Overview

overview

7

Static

static

7

chrome.apk

android-11-x64

7

Analysis

  • max time kernel
    607020s
  • max time network
    602s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220823-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
  • submitted
    06-02-2023 00:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    chrome.apk

  • Size

    277KB

  • MD5

    cf704d6b0ec8351e403c1bb5abb47d0d

  • SHA1

    c5010bbb27741a6136e2e6bb6cd9a77ad5404ecc

  • SHA256

    1526ce6aa629ae1fbd763cd4e36e13d31e0e8ed0a2947812e670afb2089d886a

  • SHA512

    e759bcebf576d01901b15c72b8fb9c3c039792b9231f975a30b4a7f28dd07fe3e0e376ecb25f76143f2052f6e0297e921465e62823c1a7345ced0b759f729302

  • SSDEEP

    6144:K62sPC+1iD1gZKpoyIzXR9tFe3mK5tVfHrcxqXiTU/4hWAZ80jmjIEQ:ksPC+AGcIzBNeWK5thLcx4i4nAHjU+

Score
7/10
evasionransomware

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • vc.wvg.rdnkj.ky
    1⤵
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4651

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/vc.wvg.rdnkj.ky/files/b
    Filesize

    492KB

    MD5

    8bc0091e6eff8b8b0cfbeb7e8640dff7

    SHA1

    0f3f25232ab998c0714389957b96e0edf9f78e5c

    SHA256

    4348ba2422d0fb7e93ede54d5a4ebbaf4738f1ef05448e89f46b8f8c8bc8f2fa

    SHA512

    ec1ba86d246f6d65ee6954cbd9962bc969f0c46e9591b6c61dd9bcac734de2abb72a1c37b0babe1870dfde4643d8efcac21b56718169fbcba04b30802877400f

    Download Submit

  • /data/user/0/vc.wvg.rdnkj.ky/files/b
    Filesize

    492KB

    MD5

    8bc0091e6eff8b8b0cfbeb7e8640dff7

    SHA1

    0f3f25232ab998c0714389957b96e0edf9f78e5c

    SHA256

    4348ba2422d0fb7e93ede54d5a4ebbaf4738f1ef05448e89f46b8f8c8bc8f2fa

    SHA512

    ec1ba86d246f6d65ee6954cbd9962bc969f0c46e9591b6c61dd9bcac734de2abb72a1c37b0babe1870dfde4643d8efcac21b56718169fbcba04b30802877400f

    Download Submit

  • /storage/emulated/0/.msg_device_id.txt
    Filesize

    36B

    MD5

    352f1befcbb83f41b2810f2ebafafaa0

    SHA1

    7ba12f4384153b8b09e25f5fd6354e22fe4c9bce

    SHA256

    a17715783cfc40a74cc8f2d7adfc81028cea58abd530a2f71a88b596aa34b20f

    SHA512

    c62e97a1dd231126ae26fed87b4e03f529a4ebfddd579f06eae5c9490ababdf7294a8733ad63304e8566be782105324264ae96ec7eaebd70064f1069634b806c

    Download Submit