Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

461667544a...74.apk

android-9-x86

10

461667544a...74.apk

android-10-x64

10

461667544a...74.apk

android-11-x64

10

Analysis

  • max time kernel
    1245007s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    13/02/2023, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    461667544a618419230b256af9d682bce6c3238977bcc48144015f47c9550b74.apk

  • Size

    3.7MB

  • MD5

    de61a04de576bfedceaf777d00c681e3

  • SHA1

    ad76e12bfafe8e2c837259793a8aa8adc69ad55a

  • SHA256

    461667544a618419230b256af9d682bce6c3238977bcc48144015f47c9550b74

  • SHA512

    eb4b7b68843850e7d9d3e22870f28e5992e2ea3224640388d47180737c970a7fe3481633175d64f176cc281d33cfc8932b1a3a7852fdf98e5ce9d9d92bfa6980

  • SSDEEP

    49152:ZcRgbYP8p8FETgu749/zzgzO4h2YEhs/o1ZIa4zxIOnJMkSWrq3/PHOOK+lMyfsH:ZcRgbYUIfb9rU8YSJ99MKVZRiyfsIMbt

Score
10/10
hookinfostealerransomwarerattrojan

Malware Config

Extracted

Family

hook

C2

http://45.93.201.92:3434

AES_key

Signatures

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    34f1d13386804ca7148c59a1821142fe

    SHA1

    e14b99905a6a6eb520ddc58437e2414d9d68333f

    SHA256

    1c77ebcdcefade8fb49cfb366e596c31f2f71ef47bdb996719e5a3f7ced6e711

    SHA512

    f2d209ea430bab7bd26c6c1fc336054b594db1f8a012558b7fe3ff32c4dc788065244033866998f0bea00b63fc74b48a3c8844a653279c54981490525c617b8b

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    d4c204a1ad0be4679279ab4e7c217082

    SHA1

    38408ba0d3b8a8527f5a090c42bc8d1f2b9e49e8

    SHA256

    c5cad4cd882df088627987db97dac7fcca6a05e032636902112ceeb18bd9b089

    SHA512

    be15d5a62414d832bb85a9ddac5c23239d8749f7c8e67ca4bdbdf198d3a2b38f6ac9e8ed72207cc8541f21b954f929dfb04eed87ba70eb6e8029b36f8c190560

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/app_webview/metrics_guid
    Filesize

    36B

    MD5

    8c7e82c587e0da22bdc88aa7e6f8e88b

    SHA1

    b3a04e7c6731e78905c41964648607ce9e93ac94

    SHA256

    318d41dfa9905cf3d390dd0d5b28d14412b37af1e6b5e548c473ee322b0338a7

    SHA512

    dfe82a80bb90e2fec362fbacbb8b8bc847ed3bfb7dd5d3f2e74afeef92aa89de3f102f681912ba2def9fa191165c154de0438ba9ba6e3a901376fcf2328a44f7

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    3e4f85d1ed7f04c884b40bb2c46e2565

    SHA1

    59cc33a0de79354fe8ae8991e8024d2946febdc6

    SHA256

    550658b0b3e22eb2364c5a79bdf178a3e67fd45efac12fa88a8dda6d3e11a8cc

    SHA512

    9d2a4e0203a223b954affed8cdca70bcc69428f2660a292474533560c87f763f3acde10b32b2b3381c8771b4eb39acf31ce21bafd3a346f0077b59f644494e67

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    6d5420c09e3d9b228edac15f024aa91b

    SHA1

    a10b7a265cecf99b13f98ac4812ae2bba401f67d

    SHA256

    deceb0136935acd5dcc420fde93ce7d3ce6911dce588de946bb2ed9af66d8c7f

    SHA512

    8e8e7cfc36fe90287f57f2bebe8fa09fdcfa6872b6d0ac8f1a4cd9aa42e46ad9db2d0c1439d597fb8be761f745f2bcdb88001ae4a8b4e07b54a158a5c3714820

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/no_backup/androidx.work.workdb
    Filesize

    8KB

    MD5

    b6ca8b30661a7844ed292db75a29a953

    SHA1

    8e0d397ab1f2ced1f143829084c3f53333743bdd

    SHA256

    63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

    SHA512

    d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/no_backup/androidx.work.workdb-journal
    Filesize

    1KB

    MD5

    07dbb14d5e560382f9cd30be3cd5b70b

    SHA1

    cf51a2c8841c4e436316f236fe25afd9dfaf95c3

    SHA256

    227eae59058e870f185da14d9a78aacca3d8171296238a733382002af64ac0e7

    SHA512

    4efcad9b2b8371ef520b9cd73f80fcbf3b4363c438c219b2318d02bb8fe18b9eed167d30c2e419cc2b9b7172b3bca9f97cabea9591b772e45cb3529fc9b85368

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/no_backup/androidx.work.workdb-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/no_backup/androidx.work.workdb-wal
    Filesize

    346KB

    MD5

    9fdacfc9f1a051233754d31447439e22

    SHA1

    ff06cd7f28ccf0fc885db03fad555aaee73472ef

    SHA256

    b3e003382f6fa6090ed7b51201a8c82ba4d00efe195882d591c34e43ba419cd4

    SHA512

    5630f9c6c9e19d6fc17425329bc991d8c7ecc46e625f6ddda8de35dd631512af814e4c0a76b9736a1b4ac05f6ce9b19b60951dee292e2c1dfabf891ae11c372f

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/rr7wgwovr9/wufulgggfswwoug/base.apk.fwrjerw1.t5r
    Filesize

    2.0MB

    MD5

    e0b52be632be5eb5c1b16f48e7cfc448

    SHA1

    32abed0e3399d5010a41e022e9bcbe3ddd38456f

    SHA256

    b43f7231b2f4428f2b38168755f89a8de469925e861c23ab7803c3b23fbb9165

    SHA512

    72f84075971054f529c676e8685e2fd9cf911e394acf31843b787a77c0d865309489351f4996fc3d742f8c9326be6a62f44d36af164ee0085af10aba84fc9e87

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/shared_prefs/multidex.version.xml
    Filesize

    307B

    MD5

    76e37070db51783172f0e8fa37e5bdc9

    SHA1

    e48c224d882b581e1395cf941a451e42eef15dcc

    SHA256

    01ce15d0c82514f50f39517e4e8ad9b21b0e533b80cdd64a0c6af2946d92ecb7

    SHA512

    7bde3cfe245c8cd8d3edd32bcf50fcc507b37c235e3163a0a0a4d0ee1073f0486a66a6e09963ec594e45235d88ad2a83a80f85521533de188d98ee3d7b6f9800

    Download Submit

  • /data/user/0/com.cmdomdoz.bgxcvvyj.zmwjypsw.oyvfwgnv/shared_prefs/settings.xml
    Filesize

    152B

    MD5

    37a5018377e89fb59b6151daf70723c6

    SHA1

    9974cd7cb2e9d609e0f32c73d0d026c3bb1dec4f

    SHA256

    6d18fe3bc31cf6039f7f6ab7ef92fc7f84f1a2266438b29883a45b79025e98b5

    SHA512

    86483729a5630927b79fdccc36ba036ba8d6095cae174232423ec30fc2c2f3f1748218b5c3c015ef99ba60833b629f933e15b991533cdfe945b2ca02754b086c

    Download Submit