Resubmissions

22-11-2023 16:15

231122-tqbyladf25 10

06-02-2023 11:15

230206-ncz6dadf55 8

01-02-2023 07:34

230201-jd4sqsec2s 8

Analysis

  • max time kernel
    645066s
  • max time network
    159s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    06-02-2023 11:15

General

  • Target

    0b72c22517fdefd4cf0466d8d4c634ca73b7667d378be688efe131af4ac3aed8_unpacked.apk

  • Size

    7.2MB

  • MD5

    ec9f857999b4fc3dd007fdb786b7a8d1

  • SHA1

    3fa48a36d22d848ad111b246ca94fa58088dbb7a

  • SHA256

    0b72c22517fdefd4cf0466d8d4c634ca73b7667d378be688efe131af4ac3aed8

  • SHA512

    51d9965e08fa3f5cd8850df3f2dd8503c47ce9f3668b2ae90d3560cc16acd0d4d1b3bbed651d957bc41ea7595a527a00b9c600b3726faa6095af380019e3d1e0

  • SSDEEP

    98304:vDdInEpAOdLl2DfGjOmP34z09nmw3xAZMV8JiDQeZgUGdh0fr33dmh++0oEHi6Pz:5gE7tf3u09nmiOZmDid9h+CFZMXmwfXR

Score
6/10

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

Processes

  • com.rduzmauwns.jieliysagr
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4754
  • com.rduzmauwns.jieliysagr:remote
    1⤵
      PID:5063

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/.com.google.Chrome.oXqFc6
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data
      Filesize

      112KB

      MD5

      b663831f8cc130493476d94f2d7a5330

      SHA1

      043a1956ab8e40821d67043f8a9110a8eb36fb93

      SHA256

      c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

      SHA512

      e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/Web Data-journal
      Filesize

      1KB

      MD5

      767caf10abd2cd0b885795a5c8ec030e

      SHA1

      04addcc8bf7ee792ed3d605a3a0efff636d49568

      SHA256

      e63cda601da18d39d15cbf30a79b4161592c007356fe301f0703ff959e96d03e

      SHA512

      6a1ca5aa5621a367f9ff2257daf0698f84540bfcc7b9b801b43bff744b79452af695bcc17c222bf465f5b6b040845a078a31a8fdef18ef7a8277046cc50a6306

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/metrics_guid
      Filesize

      36B

      MD5

      55e5e2117a740613f6b050101a505a87

      SHA1

      cd812e003b2e51727aa59596aace7a1a4587a1b3

      SHA256

      be371b4a6b540c81a1562a905279b1bde5683092705998b523c79417eb889c5b

      SHA512

      10fb5159a63cf2b9929af76c3ab1f5282f98c4d5e66b29f0c665f11e23ff88134d4153f29fd23ea3124ab964cd01b63273c7ac1df0ffe397d18ed4a49d28fc66

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_seed_new
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/variations_stamp
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/com.rduzmauwns.jieliysagr/app_webview/webview_data.lock
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    • /data/user/0/com.rduzmauwns.jieliysagr/cache/WebView/Crashpad/settings.dat
      Filesize

      40B

      MD5

      cfedc4150d4ecfc186101a35bdc0adc6

      SHA1

      e97d6aa3ba185e3665a5ca45c100606a02b3a6dd

      SHA256

      b15209f79b348eef8deebee83adcc9153856f1c00dacdf30431f51f2d075d946

      SHA512

      d6bcf0d2ea53d32e32913e721cbebc88b2174d2475d2635e490f6ebb25e4f3249c20f0dfbbcbfe1f63c97edb8f1dd310919a8d4e0e3a86e8d1cad14ee8e170a2

    • /data/user/0/com.rduzmauwns.jieliysagr/cache/org.chromium.android_webview/Code Cache/js/index
      Filesize

      48B

      MD5

      6d7d499960179766cd4261d12dacc411

      SHA1

      e6f8553b0015e12b23cc551afe98763f3b1c9bed

      SHA256

      c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

      SHA512

      6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    • /data/user/0/com.rduzmauwns.jieliysagr/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
      Filesize

      96B

      MD5

      83f35afd9e16f5496e22c3e2e3ddeeeb

      SHA1

      23fbc8a940b7aae7572f537396b6aa3396293a55

      SHA256

      f1096e2e85edffac717e865bab00cf48ba0ffc34836a923a520de207637f9077

      SHA512

      8adb0cec3bec5854e4a9258231f6d53aa2f4a01fea38662772d9c97ca78218e6818cd761f2fbd7a5f832ede14e62f46c5910a6fb2f8ee880f76959df34aa6e0f

    • /data/user/0/com.rduzmauwns.jieliysagr/shared_prefs/WebViewChromiumPrefs.xml
      Filesize

      127B

      MD5

      6ef709b8536878951e87c29a1518fc2b

      SHA1

      24376c70b00152501b3d98df61fa7db435339172

      SHA256

      10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

      SHA512

      96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9