290a1c0530ff5d0a0ac8354e6964e04c7e1b9040af785fa8435b27a22296b812

Analysis

max time kernel
3223226s
max time network
160s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
28-11-2022 22:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc791db30fd5ddc58b9fcb2b2a41ed7d5c5d83b70e5527ec6020b1c590dcd86f.apk
Size

5.9MB
MD5

0925a78ee5c520273dcd89c5e88b60ef
SHA1

c6ccefd5494c99ea85dc802669464fdbf31211b2
SHA256

fc791db30fd5ddc58b9fcb2b2a41ed7d5c5d83b70e5527ec6020b1c590dcd86f
SHA512

b20ea20884eec21a74e7c77d731d99bdcadd41183545b846d50669ef247e46841db2c96983681c12543ef213c5027c60bf77f620559ddf9a51234d1e724b1803
SSDEEP

98304:Qfy7lOKQmKxZgXybxYJeDeZBqwvgRw33Zabrbs5AD8eWAX2zfrqkPKClwsT:HlDKxZgMxYJKeZARwQecXIlwsT

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

org.optimize.app

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications org.optimize.app
Acquires the wake lock. 1 IoCs

Processes:

org.optimize.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock org.optimize.app
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

org.optimize.app

description ioc process

Framework API call javax.crypto.Cipher.doFinal org.optimize.app

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	org.optimize.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.optimize.app

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	org.optimize.app

org.optimize.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Acquires the wake lock.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-journal
Filesize
524B

MD5
f942e99d5a91327c65bd1fd6a4da3893

SHA1
11fd4cb5267f878356fc69ec04c2748ee275bf0a

SHA256
0d4b86474e7d39bc4d5010a4e3c9fa46b6c423bd2006c112ab1f05e6d06fc92a

SHA512
47f073f9a0a265f57dcbd5e5e24e92ed7043dca70d858475835430161feb6753cca082c882aeb51afd315144f1a5a500990db1bc92d6d94e8438825f43465279

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-wal
Filesize
52KB

MD5
5de1f7ae5b7271478b0946c98bcd37b9

SHA1
b7dedcd8d38c5c1da2014f593787b378026cc49c

SHA256
dc1df2cec51dc3f0e54770d01ef5ca7a55e3fabf80ff146f6a2cfcb3704d0955

SHA512
4d102a797090560f4e67119b137bdba59115a1aa9c55a60e12468b4a0ba78e91523e91ee28a458fbb7ef6c61daead97cad859d720e7638f198f552db886102e8

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation2447281188446221302tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation390382852312073313tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/generatefid.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/no_backup/com.google.android.gms.appid-no-backup
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669670536682.cn
Filesize
3B

MD5
8a80554c91d9fca8acb82f023de02f11

SHA1
5f36b2ea290645ee34d943220a14b54ee5ea5be5

SHA256
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

SHA512
ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669670536682.zip
Filesize
221B

MD5
42b9762166384da5ab0195c48ca66629

SHA1
9264947a775c75677ea8369b4c85b441c20f2572

SHA256
096246e1a028acd9ac89623599a2f7689d4e5c57c50ec1d2e967286ebdf26db3

SHA512
b288bfadf4ff4867bd678037591fc7d8dee37dc614b4bf6205c88e554a75d2c86836ba9849878b1794f5b72106eff1833902dc1ee84e90fe7184e5dba6a1aafb

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/apps.ap
Filesize
1KB

MD5
c8cc11b1ce6be8914bdce164fefb3922

SHA1
28f4c72a2912b9e0f74e8bb776e9d9d5d5cd3d3e

SHA256
25abce98c466ada9bf3fcb10e056edde5dc0311c502d2013e3309ab1f5152b0d

SHA512
1beff5257ad75c0d72a54a9d76d3f9f96a1a0d64cb918930a04708aa509db72eb6d709be7c1fcdcb5559eb1b974fa4daab721f72229241fa49eeb4157d925031

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669670526692.sm
Filesize
11B

MD5
0c554d4e30c294140ede96a4d06775b6

SHA1
c22fe7585096e9478b6b64c20bd33e22df5d96d8

SHA256
fefaa3e60e610770898396979fc7e59e2f32515db738a2aa6fc5053d571e49ca

SHA512
6759ae4635432a45dc37262aeea6a4457cf4a34bcb5805db2d42563d052e30ce97438b695a671d8ab7931bed82f93908cdba608ad086e24e7667c1640182e3b5

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669670526692.zip
Filesize
225B

MD5
db9435bcf9f43992f1ad0d8553a17469

SHA1
38750f31409170e0219a7e409465cd40754b02fa

SHA256
e7fb2cfa6d6950bdfcbea46fd344832be4e0c27d9f01f93ab3ec7ad6cef175ea

SHA512
ae124fa9475f0dc87c8d341c69c436a4fb0143ed6bfa83fbe6810b38939e177b41e5f4f367033261ba0cc9af530c90ec698f977ebc874db7e66c34dbe4ad3a9a

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/conf.st
Filesize
45B

MD5
0715c425e68269fb474bbf4ef92c9494

SHA1
761945ce56c4cedfd07e2d78f5d795fde493ea37

SHA256
c7ac06c02abc6acebb0a21b907ea1773680df2277a0fc3e44336039525f06114

SHA512
cb1b8b8df700c23fc6c0b1102d54ef3ad7e1ab2f07903c82e87bb68672662cb569c7a777ce09c75892b4d04ffcc5a09537bc2da59cf46b7d306951c7beac2f34

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/encSocketID.enc
Filesize
176B

MD5
398c4a9e4dc357ff0d391c2b4c9de5f5

SHA1
53844e8e4fc7f7b87566a5a164c60dd4cfb7d422

SHA256
c37a695a4455524637645cd85c1f7350051df8c29c8653c0a6f737eea1e725ee

SHA512
fafd5b9cb240b70c4c97f800bb0eb8fa24477b557ce111542931992668aa9cad3fd8003158445e573067518bc4c0c4716397f3684372e3b0f3d40990b8603114

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/fls.tr
Filesize
369B

MD5
448497de0acb850f584a55de0fa80af1

SHA1
cc495a9ca30acdba9ec919a97c33794e4d169948

SHA256
9f51633dac1fea5184ade81a5542515e78eb20222ffa15444e7d0361379754c1

SHA512
9dcc5d2b6f9f0e65c20498be6be6a0364d5e198e43ca3507a646f1645715554d52dd2a5d6582f6923b91b3fb6fbcda957acb01175a298be8e8f350034d359073

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/socketID.st
Filesize
33B

MD5
7ea676c5fa6609239a98adab99b0bb09

SHA1
2dde22f88af82bc7576a804142087b1bcc31e975

SHA256
47fab37c70dc240ed6194cebeee169e017fad542d06a46b20e593d4c3855baaf

SHA512
4fd3f0ba7575c9b35542d2311770dc58d92b69d2907643a0073bf2a820ebddbe73fbdfc8151c160257842ffba5bfde3cab381434a7ada114656eefe9d0d8a88a

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/system_log.txt
Filesize
175B

MD5
34bd87ec335f3c259d531c20c7f5e2e5

SHA1
40f7a6b81eff642d02114dd9e206a11f6f0e6a78

SHA256
2dcdc916dc0ec80ec6fb7dd835f831fd2c6b0b14e7e7e2b2e863289398e44069

SHA512
30c38e3cea86d5328d4ac65611710a03acd1fe29930b46ab595ecc2d21ce7cbb860b1417fffe38281dae37850aefeac39d841d24678f785a9bf7ad072580b971

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads