290a1c0530ff5d0a0ac8354e6964e04c7e1b9040af785fa8435b27a22296b812

Analysis

max time kernel
3223206s
max time network
139s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
28-11-2022 22:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b.apk
Size

5.9MB
MD5

599ca5ade29ca5a197d672c4c8030403
SHA1

b65579c62481b07f955638d884d3a59b9582e705
SHA256

682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b
SHA512

2331da7504ff00686b8afbfb2ba9c8b226566b0ab2b2d26d8f5370b9f94af301469818f926c8e27f72de0ed5f91371fc4f0024d7c5c1723675b2b0ecd65d7448
SSDEEP

98304:MLv0HRFwlCAuCnTCK7/WkOC1CvgRw33cDbe24ynnfnDc4WQAEzfrp2vwCNwG7:o0HzwLPnTCK7OkpzRwR24ynnfnDcIsNL

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

org.optimize.app

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications org.optimize.app
Acquires the wake lock. 1 IoCs

Processes:

org.optimize.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock org.optimize.app
Requests enabling of the accessibility settings. 1 IoCs

Processes:

org.optimize.app

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS org.optimize.app
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

org.optimize.app

description ioc process

Framework API call javax.crypto.Cipher.doFinal org.optimize.app

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	org.optimize.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.optimize.app

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	org.optimize.app

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	org.optimize.app

org.optimize.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Acquires the wake lock.
- Requests enabling of the accessibility settings.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-journal
Filesize
524B

MD5
3c3d9c6005776e8e315e8536fb453c29

SHA1
69bac3f1ea2003b33a441e5b5cf08f01dfed7e85

SHA256
479f286bf9a3b9d119224735523daaae2051a5864cad7dbfd38afb35cfd78208

SHA512
f9579d7483d98b6abeceee48001b280a83018206c9bfea335cb300efcd1f7d4f1c1c6da09ba9a427b1b7bfd444d386aebcbba22960d2d839d7ae3326b3c90521

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-wal
Filesize
52KB

MD5
79ad7fc3568dd5f11028665911f03826

SHA1
db8e958e26a87d902bf2076e62973065336828a8

SHA256
5e6119c82e2b49bbd6e4c528f48c4ef79a19c7dac594d3ad43b9fcff923ae493

SHA512
4d1d52e5fec814c5ba6a29a19bd79221effed6286ef38d524493f12196001271b713f037035f2efb527a74a53ce2c67a6cc409a2708224e562efdacd919f340a

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation263158136976725175tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/PersistedInstallation8950336175256391078tmp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/files/generatefid.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/org.optimize.app/no_backup/com.google.android.gms.appid-no-backup
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669670515915.cn
Filesize
3B

MD5
8a80554c91d9fca8acb82f023de02f11

SHA1
5f36b2ea290645ee34d943220a14b54ee5ea5be5

SHA256
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

SHA512
ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669670515915.zip
Filesize
221B

MD5
dabf7cde9b96b88e8d9554ad6c1f9f3e

SHA1
c372d018eb2ce1f767fe816c8db4ae8ccab475e1

SHA256
ebc238fb8ed43a177761fb50c9d412f47aa1b95bb1cb4d23b8516df943b09e03

SHA512
0f07c7a375c6111ee457f70136f3ce27eb99a0d9cbb91de5b7007a528f08b56064fe134898ffe483b564d59979d3c686d77c4e3f55a003166b5751cc71e6859c

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/apps.ap
Filesize
1KB

MD5
ef82b6c374d7a5040224ae80bd784e91

SHA1
456328cd8e6cea34e7d1d9e4f60cd229403da229

SHA256
84af13d354a0d48bdb333f0fab2eee95098f10f647d34e7c82f79a3f6b41990a

SHA512
27abe5ee2710e0f23900e0f02520dc00f74dc69d4bfa1cf34f5010f576f9ec8d75b232411f1b7fa1b577e97dcd011bb8aa9d016dbca005e60cdc22e4d5e44d95

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669670505907.sm
Filesize
11B

MD5
0c554d4e30c294140ede96a4d06775b6

SHA1
c22fe7585096e9478b6b64c20bd33e22df5d96d8

SHA256
fefaa3e60e610770898396979fc7e59e2f32515db738a2aa6fc5053d571e49ca

SHA512
6759ae4635432a45dc37262aeea6a4457cf4a34bcb5805db2d42563d052e30ce97438b695a671d8ab7931bed82f93908cdba608ad086e24e7667c1640182e3b5

Download Submit
/storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669670505907.zip
Filesize
225B

MD5
ab3af536845e76ffeb610b3f7754e506

SHA1
a31ea404d3c83eb66e83dcefdafa78bdcd8bb58f

SHA256
ac3e764df379a981c68a2998c4656c7f5666927f9369d70a766b3667cdcd4218

SHA512
4de5bcdb992eaddf91149220de589a3379b984aec893d63a4a9f0fb32e84559700a34d0691425c55f37aec2b404cd7388f62bd94536cd898820b1264783d21c3

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/conf.st
Filesize
45B

MD5
0715c425e68269fb474bbf4ef92c9494

SHA1
761945ce56c4cedfd07e2d78f5d795fde493ea37

SHA256
c7ac06c02abc6acebb0a21b907ea1773680df2277a0fc3e44336039525f06114

SHA512
cb1b8b8df700c23fc6c0b1102d54ef3ad7e1ab2f07903c82e87bb68672662cb569c7a777ce09c75892b4d04ffcc5a09537bc2da59cf46b7d306951c7beac2f34

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/encSocketID.enc
Filesize
176B

MD5
72e68169756488da815b2ba7c69022ad

SHA1
abf7ff287d18bd66bde916eacd07205434a17205

SHA256
0cccf2fcc5587f10cb5efe606d17467212455b14a9ef7ba7f6294eea0adf57ac

SHA512
c680cc163ba4223ec971c92994bd8cd61dd31ba137709ea7e01bd21235a34ed1d16de0cb8f5ce1eeb21d1a2fe738ae690ae38c02983832dfac96b231edccb8ea

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/fls.tr
Filesize
369B

MD5
448497de0acb850f584a55de0fa80af1

SHA1
cc495a9ca30acdba9ec919a97c33794e4d169948

SHA256
9f51633dac1fea5184ade81a5542515e78eb20222ffa15444e7d0361379754c1

SHA512
9dcc5d2b6f9f0e65c20498be6be6a0364d5e198e43ca3507a646f1645715554d52dd2a5d6582f6923b91b3fb6fbcda957acb01175a298be8e8f350034d359073

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/socketID.st
Filesize
33B

MD5
08f2f209c8e8efb05d4c8e881acf173e

SHA1
265dbd1c9047759ce086509b4e004c092eeaa37f

SHA256
b6c0265224dd643c4e95fb43f8caabeb44634fff9b334807fa51bee489bdfbc5

SHA512
42d9797759de50b15bacf0bc692218ebdcb21cd182f29a8bb14b38ab839505bae9d9e83bd0d365c72c95923d14cddf9654761e786a50a3c98cc820b83fc90a4d

Download Submit
/storage/emulated/0/android/.org.optimize.app/Presentation/system_log.txt
Filesize
175B

MD5
4b81786b0ef73bf010f55c5f493b8659

SHA1
2840a8ca459e39653b3e14e2919028a17191ff3b

SHA256
c7995533abb8c213636cce9a2e310969b56958805131c337075e29953a2b82b7

SHA512
ac3664402eba41ac1ae780fc08d96e119cf532d236ff3faf654a9fdc3f22e91c141f2afd468e09796c3eff227febc33067e01caa892989a942babdcbb6ae65d7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads