e725a0d3d7978d0bd20e7875bfdcebdebf449bf82d80ebaf0eac4c1c446c34bf

Analysis

max time kernel
3177868s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27-11-2022 12:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e725a0d3d7978d0bd20e7875bfdcebdebf449bf82d80ebaf0eac4c1c446c34bf.apk
Size

19.0MB
MD5

921036cfcf20bcc297c92aa9b463decf
SHA1

04bec6fffd500731523d723469d1e15ce01bdb7c
SHA256

e725a0d3d7978d0bd20e7875bfdcebdebf449bf82d80ebaf0eac4c1c446c34bf
SHA512

65341e05da500be2254073d27b22bdc5984d020fe59d679da384a2a37b6e427864af6bcc8e046d484cf9f02511f836f629c6153ca1c8fbe462c9870bacc22acc
SSDEEP

393216:jjUHwh1TzFR9vpb7i1oPDYdL+GYiaK9LZ7gftYMdwLMi:x7lRx9+oPDOIiaKtZUFpu5

Score

8^/10

ransomware

Malware Config

Signatures

Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.javgame.nn.doumob

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.javgame.nn.doumob
Acquires the wake lock. 1 IoCs

Processes:

com.javgame.nn.doumob

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.javgame.nn.doumob
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.javgame.nn.doumob

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.javgame.nn.doumob

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.javgame.nn.doumob

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.javgame.nn.doumob

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.javgame.nn.doumob

com.javgame.nn.doumob
1⤵
- Requests cell location
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4149

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.javgame.nn.doumob/files/__local_stat_cache.json
Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/com.javgame.nn.doumob/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
1b1d98c25bffd47228687ffa61549fff

SHA1
8618a9dd8eae0a2b38c2f3784c1f46463135ab03

SHA256
0e727e190461c351e00628c8918a2082754f538d11053203bab06a640d1b7d4f

SHA512
fa89cd87264a6113f5534ad2ecd89f431340eca4feb68158b47792bdd3d8ef19dd2cbe11c1122b82abf6651c55c808895d16d26b7337c013d7732ea8bcc8a0e1

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
0ccc6dd13ca7942cce50a59597b62071

SHA1
10eabc0af0c66c6ff878daa6d70568486c7046af

SHA256
623300bcaaadcf511e8655a4a4820199ef28ab91450e675c25701bbd7ca0cfb6

SHA512
c924ad41ca9a1301d8f5edca52fe5134f1875e92681e941311b428ce7ca3d39581accb7fa44e610e77274faaf5d8327764bd5556cb172aa88354e178a3f1a59c

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
db6d24f752deafef6ec5323477b5891a

SHA1
5296e80a7e48ad552166e50787d961a581833c5a

SHA256
1ec744c787be2d3560e3a2b67c56ac74ed9eae44206c6839d6374df2b9c06a94

SHA512
bf21d753a6f962a53fcae577e411cc5ef308b75a671659e388ac6fe13d0fffa306abaaaa8bbaaeb6c4355b7ed8206cd329503e1b81d2c5def75e3a349c305658

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
381B

MD5
a75c6be5ceac2c68cb81e45995cbe3f0

SHA1
6abc4b4be8f81c2a2da94e234ec0ffb74b83ba5e

SHA256
0a359855f17c0985c9ad612edf433701621755273c474d7ace740bcbbcbab23e

SHA512
f8fba95033cbb484e2a5ba8aed9eaff136f6f154c005ec32f96721ea5d66125294d2fefd8b138fafcd7216ebbc9b4916e8de29b579faa1bb03cc3aabb85e0052

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/0_6e91f02c-3487-45ef-93f2-67500bf1b27f
Filesize
230B

MD5
3a421f6f4566bbb1466200847f945592

SHA1
579117347de29e9ba2afeaf36406b26f38c7de31

SHA256
5f91eb02b5f3196a8e1f729d3517accf498b2ec4e190c032f2e492a70332a934

SHA512
961bf7dbb5622d290c58db5314167a515235477c65e7648b834395b17c1b943121bc577add36e926520597babe228633fa69c12c13ab13a5dd16a9a59cecbc99

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/2_6e91f02c-3487-45ef-93f2-67500bf1b27f
Filesize
32B

MD5
816bd2bbf04479974dce44383dffec81

SHA1
c0e151ee1edd9fcd5ffed4994684225f02079599

SHA256
9bb252292138b72743dbe3cf46babcd1652c608860f4d3b46df0b7363f71fc10

SHA512
0723db58936b23d4c43f03dfe2c933ce1cee4cdf499b15755d19be699404e3bda88d2cd7fc5ca09cbcacb9e84cdd9f911100c1e09a30560e6e5e9fb799d122e9

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/uploadFileList
Filesize
2B

MD5
fd3ba6fa132c34aff2476c18fe928668

SHA1
74ccbb04dcc4baa8479fac977743e9e68154a8a7

SHA256
beadba836315747fc95ae304452514b72fe122a6e345974638d70c4e8ebace6a

SHA512
b5ae7ba4ccf48925833e481f664b55f5895779b4a44ec1068eee5559585636f399dba4f2b28c4f4c757ba59ca3556dbcc83986a013a42e66c1ebda16ef765172

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.iplugin_V4006.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/baidu/.cuid
Filesize
89B

MD5
a3262da52e21ecd141efbb9719239721

SHA1
b0f16e193be6208cadc9079b339cb4b06dedfdaf

SHA256
ca3dafe273298971e3d752a1f2d8813e8d357baac9170b6e3ede878ebc20d248

SHA512
1239856648b81122e991bf11c975fee9ad35e0b7f500b7258ee3d6ac7e9b10b84b64c244bd446d764d3cfe06bd7cd57d23994194de3c443c793cb2e94faffed4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads