290a1c0530ff5d0a0ac8354e6964e04c7e1b9040af785fa8435b27a22296b812

Analysis

max time kernel
3226839s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
28-11-2022 22:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fc791db30fd5ddc58b9fcb2b2a41ed7d5c5d83b70e5527ec6020b1c590dcd86f.apk
Size

5.9MB
MD5

0925a78ee5c520273dcd89c5e88b60ef
SHA1

c6ccefd5494c99ea85dc802669464fdbf31211b2
SHA256

fc791db30fd5ddc58b9fcb2b2a41ed7d5c5d83b70e5527ec6020b1c590dcd86f
SHA512

b20ea20884eec21a74e7c77d731d99bdcadd41183545b846d50669ef247e46841db2c96983681c12543ef213c5027c60bf77f620559ddf9a51234d1e724b1803
SSDEEP

98304:Qfy7lOKQmKxZgXybxYJeDeZBqwvgRw33Zabrbs5AD8eWAX2zfrqkPKClwsT:HlDKxZgMxYJKeZARwQecXIlwsT

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

org.optimize.app

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications org.optimize.app
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

org.optimize.app

description ioc process

Framework API call javax.crypto.Cipher.doFinal org.optimize.app

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	org.optimize.app

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	org.optimize.app

org.optimize.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Uses Crypto APIs (Might try to encrypt user data).
PID:4440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events
Filesize
112KB

MD5
42234a0297173062f6ed764ca6c0208c

SHA1
d8105d91e5557e0392dc749fbac6974d2daed956

SHA256
7265e8650b06d78c24ca70a41564680abfe6e529ce6ff5f5aa7504caf9113dc6

SHA512
001960aca53baf55b045b0b1d1f8609d1d614bb145306da3d8eca698d33d3a6d5b66a81cedb8a581b7e0a9fa97349b0ce0b19113564ecfcc41ba95201b871f53

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-journal
Filesize
1KB

MD5
817f20b42a43090f42f9c52f7a853d3f

SHA1
d695ae668416739eb4a9ca0618e8631f613d6826

SHA256
a95679634114e180f46d1b532b53b346626ffeebee785da3addec216f81eb766

SHA512
7786b9c714c758bda26869bf7d5b884f1a91fb38d114d841aee9285b75d01159d76ee828f86427cbda1e930aa92a4c34338410d1ba36c95c12e8523cadb894b7

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation2761819487434433655tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation765912677704758535tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/generatefid.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/no_backup/com.google.android.gms.appid-no-backup
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669674137500.cn
Filesize
3B

MD5
8a80554c91d9fca8acb82f023de02f11

SHA1
5f36b2ea290645ee34d943220a14b54ee5ea5be5

SHA256
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

SHA512
ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669674137500.zip
Filesize
221B

MD5
edc9056ec4e4385078ed55661747cc73

SHA1
a9272f370d3df24b9be94b39d2cbd9d38ae89404

SHA256
87c8be7d7119f9d89aff45efbf65ea8e44180437f6e579fa0bb7c5462930970c

SHA512
a4cae209798bc688319335a394fc835adfd5d3f393bb664f6eef99c9f6ec48b2183a4d131c491c3299d9b7d75aab85257e6f82e265c8b62e3e1c407d9a12b026

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/apps.ap
Filesize
1KB

MD5
90c486c5d8ef2ff6639bfb37a61b7fb8

SHA1
fe0a07f63935b4257f978dbf61503eab5f9d9e78

SHA256
fae3faa9db2bd721523844f68ded624c6f09ad4ac440299c857b4a82078a677d

SHA512
3f8ffa161c07d4ad3833044a3eed3d247a4a160d11ae127821a6723d26fbb09a90517f329379ea5594645e76abde2b2f9933052df82c0ec06d282a59c5bcdbc3

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669674127514.sm
Filesize
11B

MD5
0c554d4e30c294140ede96a4d06775b6

SHA1
c22fe7585096e9478b6b64c20bd33e22df5d96d8

SHA256
fefaa3e60e610770898396979fc7e59e2f32515db738a2aa6fc5053d571e49ca

SHA512
6759ae4635432a45dc37262aeea6a4457cf4a34bcb5805db2d42563d052e30ce97438b695a671d8ab7931bed82f93908cdba608ad086e24e7667c1640182e3b5

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669674127514.zip
Filesize
225B

MD5
ee170447a305bea2b8b5302cfff586f1

SHA1
187065d19674854715ecdc8fb241a82d45adac84

SHA256
41f9ec1455613a2ff0c2731a29f6f6dab1d1f1edb7319ff22824f0341bb5dd3b

SHA512
ed73adcfcaf3a66f724ac050cb1c06f786104dea7c4347d346973c14289f41b5d3d08189b22e8391dfa8458a8b55b816864ce17930f490c1ba831fb1da2054a0

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/conf.st
Filesize
45B

MD5
0715c425e68269fb474bbf4ef92c9494

SHA1
761945ce56c4cedfd07e2d78f5d795fde493ea37

SHA256
c7ac06c02abc6acebb0a21b907ea1773680df2277a0fc3e44336039525f06114

SHA512
cb1b8b8df700c23fc6c0b1102d54ef3ad7e1ab2f07903c82e87bb68672662cb569c7a777ce09c75892b4d04ffcc5a09537bc2da59cf46b7d306951c7beac2f34

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/encSocketID.enc
Filesize
176B

MD5
fa7b0d0e687d9d27a64a61a56ac0ab10

SHA1
4af58660867af8849533ae579cf0eb541b4d1095

SHA256
0f6cb129fd862e62f2b19ff84cc107fbb18790094a5b80cc97ed5358c04f9bec

SHA512
cf4c21c7677a04937850aadfcd054f8b7d9a8994f644c980259ac1303d13e69e49d1fa59b1e869e63720fb3cb0cf630eef96d636e6469ee59f1809745f45b6e6

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/everyone.evl
Filesize
66B

MD5
65f0466dd74f037929b1fd130e33646d

SHA1
4c8c4b5977c36fcf1521377d934bd5de34087d8a

SHA256
2146b7a7d195c3fb86e56bb3facb9012610900df6eb646cb77ee5759d47c2f2e

SHA512
9d7a5421f46779be00c76f725354232d5fd69bc1ce05db54fe15b54f76b57aae7a2ab6e223978edc6ad7bd954bbf2a63c2f44e2a25fe6cbf3b06e34a8db25b9d

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/fls.tr
Filesize
424B

MD5
5de58a1faf80e21f0e532571518d295d

SHA1
0f0ffeff446dbd03340f48c73c19a81a1b1ba5ea

SHA256
17c0a0d8653dd1b1295da96dd7d3005a8db442d5da4dd7136ff9d60dbb68c035

SHA512
afd140f2370e8f7c2d1f67d2b1cc782828fa251bd83c21b2b6a234f52bfc1c4791af95cb24ee593d4956ae37963adc8cb9f10da33d29f3ae38b1c47541467806

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/randomUUID.uid
Filesize
60B

MD5
138b9a881fbcaddfe028e7e475f952be

SHA1
1101a3e2006a61d39e395fe38adfe9dbc9775c4b

SHA256
c97e3eb00eb7c691f801926008dfaf68d88771de1027d8770495434df1464a18

SHA512
9647ea3edb5b2be5b6b3486bd08d9fbe51c89de3e6c1d2d0d5948b31152c01669825b81908ceb8f821ea6aa1da9799cedb39fc88471e6e97e127288574e2524b

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/socketID.st
Filesize
33B

MD5
dbba747ae6d91f5dbfb9436c95a0a5cf

SHA1
1cbfa4330600884b08956d0335e621f1540d5317

SHA256
7298b871c11525e1fde92f6bfe96a5a94026c7d81b5ea3f971829c7d6fa5439a

SHA512
285a11cb3f2d850fa80f538696852d387aeebce03cdffd96653854ad49255a71f4a3a53198c32bb69f237b96422b4f2f6cc9e7a538da84e04335bd2a2ad42216

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/system_log.txt
Filesize
175B

MD5
d5d7fcc2a21e62b00701a95030c4b709

SHA1
4dfefad0910e018530da82c3f7e26fbf49b015fb

SHA256
8b23422a6d792748d2aea440c345ef5d0d203cfea0703d6847ac157c42cd5ad2

SHA512
e826055a0f9ea2e11a46d9d11d2eb75cf42701af4d4e6314ea47b771d4cbc7d582e760844fcc2a76a9a145b0661854a8b665fa5028987ed5c2e5d7ecf1ccaf0f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads