Overview

overview

10

Static

static

10

Bahamut.apk

android-9-x86

6

Bahamut.apk

android-10-x64

6

Analysis

  • max time kernel
    2661051s
  • max time network
    135s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    11-01-2023 02:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bahamut.apk

  • Size

    29.1MB

  • MD5

    7ac30a4488748e4be24c04325f147c9f

  • SHA1

    b54fff5a7f0a279040a4499d5aabce41ea1840fb

  • SHA256

    a71290070f826292c0ce907f21280e46cb4b800163ca3b81301c75710387ff1b

  • SHA512

    2bde3d4bb8a5df81f1e0230cf6e1464853bb52c104ce3da594a0218fee62b83610d673b999c186b158b469c50213be4057c8a23aea2b693fd9083293db44cc9c

  • SSDEEP

    393216:bjd8b3Stod1v3uFwCPwmSPkkbiaOhECW1Fypl+W9ESATJXQY0/rBxqHoyvc2IGif:SbKhE3cYFAYA/q3Yq2w2AEZ+1AphH

Score
6/10
ransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.secure.vpn
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.secure.vpn/cache/rndseq
    Filesize

    48B

    MD5

    291cf824ccb18bcee5efb9614acc1bdd

    SHA1

    99b0006948193602f5af028d921a2d95844f9b13

    SHA256

    cc1c37d9c27f734776fa8a50e9d5d8b17b312107c0a27565caf8504532e70e75

    SHA512

    9b0b22459cd6ea439ce7595a81b4fd75d0b0a763b8c3c8c0a640e6a7e5968a84bd4f05a66536e9fc1d5ce5f59d68e0d3afe0831adaac449d0be5af035229ebaf

    Download Submit
  • /data/user/0/com.secure.vpn/databases/MonDB
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit
  • /data/user/0/com.secure.vpn/databases/MonDB-journal
    Filesize

    524B

    MD5

    88a779bf0fe3ef4a0cd99e612d7bced9

    SHA1

    9aec7fe297937c83ed758d4d0a52c3378c5d27c2

    SHA256

    9cf2cedf9e213e94774fc2366f9afa18cf57a5b01fdafd7933ccca87e62e716b

    SHA512

    9ef799caf9f29e928f1c6f722aea4ad091c1caf69a780b5e2523fb06f5d06f2c3af9a46cea567576090dec1a10897597e0e1f491627b6b6f7d6b432ca4be8023

    Download Submit
  • /data/user/0/com.secure.vpn/databases/MonDB-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit
  • /data/user/0/com.secure.vpn/databases/MonDB-wal
    Filesize

    386KB

    MD5

    cad0c66276283b7fa0aecc39d3e5037a

    SHA1

    10834739f1e52590c60b5fdeeacc4e1df2fe0290

    SHA256

    8d5bcc8488234ce083f62a2d0ed57f9ae274485e13ec72797a7868abed35337b

    SHA512

    fde9fecbe4fb366dfac8ab1e2a85bd738e9cdceacf2d19b202934312e12bb76f430f9c581cbc73fc3ee77d96430da4544abb1a84342267f5d371c736ee871ce8

    Download Submit
  • /data/user/0/com.secure.vpn/databases/anchorfree-ucr.db
    Filesize

    36KB

    MD5

    3c8712702c3e006776815db23fde6b00

    SHA1

    439eb8bdfc725d5685e67fdc612fe2225aae9db8

    SHA256

    b9c395e649e48b2d55b972259b8c89dbcb81b34d2a7b568db9d440f1a30193b2

    SHA512

    251b3ae54ab15db7988d145275a2a7e2c6553ea29baae3e11df1fc8d96fd906e9abe7d3b60f8481e2fbb448e94b3e2fa3a9552812cae725713ba0e12e02ea470

    Download Submit
  • /data/user/0/com.secure.vpn/databases/anchorfree-ucr.db-journal
    Filesize

    524B

    MD5

    9a9a76aa5d449a882426d95b08ab3160

    SHA1

    acb47fb5b167fb6b07e6771e4270064461d2f959

    SHA256

    9c35c853a325aad2f3b68736cc68f8265fd325457702cdd5c21d58c6953f20f5

    SHA512

    d0d27c63c69e7579d3a81c1cd66ccba287f525113f935c6092bbb49b2795776cbbb9b1a95c5e058d661b5f37c338a171c5add86a9b4c1a0005ff65894a8052e9

    Download Submit
  • /data/user/0/com.secure.vpn/databases/key_value_store.db
    Filesize

    300KB

    MD5

    de38c1b93803416a3870494dadf9f53e

    SHA1

    131d69621a745efb2c4348505ecee8e86ffdba1f

    SHA256

    a817617ad31df0e23946518cafe95c8e7fd111bbfd3257c160d2fa5f1115e33d

    SHA512

    1c0dad63c631de7acfc3423225ccd276761e89356995097cd8d11c5d3c52d6cca94661df2cbf062ede44d8f260be0f0dce2a2cb72cf599dac21dd6691907cc07

    Download Submit
  • /data/user/0/com.secure.vpn/databases/key_value_store.db-journal
    Filesize

    524B

    MD5

    dd0979fde154c1d82ddff6b434423ca4

    SHA1

    4dbcf93c180dfbfe95bc6a616bab8999bd414cdc

    SHA256

    ea9723b1e961ba761a74923151fe0632acacec548afb860d65a7b7994e518601

    SHA512

    68e63cbdbd17254f398fc21dd02183489f074cac881d7bd9ad34b45c2e5f8621726c65cd34ad70b869009d6653c1f558a37c01baea2c6a655e1d04594f9fb864

    Download Submit
  • /data/user/0/com.secure.vpn/no_backup/androidx.work.workdb
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit
  • /data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-journal
    Filesize

    524B

    MD5

    d5d9ead39a2a8bcec7734da9d958ad7a

    SHA1

    4024a0319afac1f6054a6f24396abb5a006367d0

    SHA256

    35f07007fb16faeb31be0ac3ceb101c7d89154a7cc40c91a4901360a08e5a68e

    SHA512

    87413d2bdba1f9be93bb424453958b3ff338640b3d3746aa2cf4ef463364e335b26a5d11ea9f8796b15eaed1e10c48b44eb5d65ffb915cb9ccca8f9416db354f

    Download Submit
  • /data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit
  • /data/user/0/com.secure.vpn/no_backup/androidx.work.workdb-wal
    Filesize

    189KB

    MD5

    e433a906dc90e99f555e4e5d3cedd88a

    SHA1

    8fb2f760923e61b1a549732f2eff81a312faae11

    SHA256

    9234c86e433da751368000944cfcb69ec1a14fb90e4f6b5db92868c53eabf70b

    SHA512

    14e3721dfe3b5e7acab26d0717d4ddeece115e25592cc10d4c0c5cc24bd10a22019f76a85f24b9e821f7bc64e3aff3ef666e95c9a98b258f4685c691b577c404

    Download Submit