b7f44e1ffd260f950508d3626d6074c040e02bb1e42a6f0ee4f1bd1f03634593

Analysis

max time kernel
3176072s
max time network
161s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
27-11-2022 11:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b7f44e1ffd260f950508d3626d6074c040e02bb1e42a6f0ee4f1bd1f03634593.apk
Size

893KB
MD5

7c0d4d41874e7108c34f8a3f8d8b0382
SHA1

cf10c9e19ca049e233ce939e52cb02d20f461b10
SHA256

b7f44e1ffd260f950508d3626d6074c040e02bb1e42a6f0ee4f1bd1f03634593
SHA512

af861b48d2041a72fc96673875b6b70d60911125bdad0e6a995032c87c720b5575d2c9637f6ebd8fa4b33b83b2f7c7f4eac2f04634481a9d999c7a7983ad35f4
SSDEEP

24576:XqbWtC5lXZZE139qNH1g4Gc7tqd8PeHnieZFWqz:XqbaCnXZZENMMchs8PwiIFxz

Score

6^/10

ransomware

Malware Config

Signatures

Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.KhotqnjoTVDW.GrtEMwRd

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.KhotqnjoTVDW.GrtEMwRd

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.KhotqnjoTVDW.GrtEMwRd

com.KhotqnjoTVDW.GrtEMwRd
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/.com.google.Chrome.LUVCY5
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/Web Data-journal
Filesize
1KB

MD5
f7ce0a23eff5acfee524a6ab45d1206a

SHA1
7737d484d49637a8bfe621e6f40fba34226f4843

SHA256
84e77a65d6a74df90c700688d7f9500d35cddacd707cab603a507f2bba6dc819

SHA512
f39905f9f8ce7ac3eb7b801de905028892068712575f749a53d4b31ba70979665edf5be7f3db3c6c14d12efbbef661ed74f44e4a996c4c61a29c909d71e15531

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/metrics_guid
Filesize
36B

MD5
a189787ded5a1e9b1d42f5bdb8e5ae0f

SHA1
244d07d10337ba5bb9a30470cc2e0ce7358f043a

SHA256
1767d8ba75c53de606218d1480ed667aab54d508b99856334f7ac8422dc0d1ab

SHA512
f4bf8d1740fa19be69dacaf599a6c08eabb06e876fd42a3e6757c04fca55d89745d2cff7c451fbac0e2990d34292770634e3a29229cc65733e8ca796f3915106

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
5c8cf5ce6f7000ac218be2bc58043ee2

SHA1
929ee1da960eaa6127eae19ad36267f52c3cd781

SHA256
5cd5cea0f3bb1ef6e533fb46ca6ae4037efa8f244356c9066701caa567eb15ac

SHA512
bbe7d96c0d1adb8a69f0287ea910bbc3222495bf5432bab24ab54473239ea9ddb78664790bef5bd681767b84472da70ad9f41865767fa794354f96d0264f49e7

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
b56f214b5a018e5b4e694e1234de4d2e

SHA1
0a37d57082e0feabaf02419af664fe9f9ee04447

SHA256
831e046a650bf2f2665686eb916062b8b79a5ed0c43a92d0b84856a159fb70a7

SHA512
830e880783791fe3f52c9938b021b33643539210f65e36c1186cb86ebd0b61c0fcc051847d9ab63cf9f56e3fb88e4bae74544d13e7dfa9347a2e8aaf638218ce

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_340fda5f-3913-4b0f-aa9d-f8694b120fe7_1669623327163.tap
Filesize
337B

MD5
e9b3cfeb8c5bfb7e00a7d4fc1b5f63a0

SHA1
0adce5c3af071b5fcfeb7569e7a4429f916939e7

SHA256
ee74c96c9a3174a29bf2768895d3466be6e28e21ec248e4a811bcb22bccf6350

SHA512
5b6c1706a2ad4e525f8377ab4c4d88f68a1754c013160d3b341ded2703cad5b75b31287040317f1f5adff0674d695a7a87005015dfca7818408df7f87a8a3f42

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63846E1E01DC-0001-1288-1EA7A0E2F658BeginSession.cls_temp
Filesize
77B

MD5
67867b5fa0bec4f98ea78e3c90d4523e

SHA1
33737e3b1f3f4a195e4b6a2cd7913f9a5e3adfac

SHA256
1a1015554ec33360c970511a7cd8900c5e3f3a301453e2e8ae6c5c3fedaa615d

SHA512
a662f0c689498dacac5e15ad6623aaef87148ea1be153e71d2b8d66aca00d515e7264d9869422617f6d61b1e70b171bda516fe3a030d5da80fe08909b096249f

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63846E1E01DC-0001-1288-1EA7A0E2F658SessionApp.cls_temp
Filesize
120B

MD5
a94c50bcf20e28adf7eb5315ec68af63

SHA1
5d77fbd725688e10e36e84d64c7ec4abe68f23f7

SHA256
1f15ad87369c212815370705f63b8e87fbd4495c56cf9bd5dddfc2b5182ac4b5

SHA512
f231e247b01b98f9aaf0ea75030623e42035c798cc7a5f2be7f751e1d35cfa01158f1a2a2842ad34beca03953f8ec6bd2c877c765fb1dc75477c939b16e8f46b

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63846E1E01DC-0001-1288-1EA7A0E2F658SessionDevice.cls_temp
Filesize
101B

MD5
209acf3c30ab7f7ad3ee2d5f6f02356d

SHA1
bd05ea149efae0d005cde76b1eb9ff0e3295970c

SHA256
fe7940d1775ba007d9be65a58d3c2b99a014e62584c6ffbb44c955b02b0676d7

SHA512
4d8359e9da6f6af7ce42b6bee523851da6698ccdca96f0d89d37dce916f7335a7c1f7ab89d7c71eb1d779eb918e3e384962d19aaca61b44b51c00a27c81ce92d

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:crashlytics/63846E1E01DC-0001-1288-1EA7A0E2F658SessionOS.cls_temp
Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/files/.Fabric/com.crashlytics.sdk.android:crashlytics/initialization_marker
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/shared_prefs/TwitterAdvertisingInfoPreferences.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/shared_prefs/com.crashlytics.prefs.xml
Filesize
159B

MD5
f2faccfee69be11895d6eb45cdc3dd96

SHA1
b7dcf7b0e3758ab4d75548e5ea04aac045d17579

SHA256
f29175d22cefbe241fa41c203be7196625efc0f9fd0a0eb667ea76a80bc95646

SHA512
9c8b71a3d992d88ae19c7236b4c7f87c171aeab2321ba7075a1153ba2fdab2b381bcadd11e2a113b17e4ea8600ed733acf3c32bff101f2ac010ce07909850c66

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/shared_prefs/mat_queue.xml
Filesize
109B

MD5
72c63cb25a6ee9d13efa766650d5d0c6

SHA1
0b66633ba147fb38f11aca5933100ad4432e4fc4

SHA256
e6c8e9e82a4ded75a5b8e0bf4f23c6a7847621b0583d1b5c9e591e48a97d62f4

SHA512
fe74f3d2d5ad2749fea6566c05ad37af8a20de7ee08fdab95f4aad1c76e423e075e559ebb3342c39e8ca4aa75d31e682cc248c8b00f876844fea87035c2880f5

Download Submit
/data/user/0/com.KhotqnjoTVDW.GrtEMwRd/shared_prefs/mat_queue.xml
Filesize
574B

MD5
e03e90f0c06905834edf7dffc89a7b3b

SHA1
69b3522e2118f8b35e03b189c0c18788ba79cc2a

SHA256
953650500bd265c5adef18bdea2c2ae17e3bf145d66730fc0e733e64ce0323b7

SHA512
54ae364b7a6eddbee666a7408dab76b506410a4f83a59fcc5472b7edfdce0fe293a555a7af9328c059676f3299a3a87d723fea119b80ba3481c7035f6067e4e0

Download Submit
/storage/emulated/0/Android/data/com.KhotqnjoTVDW.GrtEMwRd/cache/.nomedia
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads