8fb9166c40e2fcc0d7eb541d9127a51656eb73cabcc62467b6a1c3a785cc31d3

Analysis

max time kernel
3222872s
max time network
153s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27/11/2022, 21:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8fb9166c40e2fcc0d7eb541d9127a51656eb73cabcc62467b6a1c3a785cc31d3.apk
Size

1.9MB
MD5

9ce153cd078b916448730c90f436e42e
SHA1

9178984ceeda87268f868de43690cc3cd4524985
SHA256

8fb9166c40e2fcc0d7eb541d9127a51656eb73cabcc62467b6a1c3a785cc31d3
SHA512

693fd348a4e506f4f5bfaae6be832444de81f0f36028039ab2f999bddbe6e2fc0ee93c498023b33c4ff822f10a2688f1ac06cb6e351fb30d13afc95b3c887dcc
SSDEEP

49152:meAB2smlA4F0jIwl0sKvbSoOu7L3x/ElBq8ych7X1KwztTaz3vVDEkRNJY:meM2NeK0TKjOu7LtElBbh7X1Kwzm3vV0

Score

8^/10

ransomware

Malware Config

Signatures

Requests cell location 1 IoCs

Uses Android APIs to to get current cell location.

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	org.mygson.videoa.YW

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.mygson.videoa.YW

org.mygson.videoa.YW
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:4072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.mygson.videoa.YW/databases/access.db

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/org.mygson.videoa.YW/databases/access.db-journal

Filesize
524B

MD5
4c617c8e61a8343ff14862c22e4a2821

SHA1
6415d34a2769f61c02c9b533f5a6ddf3f7aac4ef

SHA256
566e352d7c3d359b7928b7bb538612d8c64480bf9ba283c6951706e9af0dd8f9

SHA512
7a9e8d74d9fa94aed3278fed39cc18ffae04e9739016b1c295111c6b7a12050830f961348aa116daaea703d9ff459791e318a8f6bbbf35182de236712560fa5f

Download Submit
/data/user/0/org.mygson.videoa.YW/databases/access.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/org.mygson.videoa.YW/databases/access.db-wal

Filesize
32KB

MD5
03990a25823ed214a321485179e07b6d

SHA1
15126885c2135bddbbe4b5d8f2dd391c052a8f17

SHA256
cde8ce6a05a319fa0e61377540f19564aff3c286d81ac8fabb701043012cb765

SHA512
447c7ddac7bb2f821c42c747b4132598941ea41aa09ad531ad7b227a5f6c70545e4334af0c686c6e58df73dde5d9427499ec82f5eb0e390ef8acd9afdf94fb56

Download Submit
/data/user/0/org.mygson.videoa.YW/files/__local_stat_cache.json

Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/org.mygson.videoa.YW/shared_prefs/extxml.xml

Filesize
107B

MD5
4deff9301b59507d04fc7e9a63000ae1

SHA1
9b49496b398eaeeafea5db51e1c29c42f1c0d655

SHA256
d2092a5925b775a4479531b0f09238d78f6fe45c7f56d3c9702d3e9f1396054f

SHA512
1459d02896e12c82ea5e1d3fa9029d2657a0b9e4ed52c56c58844a1a529c31e2ea37cb778bb13ad314b9a6ffebf672ed3881f0312d44fb770100a87bbcd3432d

Download Submit
/data/user/0/org.mygson.videoa.YW/shared_prefs/pay_xml.xml

Filesize
119B

MD5
56be6b759e25d6f84fad17cf6f0af4a0

SHA1
769b9b85217158e11ad1ac346537143f3b291384

SHA256
742af9555a7b1c52ff65092c7809add85e5f66dc01b337c7994b10149e9dfcc2

SHA512
591ab4bf27cf5b08b3cd5690e1c290f487d7e787f03c25e120f63aefa53d31de5df7a47ee342db5c2784da71fcdb862ad74eb68416e3fd54da9db5c4217ddf5d

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid

Filesize
89B

MD5
2f30761fc4764a90bcc072861af7eaf1

SHA1
fa20ba30b04e701a0b200ed21f21b6e2f94942f0

SHA256
f292ddb7de456a9e232356f3282206d505f35d229ef2aba8168ed05547e6166b

SHA512
2b9fb2738fc3d8d2d135cb7bf654c074adc99399c7db96992ea50e8286af59bf1738993dff6e2724782d460fea3d318ff080417b84f95ad6e3d2ab189631fff8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads