
/data/user/0/com.shuyou.zjh/databases/dataeye_database.db-wal

Filesize
8KB

MD5
544658f5ef6a369f66e773b0ba399561

SHA1
7c260cc60dbac0d5daa8a8ffa8bd8f3535f3728b

SHA256
dcb49217266eb8e06c84ab63f5abda341f0375bba39555869b7da837a5be89a2

SHA512
adea2a87167e610f605c61d7d956393e3ec460e5bfc65f4b15afefba738a5c4030b1f425e3fdd5aaaaa74e953ab24e86f0217cfed7f8f345a58a3ed7fdb8d5b9

Download Submit
/storage/emulated/0/.SystemService/DEID/com.shuyou.zjh/oid

Filesize
32B

MD5
35288b57325c926d92bab3c93d71da3d

SHA1
5fffce320b305649467e28db47441d5109770e1c

SHA256
536def2abb79807800b78c66e6ca66762e7c5516354e9ab5f3363d9fcbd436ab

SHA512
0220c236d24eff7c47744a5505d68c624836210bf7924a09b7af732a785b5ed81b070da1206a579485a57eedd3e99a40c48cefb98453bdf5a6b4ab2464f73172

Download Submit
/storage/emulated/0/.SystemService/com.shuyou.zjh/uid

Filesize
34B

MD5
9271895893dbdadd1f054640b625ae37

SHA1
f0263a846f1f17cdb8efa6fe1e43c43a6c90c539

SHA256
95985bf9f84e7e59f7fa0ada1b6e53f87cbd42349f2a2ff8aa1f6f294bd83eab

SHA512
d10e039d9089dad3a4f5a694584b677ef8d84dfe6898597cf3e24b32b6e62c9f99dab18a1f4b5fab59f7ba8e8ee03be3bbcb2c0d642ae6d8e3c67e74e7388975

Download Submit