07af0d344909a23ca635db7102537701a9f2d40c6fa4092f90b41cfc837b898d

Analysis

max time kernel
3175480s
max time network
144s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27-11-2022 12:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

07af0d344909a23ca635db7102537701a9f2d40c6fa4092f90b41cfc837b898d.apk
Size

19.0MB
MD5

419b08158470cd2122eeb80a8e36370f
SHA1

3d44d4bfbd5f0e50d72e23ac42583a3b8fb79038
SHA256

07af0d344909a23ca635db7102537701a9f2d40c6fa4092f90b41cfc837b898d
SHA512

09d01372b95f39c06bc3579114a34b2d4375e80a63dfd687f7a4f917e3e91b22ad9e2d56d65cfecc8ac3c2c8920e9c54295ab05f36f99474b71b270d3de74c85
SSDEEP

393216:cajaHzYglge89RvBbXH+3eboP/JwdX+GYibK9LZ7gftYMdwLM0:c3YchK1he3YoP/J20ibKtZUFpuF

Score

8^/10

ransomware

Malware Config

Signatures

Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

com.javgame.nn.doumob

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation com.javgame.nn.doumob
Acquires the wake lock. 1 IoCs

Processes:

com.javgame.nn.doumob

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.javgame.nn.doumob
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.javgame.nn.doumob

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.javgame.nn.doumob

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.javgame.nn.doumob

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.javgame.nn.doumob

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.javgame.nn.doumob

com.javgame.nn.doumob
1⤵
- Requests cell location
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4101

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.javgame.nn.doumob/files/__local_stat_cache.json
Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/com.javgame.nn.doumob/shared_prefs/APP_START_TIMER_INFO.xml
Filesize
117B

MD5
3c0366f4d167f2977ec99036f7b4babe

SHA1
2d74c16840bd521d59c9400541c016bdaff63ce9

SHA256
e3756a67fb49d085c9c3f2d1512508d826da560c765060d55a83b74d10df8549

SHA512
5347bba4256203435421dd0a68723157a015cae6c4fc7d86f27a2f4b2cd24306b9322b3b6f0b6ec954198c1497a3ce3097a62e7615f032a36db66d5d543b76b5

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
70202492bde84a4a0ade201f9bf9c24a

SHA1
811a5408d0e47f08a89fd5be00c3a58ab82d25c8

SHA256
29ed62e29b1dd472049eef0c17d6c1ee6ae28577c943ef188af6d10301a64e21

SHA512
d9a5d735570f6ee69e0e7946d46d37006c7e6992bde34dfe6dde87ed4ec7b8a7b9cce2f7bd59024a0bf16c15ffb8a89b7476c03ab7cbe376004351ec8ab8150b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
89f96e52fb6b775f551dcf6230ef862a

SHA1
e5c5ee0304947ff66ded9a5908ee138287827739

SHA256
60fdf59bc187ad1486280b4e3d87b4295a87127f80bad244485d1133c25ebf34

SHA512
d793a60eaee9814a4d133eb0ccfee2eb8ae5ce538db3540057676c9e562be5c341efd053f330dddd511c0196a1abbda94f8079cd65661be61e01355f8b69d785

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
381B

MD5
1af43f30f2faa03fe489e52599a3315d

SHA1
71314053d3870ac112f027dd4d01b9d6832cd31b

SHA256
67d0498f95b262aafb9871f9e135e171db30e006d1217d99b0736cdbffd7d301

SHA512
72a294f0fa5d65af6a4ca9ac5ef777786148cb7fbd209d5a893d9d7b145437ed32f5885f8c93d052135de039607922aeac138e3c567c4f27952d2151edd69b3c

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/0_792baf0e-385a-45ae-9c15-aaf152c06cda
Filesize
232B

MD5
4df4d296cedebf558ba2533d2d91b572

SHA1
7f4e987267c6349b3ffe16153a012ad69416b42f

SHA256
c342a34b1e0d3d5c297005de03ff66410167ab84a15a967d322e44ff7afcc050

SHA512
8e6404b43e0d23e010b150de0c1957d811a5ddae8de11fc1a969fa3bc1f0ddf57d347e85d7b5fa93dbde7715ef43dfe948d758baf78799fd2fbc1741719a9867

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/2_792baf0e-385a-45ae-9c15-aaf152c06cda
Filesize
32B

MD5
8c1b26a94cb3f5e99891928275ef852e

SHA1
58fe0987113ad63b713b230eb8fa9020b3e3b90e

SHA256
98b7625ec7aa86b1123d3879f664eb6d2325889ad4b4be101d197360444e6ea6

SHA512
cc0e5834123216e2ab24b424cd4e54fa378b61f7fcd4921c659941e6596bf0a0f6a028bf2cb48da76808e17604b652dd70f186fa1abd0d18b74382549722c14c

Download Submit
/storage/emulated/0/Android/data/com.javgame.nn.doumob/files/uploadFileList
Filesize
2B

MD5
fd3ba6fa132c34aff2476c18fe928668

SHA1
74ccbb04dcc4baa8479fac977743e9e68154a8a7

SHA256
beadba836315747fc95ae304452514b72fe122a6e345974638d70c4e8ebace6a

SHA512
b5ae7ba4ccf48925833e481f664b55f5895779b4a44ec1068eee5559585636f399dba4f2b28c4f4c757ba59ca3556dbcc83986a013a42e66c1ebda16ef765172

Download Submit
/storage/emulated/0/Android/data/com.skymobi.pay.app/plugins/com.skymobi.pay.iplugin_V4006.apk
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/baidu/.cuid
Filesize
89B

MD5
0b9bad6fa847013a986a9fa09fa420a7

SHA1
180fb49faa93c4514d498327f7002854fbbfa624

SHA256
e06916c033804f70ff0fcbe695d291b4f56f5c0551182bd0e6e795b198df874e

SHA512
efcbb6a5f2eaf667e6122e59934ec3d3d57c0f4f30568bb99da7d868e5a73cb4a4a3a339e63e52ded06d37f1e6ba77b9856b65f3be51d26d84c1b5ac0c47915b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads