Overview

overview

7

Static

static

7

d538ca41e7...88.apk

android-9-x86

7

Analysis

  • max time kernel
    3233546s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20220823-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
  • submitted
    27-11-2022 23:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d538ca41e7459acf9c8681d08ab693f3343267fcd96f37926af377424dfb1a88.apk

  • Size

    189KB

  • MD5

    ce0827dace2c3ed0df777db27bf302fb

  • SHA1

    cdb9a35eed0cdd6e45399e6dd243f6855e75b57c

  • SHA256

    d538ca41e7459acf9c8681d08ab693f3343267fcd96f37926af377424dfb1a88

  • SHA512

    204162fada8b4022de4e5637f5455a0ab274ad29b516c5beb91a2345f805308bb63a930d8a9b5fca7d296e3200f20898f3ff4ec9e2652bfb815bcf8bf84f7040

  • SSDEEP

    3072:kvpb28oE8e3rfxjg2QfqXIsr4iyr/RO1TRLc74/5SY+64YDZhKzEQ:kvpbVoEj1jg2Qivar/ROZ2sFZyl

Score
7/10
evasionransomware

Malware Config

Signatures

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Removes a system notification. 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.android.t.sys.systemtool
    1⤵
    • Loads dropped Dex/Jar
    • Removes a system notification.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4032
    • /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/storage/emulated/0/.tpservice/com.android.t.sys.systemtool/download/jar/abkctb_11002_5052.jar --output-vdex-fd=44 --oat-fd=50 --oat-location=/storage/emulated/0/.tpservice/com.android.t.sys.systemtool/download/jar/oat/x86/abkctb_11002_5052.odex --compiler-filter=quicken --class-loader-context=&
      2⤵
      • Loads dropped Dex/Jar
      PID:4137

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.android.t.sys.systemtool/app_webview/Web Data
    Filesize

    104KB

    MD5

    dc79f9ce5f3ab5270b33e61119dfc959

    SHA1

    1844bf222a5144b513dcf2fb50a18c011701c647

    SHA256

    47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

    SHA512

    18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

    Download Submit

  • /data/user/0/com.android.t.sys.systemtool/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    27f2e0f164c5316bf4093fa77b55e510

    SHA1

    fdb34a605da2babb1b07241d00443b9f10fc9c9c

    SHA256

    0bc8b431285012dc7588d7c4750f299732a27754aa4e8f949a296f8a7350e3e4

    SHA512

    ce59a51bc068043d6da0fb026dcebd988916d09a2076e28e7cfcf45d816995fcf0116fef6c8ca5eae0e3507fa3624ef898d13aa25b0aadee1e1484fa49a300fd

    Download Submit

  • /data/user/0/com.android.t.sys.systemtool/app_webview/metrics_guid
    Filesize

    36B

    MD5

    a51f7c7fe5f03334c45971e35b454776

    SHA1

    de00c20762cac2b84b056fe0eb5c66aaacb884fe

    SHA256

    3af846bb77fb73ae0d1240d87de31b27c44f42695dd79b98ba595e087f70b7c2

    SHA512

    928ae582a3bdfe150488e14145d73c1e65a2268e1ba2e595ecf53086ebba2b1e518a0088365fabe6a63f236cfc7affcd2917a1defe68fcd38cc531946af83b42

    Download Submit

  • /data/user/0/com.android.t.sys.systemtool/files/INSTALLATION
    Filesize

    36B

    MD5

    141e123e6512e1d10358899947b7ca1a

    SHA1

    a2d3f401e5820993ac7280084f426c06f06d1d16

    SHA256

    a235abe80c3534018c4b17924f28486efbcf9fba6289da973b11706665d1a083

    SHA512

    7ca0b5df8945d96afa5e09e58c76f0d6aab29df8485e947033fc6e4295c287f57877e530fd022bdb3efb867122178765122a07dac7f3fa5f581ff1b3da5fb791

    Download Submit

  • /data/user/0/com.android.t.sys.systemtool/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    21223e9184445fe043476484cd8cb1f9

    SHA1

    2b4813f849121d60ba35eb0889080668bb62c778

    SHA256

    bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

    SHA512

    be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

    Download Submit

  • /data/user/0/com.android.t.sys.systemtool/shared_prefs/xtgjn.xml
    Filesize

    123B

    MD5

    61bbc067709a45ba3c016aedfa0db5ee

    SHA1

    0f822acec078e84f6843182e74aca9f642c2096f

    SHA256

    674d3719980b0277b15c22f7003c795c205e4f1d6c10e9407671de63dc6c59b5

    SHA512

    ccf49543ca2d29ec58a022943889ce7f4b94e87e71b3f7da1c450bb7382a800d2ddddab4538fbe9c37c756712ee0d447ab383d7ed5b7b45229a164bea789f7c9

    Download Submit

  • /storage/emulated/0/.tpservice/com.android.t.sys.systemtool/download/jar/abkctb_11002_5052.jar
    Filesize

    322KB

    MD5

    c262f263e80f37ef2f15cb452c970441

    SHA1

    6af7bfa576c0b7bf952e056c0ee858c68f13e40a

    SHA256

    e5578d1802f4a108d90a15fe2de93275d7bdf655e6a1afa51f976be430bbe794

    SHA512

    e33ed3c645c9e41ebd069c9653d05d31c6a944617e912cd298217ad7b302bf556c76082f89160bc46be3cf132e404b272f656e29c6e17ea3bf36f9b4515de23d

    Download Submit

  • /storage/emulated/0/.tpservice/com.android.t.sys.systemtool/download/jar/abkctb_11002_5052.jar
    Filesize

    322KB

    MD5

    a20fba5602a62265e6a57e4c88a9316a

    SHA1

    005246149d88a9127907e51aaafba8306e36af91

    SHA256

    c22c219ea93e4bef2d76d09ed9f9e180135672633923eb11edb182b002db2843

    SHA512

    1c1a47e394950154085b67bf30ad3793487ccdaabe581ac971d0b671f01383fdc9b37dd9cad4db2035ae6062bde6d896d2a9b5e46d7c3950f77ae9985dc5bd32

    Download Submit