171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341

Analysis

max time kernel
3147291s
max time network
143s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
27-11-2022 04:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341.apk
Size

865KB
MD5

062ae02cd2c2d6204c75e1c4cd13221e
SHA1

025be407147dd44aa85d1c1be30220ec2cf130e6
SHA256

171b3db11544f064404ec493c243d91e9f0835f3c5bd8e37a8bafc842ba61341
SHA512

4445434e0a58b769277e996be535d0fbfbcd453f84f503f875c7c0cd5edce7a88ea85a7d4ff769d211147cb259b4d0b9d39023d6dc4c0dc9543e32e1c46ca532
SSDEEP

24576:4UuckfQo5RmT3AK1J/bYR6S8/uC4k9P8cTd91:79kfQonmcKXbS8/u49PV

Score

7^/10

ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.as.ytb.downloader

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.hardware	com.as.ytb.downloader

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.as.ytb.downloader/app_ttmp/t.jar	4665	com.as.ytb.downloader
/data/user/0/com.as.ytb.downloader/app_dx/do.jar	4665	com.as.ytb.downloader

Looks up external IP address via web service 1 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
69	ipinfo.io

Reads information about phone network operator.

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.as.ytb.downloader

com.as.ytb.downloader
1⤵
- Acquires the wake lock.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4665

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.as.ytb.downloader/app_dx/do.jar

Filesize
14KB

MD5
8b6f4f87054c23362c817ba96a8793d8

SHA1
717cb06f290d109d563797f614b312eb421ce8d5

SHA256
2619b28fe671dfe6f945a48c552f39405113452e3e4879fe8cc8a0cf32cb4804

SHA512
97b3d1d00546b7fdf53c5d0ba396388bdb5f1317da8cedafec5e0113853210670892dc8f346675d53ee8f0b7229f1ed47c6e5ae63ac9eaa106eb79cb1ce1b87f

Download Submit
/data/user/0/com.as.ytb.downloader/app_dx/do.jar

Filesize
27KB

MD5
9ed3fca9f4462b61a3d6c6842dda4f38

SHA1
8cd409273c5c6021d67909b29a9be0401f519831

SHA256
5476817121c0c5437bbcd9d95511717b5e364adaf99ed5435d8fbf4efbc31e9e

SHA512
0a19e53acabf2cda0d3fc89dcab7d0d411c381ca1350111dfbc52388e84f5d51a5661f0114e71eeb9b1a9e694934ad072bad7aeb6e5060a86354d7b40c1a2092

Download Submit
/data/user/0/com.as.ytb.downloader/app_ttmp/t.jar

Filesize
99KB

MD5
a191df1f25230bd36e07a0c50a0868ba

SHA1
436e134162a1828aaa6029677e2548ac7b8f94c8

SHA256
d850d41e7465a696ba473a0f751e63e2996cb7a7ee5ed0dbd3af930e8f2284a3

SHA512
08f0061d36d087214b5e3747ccca5858ba60949580133698c49bafd97add832784c3cb3a3ad78878af66b7ae9d0097923224232af0b1f25e41fac2f0a3fe0bb1

Download Submit
/data/user/0/com.as.ytb.downloader/app_ttmp/t.jar

Filesize
99KB

MD5
241b415fc68a3afc6df259b5d50d422c

SHA1
59cc74b88a19eb4ddff8e441c9f77dd07d68938b

SHA256
7a3f11f9b55bfc19f338d2b0b1c1ecf120d402e5828a35b161dc5682b593d2d0

SHA512
6ace5a3a6930f4fd13c763d3855af14e14a3b085abba462811545c7d1f5fbb45389e06c75b63f40aba79b3fe070b3fce4ae0cf1decc1b9fea524ab8ca671660d

Download Submit
/data/user/0/com.as.ytb.downloader/app_ttmp/t.jar

Filesize
234KB

MD5
b134082916bd6eb34bc34d51c4d04191

SHA1
b6b0e720f61196755d69713c6fbefec9c1cd6f79

SHA256
78f1a4ec1cdae0828a13f65fa98ecb74d3ca0934b5a7888674f83f274e0291c7

SHA512
89695c59b4cbdbb068aa9c059909915c66636bb94c65866a3498accbf3b495ad77e473954a08528b6b72d4b8e8137f5992d1b5e8d397f9c01935035c5701a6a7

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/Cookies

Filesize
64KB

MD5
dfb2098ca7b3bf16d6f5f1e7d3839af5

SHA1
ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d

SHA256
e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224

SHA512
fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/Cookies-journal

Filesize
1KB

MD5
a39931bc634a3f68795039d47ab6c673

SHA1
7485ad8cc7e5c754f93ea6c2762b4d1b82bdaabb

SHA256
fd5453c1adf20b21f6fd19560c6db0b2cfbdb6b2e64ee4c1fd81a4b94ed7c7ce

SHA512
aee5e347dd2d8d0e70cd4b9853fcdf9f3356d09b0e97032b5c23d1be288bf06fdda37335313cd00549cb3e06da03db65a2adc867bf5c5a84bfd2e76f81af8fef

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
6da64941ca95832316fd8b040dd6a7c1

SHA1
be5eb605b83b169c8dff53a713818e977dabe62a

SHA256
61ce7dc238db67d47292e27ea9700b0c99c0fa057e14741ec59971f58b111c6d

SHA512
ee90de3d50942c932ebc2be3e16c7a1e9a0802562b6a750dbe6beb755481928d52d683408ac09fb3242d473f5c2fd955819769ef158cb59253920afbcf12edb6

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
58d274efceddb769d9a30355aecc4fa6

SHA1
07d485059a89b5f621616a7a5aa698bb4d69ba25

SHA256
952f9eb727d0d978214f5e929c4f351eb5234d55ddbf6fb241b7edb61491fd34

SHA512
0aff88f1d6d97b7c39a15bd41729cb4ed326cb7d1db8223162902af997cdb32992e67c914ce1b273859b6bf00c8bb8f6ba67e21c4e8f10e86905a4085478b4b9

Download Submit
/data/user/0/com.as.ytb.downloader/app_webview/webview_data.lock

Filesize
27B

MD5
ab20984ca45ba335ba2a55324b4ebd91

SHA1
5551c705dac9be35e79aa5311dff714fe33caf1f

SHA256
9f457cca413fb404882885e11af1764a68dd3acdf23cb7387f07a42441ebc2c3

SHA512
141c6dc411414c376be6d4fff5125bc88f2f020fbb68161ff3c7550a72505b1b4ec5d050cb82aba616122a526b5132daf04cd8583c59a37bee79c49c8b7d537a

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
3b1f673f6ab68b75aa703d8bafd129a4

SHA1
019b592249d56920d46c4c878241c2d065b18863

SHA256
a5531049b716c929b5d24b46dab859e35ba41873b227ad013d4a394211b74d31

SHA512
ced5d54a350fc125c8adaccf4c7f1f2ad850d1768f566381e1048f60b8dfcca3b3496fc9be8f5f346022d00c290680801c2f249cb712f5d49cbf73626e2fad00

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
cb9eb9974cd8f6515d8bcb81dfa770bc

SHA1
e8dcb3889c5dff6284d1fc66efa5f8cbe22a83b9

SHA256
ae84271bfeef761a8ee86762ac5d1fa6d0b611e76e3d999d751a8ea82db06df3

SHA512
84a3983eeb867f4f1bd78fc148fb9581ce014b127fdcf3410c06ae7920551c0d0ce81832ac2955e6ace2099f1a73edbcda9fdbf44c580f5e46fac9910613ff59

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
fde59c694be697366f0383d70c04322c

SHA1
f2e9fe12d7929e4cb9afa4282f66e39103f15953

SHA256
46be342c45aa09a3b21f63cc095f4e2eb258257246d3c88bb3906c20c0f93718

SHA512
c39e682d758de799ae2436dad6ee3c70a78feefecda3b74028fd1b385521f671af0eb4a139d7ca4e4755cbd74fc85c3d5e99d144d51424ab08237675698aa78f

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/e94e5126e9667e63_0

Filesize
250B

MD5
7f672d5ebde15c7c646237fa61e94349

SHA1
be5919c6e1c5ade7de79175130a64770baa523af

SHA256
44d182c4936d9b3a78871637c0ac1a3f097fc425b809f8d72e00a495dc6f3908

SHA512
42cd37bd5aac8ca570f39ef3bff81f2b3c6a3a351ce9daf718bce13e4c5a6871aa31afe4005ab76b3a36ddf9cf5b8f7801e4816451debc07e7a2568da01af5f0

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
144B

MD5
74462571e75e6334618bc48a11082857

SHA1
ffa5927a4d73976152a2fa8afd93eb30dc1b4fc8

SHA256
1d38bff86e8fcda172fc95cc3fe60e1b7ba44ea66100a382a449ed71a5d6a1b5

SHA512
2214851d29524c37d9ec74ed3d10493bbf97572279d1251868f5a45b3ca14ab1dd73d648bd45108980fcc0eaa9b18f1b781b930f213e857a867e6942ba49bedd

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
96B

MD5
0ff76e8baf2d8b40f91c829009956904

SHA1
1bcbc45cd2e24242efebd7eaf9a66f780e4b3a0d

SHA256
54075ef0c358754f401768e8538484fc9cbecac366788be3bb2a485547477409

SHA512
83603a4f5e54c01a0cb155e1ae67b14aeff1e887dd97b2276d38edf52d0fcff9bacc8eb8c2236a16493bf2bc2b316d286f2db082ab9e3d1651ea94aacf043c61

Download Submit
/data/user/0/com.as.ytb.downloader/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.as.ytb.downloader/databases/downloads.db

Filesize
72KB

MD5
e1305660fbf9fc4f5e2386825733638e

SHA1
f8e3ef766f61de3af7b013bf16aabfec2b11c783

SHA256
4849e7bab3cb1d29506d3b33e574b1cb5fd57c48c4655b3280568654d2d73b6a

SHA512
19d656b6b0446a9cfc3841ff3d99a21d705d509b8a52720e9ed05859e544911b385750713550514cb5b8caf393af71946cf36c81aa6ec16036d36f88842e34d4

Download Submit
/data/user/0/com.as.ytb.downloader/databases/downloads.db-journal

Filesize
1KB

MD5
82181d5a11ec4fbb6661b8ce3fcc47d9

SHA1
6632d79fa45d86cc7afb7f3c7cb348a8b0a53d2a

SHA256
868896d8c5c6865d45fcbf93c1c1336c4b1af1e358c087a59b23c5faff56c270

SHA512
c295c15b32a9749aa6c7b183e1251eb8fcd2a6654d2e0cf5afce0b7ff4d2cf901fc5be9bbd7ea1aca561e863b393304fdbc9225d7a11bf307307709feacf961e

Download Submit
/data/user/0/com.as.ytb.downloader/databases/sdkdb_data

Filesize
176KB

MD5
190bba824e4a311adc85b2f7e250d62e

SHA1
dbed0bbcd8082f33ba43a04f8588b7fa2e4258b1

SHA256
46a2dcd48d11a0232cb3b4a88d67b6d36986fc8faad42b89663977d6ed5704e3

SHA512
b588ef8c857f32de5d00eaae33042f27054cdce8508714a0645541f8cbf645037c533862c3b8b1dea11f930f78b550f2560b68f59845eb67dfbc5d39b3590850

Download Submit
/data/user/0/com.as.ytb.downloader/databases/sdkdb_data-journal

Filesize
1KB

MD5
14380b3520111fbc69219ee923830621

SHA1
fcd934f8b772975f5524f4cd38034afee5d04090

SHA256
c3d2ca4be86d13736a36980ae2571c67445aca037b0a9d7bfca3da9fa8d485aa

SHA512
6520bf71780aa455548a327dd70c36a9b6d4d757475b67e92e4263c81fddac45663bc098251d2ae5a0755906f5e53944f9cb0e193d86a7ccd44e7818f068ceec

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.as.ytb.downloader_preferences.xml

Filesize
102B

MD5
5b0e21b9a5b2e1d8627d92df598ca4f5

SHA1
f7af60d543f857e9efe92a36f208f0c7ecc716e1

SHA256
a1b8dacf1020775ff147e4bd3510f9c8df70b80b52f5371b4395aeeeccb11a55

SHA512
7b7197f5c451f0749f9b627d19d70e303581cd85715fd33f194119b8168dc4c26250fa50f11619476af284d6e553375cdd69f1f31414713fe864ef74b3ab8628

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.as.ytb.downloader_preferences.xml

Filesize
146B

MD5
5b89280e7ef1a359d6bee6ea96ac874d

SHA1
302b4f8d3d3e8b648c59b5b242b6ed27b30e7388

SHA256
6cfc62973bee6874c6a7c2b0f983b390f44abe6621143d986dca791ae73f29e8

SHA512
07cf453400555d5c092e06075f30e3ce4ae080ed5ccfa92ebe823dac0359fe6d0f3323cde8569c34bf38c10f366777c4780504a5f3c32e83ff6ec49bad353091

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.startapp.android.publish.CookiePrefsFile.xml

Filesize
464B

MD5
9edb7079cbdf34c630557b559bb3a458

SHA1
09248ae56265f8e806d5f7ea4e9f258959e4fe25

SHA256
ba699585eb5fdc3132e6684bb8faee8552f256936f284148860368c153691bb4

SHA512
225ac28a3ed0486050f49cd473b3da7b92464ebfd106e5f20797b03b47b0be5f5b23a483db3c8dee6127ec380ca373f1ffe1eb656b87f99c44f1e99acc10b063

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.startapp.android.publish.CookiePrefsFile.xml

Filesize
888B

MD5
d96caa11e04cc7d003a1e73a0def2e6f

SHA1
2602c15e9ef9cde901b502923a9604d93dc6dfcf

SHA256
303b6dd6baa81b0f64fbb1e66b2133b67ab6f098a620e1c208b44f52d797c2ab

SHA512
0e29e36233cbcfcfc3db2e1e4ad372e70f747c5d8ab36934e4b13c186467185e84fdfff89fabb3f7cb9b229dc4f4eeee69bdd301cf57cb3027323e2f71000872

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.startapp.android.publish.CookiePrefsFile.xml

Filesize
992B

MD5
eb56981b25ca2224309cc7e69ad12fa4

SHA1
fb0896c0e2f675111fe86b6aa2feda4577412235

SHA256
01b8a1e10d51d137499ce92558631bc82e725fafe26aaf9da441b39444fcf281

SHA512
4957b0b1f8df34de77b91b4498dab9033a5600fc08547e19ab2e56991901e40996839302eb6100984551954c43c3f0280659645e0aac360c21d52826996dbf06

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.startapp.android.publish.CookiePrefsFile.xml

Filesize
1KB

MD5
fa6ead1c7e211a82c7bdc66c5723513e

SHA1
a407cf84418fa42e89d3176bde94444e53a02207

SHA256
65f87ff565bf519f81d956230c64d17621b02e8e959effda1e563e09e69f2b17

SHA512
53272894ee2e73779d223428f1cf4e3e0506e875ccb0b5e89c37dbecdd4c1f60a9a02e68f3cc912949b0513d4b2f8cd0fb07433351b67308823f86b061ac72e3

Download Submit
/data/user/0/com.as.ytb.downloader/shared_prefs/com.startapp.android.publish.CookiePrefsFile.xml

Filesize
1KB

MD5
a674a3ea4c651943825dc8831419074b

SHA1
d6907bfacfe0ad67614b6a2c182faef7d14c7d16

SHA256
82547bf455dc17a3881a800373b8cbeda7dd39fe1029830b330a7d5bb267cf22

SHA512
d7cd871000b02c9898067f31ff9339f2e0bdb1c11d2deb94b10806a30b8af19b00564b2b418a8e36abeada86f7bb5448a6f3f002239d5a19bee90ae5648690e5

Download Submit