3596dcce7523eb46570d1f924ae70e19ae0e57c98135193de17868a9ca2b7d24

Analysis

max time kernel
3176661s
max time network
158s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27-11-2022 12:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3596dcce7523eb46570d1f924ae70e19ae0e57c98135193de17868a9ca2b7d24.apk
Size

1.8MB
MD5

e356cdca3b0c3e238da02f6a69108b40
SHA1

1442da98b469a5b307c9d04a622bc673a3215348
SHA256

3596dcce7523eb46570d1f924ae70e19ae0e57c98135193de17868a9ca2b7d24
SHA512

95f1d774ac428bb982f1a6e4779dfda3d425a89848492b5be94dc6f0ba6878c059e966a1a1fca0d8691fe20f1516de80ffb4365beaadb51e74758e9fa3aa67fd
SSDEEP

49152:RroyB8smf+GnkHcyEcD6uoYoMHEDiNrqrM4Bq8y+h7X1KwzOTak3kUlHK+X/rv:Rrou8NGzVUHMHEDi0M4Bxh7X1Kwzi3kE

Score

8^/10

ransomware

Malware Config

Signatures

Requests cell location 1 IoCs
Uses Android APIs to to get current cell location.

Processes:

org.mygson.videoa.MV

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getCellLocation org.mygson.videoa.MV
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

org.mygson.videoa.MV

description ioc process

Framework API call javax.crypto.Cipher.doFinal org.mygson.videoa.MV

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	org.mygson.videoa.MV

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	org.mygson.videoa.MV

org.mygson.videoa.MV
1⤵
- Requests cell location
- Uses Crypto APIs (Might try to encrypt user data).
PID:4115

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.mygson.videoa.MV/databases/access.db
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/org.mygson.videoa.MV/databases/access.db-journal
Filesize
524B

MD5
c17ffd9da0cb66705e6781020ec9c134

SHA1
e82b1d19a13dc793e38dab444fbcb492ea492015

SHA256
434dcf91f870b884407926c1eb04d999e6639da833f79251f0e9d180d9c32abe

SHA512
bcfb0156b0d2d6e1cdc05d5507e70506d361ac2edb7ee659af303e60c8cb6f7464f551f0044dfd472009b378d6b13f1219478a9c31741aa1722f6bc144a473d9

Download Submit
/data/user/0/org.mygson.videoa.MV/databases/access.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/org.mygson.videoa.MV/databases/access.db-wal
Filesize
32KB

MD5
acdbc089308d603352484ee44ce6f989

SHA1
ddeb6fca60502e5bf4d564a7d2c392fa9aa9b147

SHA256
a0acad86840ff310516c394dd0359ba9f7b430e852d326a67dbb4d41d52e37a2

SHA512
c99c1b4753292f8fe084256193bbf6888401b00f2cef1d041d31193b8c4bf8ac6fc609c842da0c58603ab59fd3619bcbbe18fb2b4baece15b052d0566b72e540

Download Submit
/data/user/0/org.mygson.videoa.MV/files/__local_stat_cache.json
Filesize
25B

MD5
2d805b13f2f28dc3ca9bbcc000f49bb5

SHA1
9eac165b4d81258fd3967cde5cc53b53b1dabcb1

SHA256
c8a6624f390568f0ddcb9841336aec6a564460fdaf6624e562b32935b8956f19

SHA512
5db8c57bab36bcf9db698c1dce70318cbffc156dd1d1c1e09e5b7ba60aff07b598ebbf26c4bd8a2b03bd6e59ef2dde2d944a22a8d8a19ecc8378e83afb7c83b0

Download Submit
/data/user/0/org.mygson.videoa.MV/shared_prefs/extxml.xml
Filesize
107B

MD5
4deff9301b59507d04fc7e9a63000ae1

SHA1
9b49496b398eaeeafea5db51e1c29c42f1c0d655

SHA256
d2092a5925b775a4479531b0f09238d78f6fe45c7f56d3c9702d3e9f1396054f

SHA512
1459d02896e12c82ea5e1d3fa9029d2657a0b9e4ed52c56c58844a1a529c31e2ea37cb778bb13ad314b9a6ffebf672ed3881f0312d44fb770100a87bbcd3432d

Download Submit
/data/user/0/org.mygson.videoa.MV/shared_prefs/pay_xml.xml
Filesize
119B

MD5
56be6b759e25d6f84fad17cf6f0af4a0

SHA1
769b9b85217158e11ad1ac346537143f3b291384

SHA256
742af9555a7b1c52ff65092c7809add85e5f66dc01b337c7994b10149e9dfcc2

SHA512
591ab4bf27cf5b08b3cd5690e1c290f487d7e787f03c25e120f63aefa53d31de5df7a47ee342db5c2784da71fcdb862ad74eb68416e3fd54da9db5c4217ddf5d

Download Submit
/storage/emulated/0/backups/.SystemConfig/.cuid
Filesize
89B

MD5
e2cfe688e32155e3ed6b719391f3e7ad

SHA1
c3d1a462418a1c5d7f177955abc7d7a8849f8106

SHA256
fb8bedbd9042d4e124aa06cd44e7df462725a5b9debca2ce8c660e8aba9db63d

SHA512
74e14cb2ae700841051d5f0fcc511b7f75674f23d44cfe9a0ae9ac3486bb633736ae3a2251c8c5aa8c5e3154895ccd1936018f7bd62c991d5827b0a0b09a17ec

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads