Overview

overview

8

Static

static

7

135ae0ef1c...55.dex

android-9-x86

135ae0ef1c...55.dex

android-10-x64

135ae0ef1c...55.dex

android-11-x64

682b58cad9...2b.apk

android-9-x86

8

682b58cad9...2b.apk

android-11-x64

8

a8ca778c58...85.apk

android-9-x86

8

a8ca778c58...85.apk

android-11-x64

8

dc0f434d18...e4.dex

android-9-x86

dc0f434d18...e4.dex

android-10-x64

dc0f434d18...e4.dex

android-11-x64

e0e2a101ed...f7.dex

android-9-x86

e0e2a101ed...f7.dex

android-10-x64

e0e2a101ed...f7.dex

android-11-x64

fb9306f6a0...80.dex

android-9-x86

fb9306f6a0...80.dex

android-10-x64

fb9306f6a0...80.dex

android-11-x64

fc791db30f...6f.apk

android-9-x86

8

fc791db30f...6f.apk

android-11-x64

8

Analysis

  • max time kernel
    3226771s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    28-11-2022 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b.apk

  • Size

    5.9MB

  • MD5

    599ca5ade29ca5a197d672c4c8030403

  • SHA1

    b65579c62481b07f955638d884d3a59b9582e705

  • SHA256

    682b58cad9e815196b7d7ccf04ab7383a9bbf1f74e65679e6c708f2219b8692b

  • SHA512

    2331da7504ff00686b8afbfb2ba9c8b226566b0ab2b2d26d8f5370b9f94af301469818f926c8e27f72de0ed5f91371fc4f0024d7c5c1723675b2b0ecd65d7448

  • SSDEEP

    98304:MLv0HRFwlCAuCnTCK7/WkOC1CvgRw33cDbe24ynnfnDc4WQAEzfrp2vwCNwG7:o0HzwLPnTCK7OkpzRwR24ynnfnDcIsNL

Score
8/10
bankerransomware

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
    banker
  • Acquires the wake lock. 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • org.optimize.app
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
    • Acquires the wake lock.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4517

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/org.optimize.app/databases/com.google.android.datatransport.events
    Filesize

    112KB

    MD5

    42234a0297173062f6ed764ca6c0208c

    SHA1

    d8105d91e5557e0392dc749fbac6974d2daed956

    SHA256

    7265e8650b06d78c24ca70a41564680abfe6e529ce6ff5f5aa7504caf9113dc6

    SHA512

    001960aca53baf55b045b0b1d1f8609d1d614bb145306da3d8eca698d33d3a6d5b66a81cedb8a581b7e0a9fa97349b0ce0b19113564ecfcc41ba95201b871f53

    Download Submit
  • /data/user/0/org.optimize.app/databases/com.google.android.datatransport.events-journal
    Filesize

    1KB

    MD5

    0106d7ae68b66b3f04fd937195f1d455

    SHA1

    3d8753e969574457a137db464b9092551acba670

    SHA256

    90915be0275865bdea3af4519217e911473d97b59e36d4f411116f06a81f62db

    SHA512

    89944f9721586118bb94e7dc2242c8a24c65cc716738a135a505b88fc67b7721bfd6a7f7035dd92cd5100147d9843d429a5520af0fd8185f0badde03e7a81bea

    Download Submit
  • /data/user/0/org.optimize.app/files/PersistedInstallation4130084562200065983tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/org.optimize.app/files/PersistedInstallation5242322062809082013tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/org.optimize.app/files/generatefid.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/org.optimize.app/no_backup/com.google.android.gms.appid-no-backup
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669674080906.cn
    Filesize

    3B

    MD5

    8a80554c91d9fca8acb82f023de02f11

    SHA1

    5f36b2ea290645ee34d943220a14b54ee5ea5be5

    SHA256

    ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

    SHA512

    ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/DataLink/1c0n1ct_1669674080906.zip
    Filesize

    221B

    MD5

    af60499c9f8ae1d03ea1d4e815f11083

    SHA1

    656a3500ca3c122cbd2618822d7a79c65890e8c6

    SHA256

    91523641bab19c132ae773f905637d9cbeaf90b723f9d554a189a6ab116357c1

    SHA512

    0dae770fe14e99b9fd6d679b7e64d18d0bd6a28456db5644652b4e45539f91a3b68656653ae064f286a1dd8fecbbddb387ba0ec3a2b955cf285bb0ba83e7959d

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/DataLink/apps.ap
    Filesize

    1KB

    MD5

    dffbf07513188e4ac16e629bc508a9c9

    SHA1

    66c192d457788e9ebe99c78bb06c7123acab8796

    SHA256

    d303e2e100caa0af49753feb451ab8fa04fcc183bdf3856842a142938f959d8a

    SHA512

    11b1aa5934055cfa2c6e3dc06115a6af66fc29879b2ed198420235ec15671a61a331bc50768f505688201d27666883543c6796dcb282afefd61fc444f3c31687

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669674070915.sm
    Filesize

    11B

    MD5

    0c554d4e30c294140ede96a4d06775b6

    SHA1

    c22fe7585096e9478b6b64c20bd33e22df5d96d8

    SHA256

    fefaa3e60e610770898396979fc7e59e2f32515db738a2aa6fc5053d571e49ca

    SHA512

    6759ae4635432a45dc37262aeea6a4457cf4a34bcb5805db2d42563d052e30ce97438b695a671d8ab7931bed82f93908cdba608ad086e24e7667c1640182e3b5

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/DataLink/s8s54_1669674070915.zip
    Filesize

    225B

    MD5

    f05a3556f7fc5dc3e54c9e4bfa3cf439

    SHA1

    7ab18a81e491bcbc940187f4b481b938002122b1

    SHA256

    5b529535985803a93610acfc664f7816853d0c1358446dcf2199cd779b394254

    SHA512

    b42266e9ff907cff9b644e124c00843d1acb595dc231a1afc176f21961cf8d516ddb80e167c0cd2b1a766553b0552e6ceafaa1ee63d295b3bec3c732a2eba83b

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/conf.st
    Filesize

    45B

    MD5

    0715c425e68269fb474bbf4ef92c9494

    SHA1

    761945ce56c4cedfd07e2d78f5d795fde493ea37

    SHA256

    c7ac06c02abc6acebb0a21b907ea1773680df2277a0fc3e44336039525f06114

    SHA512

    cb1b8b8df700c23fc6c0b1102d54ef3ad7e1ab2f07903c82e87bb68672662cb569c7a777ce09c75892b4d04ffcc5a09537bc2da59cf46b7d306951c7beac2f34

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/encSocketID.enc
    Filesize

    176B

    MD5

    227ee2df38a28ae72b0239bea607adc3

    SHA1

    cc1e587d013f3dc5710239b98352d34b705f59a6

    SHA256

    3f8a058f6004692373e45d32c5b57d7923f89d218a5d3400f0acef9f2cc190f3

    SHA512

    92256b5994eea88bbf2715bd1788e11c97b80b74416f3bed080b0c845a9f5e175b425ab174f9d82e803044e2d7a694a01ebb64aa7d8a183d4bd1336aeba5823a

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/fls.tr
    Filesize

    353B

    MD5

    93820741fff9667946cffefb878d72a1

    SHA1

    2a8194cc907b6bc4552048be4bf3438e17cf57e5

    SHA256

    27d9d7d5324f2522ec56186eff3e58107718e124a8002724a4f7f19f1687d0e4

    SHA512

    cf51da9eede91e2c88977e640e5d79e917619d7881eab4b41d9e608ec873711a1c3f59ea0d022563d201d323c103624c93f80f04e3767b7d83a5d1d4b012cfc0

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/randomUUID.uid
    Filesize

    60B

    MD5

    2f926b869cabfeede346498bef6c6c4f

    SHA1

    5669ca70c4838b58fd84a29bea3a73ae22c9db77

    SHA256

    b15e4642dec36bb9040078c58572e49908024e560fc48cb4626c1d13ef976857

    SHA512

    f98f6bb34b06f6a12816706965066d3106a5816e5e9eb789c24b58555e732b627dcef08961c1cee2c608827b9c17f8311f4fbd496a735174bc56cc66cee1bd7b

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/socketID.st
    Filesize

    33B

    MD5

    08b16f536628ab5a97470781e4804ff5

    SHA1

    3bbf11c1cfb34cc4d2367523a4268838ef31e0d0

    SHA256

    d19a760b333c1f52eb0fee49c32b23fc4913e9a2dc0d8afef444bd00a2b2783d

    SHA512

    06ab0537ee8dbad3976d87783f82f4dfb21115781bf3af1da48649dbed983ff5d2882f71b08c7a1de36e8f50b1d5a036b3422804a10bc70b0a6a2eb4ab8b812b

    Download Submit
  • /storage/emulated/0/android/.org.optimize.app/Presentation/system_log.txt
    Filesize

    175B

    MD5

    f79dc2be3264f831a0089b8ecd3b0ab0

    SHA1

    5ba519f0d79859b696f392fb7b2a2be73f8eb91a

    SHA256

    8e3243110cea3d9858cf8d6c94d6ee82a78bb8c7b833d6b7b10efad56e728053

    SHA512

    a5dfecd43faad1d2dab79545eb5035402212bb6f347e2ab80ed69fae15aca6c2d549a1413f580584e408495e91b866b8ff1b063150dfe95af8156b4433b627ce

    Download Submit