Overview

overview

10

Static

static

7

9ce2ad40f3...99.apk

android-9-x86

10

9ce2ad40f3...99.apk

android-10-x64

10

9ce2ad40f3...99.apk

android-11-x64

10

Resubmissions

24-04-2023 08:36

230424-khs3gacd9s 10

Analysis

  • max time kernel
    2993339s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    24-04-2023 08:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ce2ad40f3998860ca1ab21d97ea7346bf9d26ff867fc69c4d005c477c67a899.apk

  • Size

    2.2MB

  • MD5

    8ce057ff57478e98c0e246355ccd27db

  • SHA1

    1d3cc636883c72d45e8f336344bdea97ec8d91d1

  • SHA256

    9ce2ad40f3998860ca1ab21d97ea7346bf9d26ff867fc69c4d005c477c67a899

  • SHA512

    5fd1345c3d605859bc56cf4cf7088712b63d929a3d576e99a88406eaa3387e4a996361c3bcc78275650609ad967636b7042fa42c244b183da96a0e7cfff78a1f

  • SSDEEP

    49152:grrgUCuMhTKb+/CZFLqtBOU3t95tnUAqkp3IQRRiEKfaFEjI:uTOKb+qXmBOuPUAqkpIQDGsEjI

Score
10/10
xenomorphbankerinfostealerransomwaretrojan

Malware Config

Extracted

Family

xenomorph

C2

dedeperesere.xyz

vldeolan.com

cofi.hk

Extracted

Family

xenomorph

AES_key
AES_key

Signatures

  • Xenomorph

    Xenomorph is an Android banking trojan that is seemingly tied with AlienBot.

    bankertrojaninfostealerxenomorph
  • Xenomorph v3 payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.great.calm
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4781

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.great.calm/app_DynamicOptDex/hDpdaxQ.json
    Filesize

    934KB

    MD5

    637d3020a6e8d9aa114d51e7939fe6a0

    SHA1

    7e172dabca14040635c9118920942805ddfc964a

    SHA256

    cc3c058fd60da1fd0c3c8f0e58fecd355eef4ecc1d138fe8c6b9da8920cf9797

    SHA512

    e426c769af5af742f4b6f2f0f1dce4df0543d55fa8652759417c850943c750e90ea4033a7ce5ebd1063779238c4961a82840f3074b00f7d62e7bcf9978b91e2b

    Download Submit

  • /data/user/0/com.great.calm/app_DynamicOptDex/hDpdaxQ.json
    Filesize

    2.6MB

    MD5

    033e4993902fa453fc96b86248ea7ae7

    SHA1

    efb980435f0b7de14861fef21e4c09434b519c4d

    SHA256

    b28162d529728bf31f7dac4eadf40825a0ea1e5e6039e9b521d5906280c29196

    SHA512

    fe27307d7401dbc3881b3f7aec18b228ea48285d3f8fa8ffab51b29a51a8eba91d677ebf7bdd9b44ece60c9f87a36604272ff98ff8c25102cb162f49f61aaca3

    Download Submit

  • /data/user/0/com.great.calm/app_DynamicOptDex/oat/hDpdaxQ.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/app_webview/.com.google.Chrome.a4YISv
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Cookies
    Filesize

    64KB

    MD5

    9b23e6a88d5a95f155f205cb04b93cd0

    SHA1

    b62dccbbef087a0731f226b96d15d35d8aa5e5fc

    SHA256

    f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

    SHA512

    bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Cookies-journal
    Filesize

    1KB

    MD5

    364aab367cb51004ac0b699dc0175531

    SHA1

    229466fb9f35a9d96ecd80dff2b47968ca82de91

    SHA256

    780b17195381fa7bff66240e4247f677b65d69b868944c282e952c828594fd99

    SHA512

    94a2d5bce3a031e0543ca8981136d4851555211e7710fb860e3cc9131ca867a93b85ddc196ec578bf8a5ccbca5f0af1d10bc86dc2afdf5c7c4ef6b179e0c9c96

    Download Submit

  • /data/user/0/com.great.calm/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    979d78bf55ef145fa1a18fe80b4da51b

    SHA1

    b8dbc246e80669e873a0d34140861bba69f26d20

    SHA256

    a7cbda9b1ed2929dd7b8b76f90f4958c6a310d60224802484c2a9e4e61e2ec3e

    SHA512

    6647ac6f4712be429234488ab438fa6e2a6b0b01eea084cff5f3dd4ccab3ce83c95c5493e43a829863b134390913b0394909554868287a5edde04403813a8d1f

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    7b320ca66b27460d352c3e2ccda23b54

    SHA1

    f0d3453e76b20ff90a62c86bac1b81aa9329a19b

    SHA256

    e4e6154019b90815dfb8f5ae002ab256c4f2debb3cc04a6c66a3cecd2b47ff26

    SHA512

    f443dce4f0b3c5f876243f6b148590c7d89c6e163dbccb40eea442fcd348b2336dde30b7048a6da0ec4cf2b200b7ddda7a0fc56353ef72c36b58c2d80891287a

    Download Submit

  • /data/user/0/com.great.calm/app_webview/metrics_guid
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/app_webview/metrics_guid
    Filesize

    36B

    MD5

    9a8588dae4b7602ceb462643ef43d1b2

    SHA1

    fb2dbc77b9da678407de3dafe6db529b8ae2110e

    SHA256

    f8666d14ce4b864f3d06dee4fb59150463551cd133cf13006aea224dc09de5b1

    SHA512

    7cf56e59d8edd9ef68c97389841b1c5fdef948a82f939b40835ac193a8f7749ba8390842a5680f99c8785a8ed212436b225350c30f370daf7a9620e096843999

    Download Submit

  • /data/user/0/com.great.calm/app_webview/variations_seed_new
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/app_webview/variations_stamp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/app_webview/webview_data.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.great.calm/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    81e99d1b9178e2766fda5b64a97f22b1

    SHA1

    e45e78fd2443dfd205626e22049302aaa041805d

    SHA256

    f7e73762c391869594af13241adbb4d1bfa231f8f06ffca70741ece25ebebc7a

    SHA512

    7d53fe5f67701352fa7fadbfd5c09486f6f3186beed0b5f2a64850c36e20e424cb9ebc078b7b76509687f9c417a7a7190ebdb685f0a6a9ba322b4cdff33455dd

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/21a97041b40c53c6_0
    Filesize

    11KB

    MD5

    a3504e87ec20a09ee95718143e15080b

    SHA1

    00aa79b5579d2d4df9d5ee0b4faca856b95a69e4

    SHA256

    f3d4a9a46e7aa0df63b81d4d6661dc12bd085876e0d4461c5c2841cfb093363e

    SHA512

    a00fa8ea122bfd3052b4ceae13baad5dd9bc48281ecca5917e1b73a1489ae8966a3bdd964de801405fc7fb7bbbc3d847ef5c049b4a99ce59375af5a78b8348df

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/5dcc6771ad552215_0
    Filesize

    11KB

    MD5

    666463fe378d73e08a3661263daaafc4

    SHA1

    93df361273ccce3f1444b837e5110bfd975b5310

    SHA256

    196791f9bb383b05a79da4f2ebbcbeaa8e28bdd1089973a9e9d13adb83072a66

    SHA512

    08139a90ce18d692ca1a946a17579e5833f73fdb070e68cf091b1dfc5098323a077d9e98b7fb1e16f9c03b31018189885710e969eadea6af44b5929821b577dd

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/624f2bd216494a6f_0
    Filesize

    11KB

    MD5

    7434b12d756277ec56a887722755a142

    SHA1

    3dfa6425b868618268d60d2e6e6ad63018f3788f

    SHA256

    620c7112472030c16e149d15261219b822a1609d3d4e22f75a6e4aa4b2ea10b5

    SHA512

    645aa26f836a578a15f76f5f7ac59dcd7b4d2ec300f031d61b07eb927e1e8bf9594dd178a83682645bcbbf02397691d7dd099d1e56bdc168096ed2cbb114afc0

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    c724b4af8497f34e49f23e8250207883

    SHA1

    a66467a8256ace875b228aa61bdab1d1d6c28bf5

    SHA256

    1f51612eebf02aff451ed9862efbd4dbd2ab5c843b0a8a9e1d7e07e927a8e768

    SHA512

    3776e795e8c2dfdcca0bbd434b3b8ea1fd3dcc4cfcc3bc929abdb51f55ff31473b0ec51cd292b9bbffd72965c928e5dd10384cec46301b76c2d8adca5fcc5ed4

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/a0c2ffc2995089d9_0
    Filesize

    11KB

    MD5

    bf3c6de83bcfa22fd1876b8f34286ad9

    SHA1

    7755818e54c7849ab9e87e66afb2074110c9f382

    SHA256

    75aec48102befc98da07a6852f3835efc6011f1d91674f9f2306c32dcdba98e9

    SHA512

    052f06b296b4250d6245f33be1be59b7bb702eca2fdba3fb056cc4cca5f833076c8ba195df77e9212c527ae2dc345a67713c39e44780a5f9066c5505eab4d009

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/ba6620262a558c11_0
    Filesize

    11KB

    MD5

    55eb4cd4f0050f3d58754c2ea7297d4c

    SHA1

    7448f55da07ab74efd9a4a5855d20a53c1f23925

    SHA256

    828b15c5aa9b0ae4f797ae10691e548f6ffa9e33ec45a448ea5d52dbbba38ae5

    SHA512

    363a08dd1af901597b68875c553e1ad3f15a009b10c581ada7743f8dc5ea5e4826dca4a3e84fa7cd29caba4297be1f642a77e5e025679113c79dd1e596035379

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/c74c995875787a06_0
    Filesize

    379KB

    MD5

    102bda9ffd517ea364042c5aa2a9e6fe

    SHA1

    b1cdaa5668809e9e7cf3d774f865ea2fba592f64

    SHA256

    56f5fc3b4b47263012aadb8bbc4cb62f4d28a270bf8ccbb73cd949fdeded1d96

    SHA512

    f0fde28f6af5086abaa65263d3bfeef69909bc061ab2e6cc27746f8ed31d1e14681d639dcf72ec740500415f97873e1d64c27f3a674606dc30100819af722bc8

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    240B

    MD5

    74c200b57485b8d68bfb0443f58b2023

    SHA1

    889f60f8cda9658971149cfb17b34589fe562613

    SHA256

    218a5ed56c6589735fd0260f6cc8bf96efc0b7c295962ec45fb0c4aeab6ba9f5

    SHA512

    08016eb8bd89617d1cc5b99008b022b9d81773101f20f7edcc8226470697a7b4140e9c9faff0e065c1ea45e23fe20cf3d3f968dcb684bd7311ba827a55e6b9db

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    384B

    MD5

    59e2f79cff48dc8834654fa445d81744

    SHA1

    f3f30e1ed61e836e2f5a2b632ad1d582ffd7317f

    SHA256

    89cd6e3617bac1aaf580e0988d888b3604ac092209f5ed0b0aa56108eb0d57e0

    SHA512

    0beb149c45b0ec4d2fa276b65442fa78f5475d2607ffc2f3c43ec36134461cd037277f284ed2723d812ba7b4a666910acb8e5ff984fa01908cafa0e93ac1eb02

    Download Submit

  • /data/user/0/com.great.calm/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit