2a78ef24571a66f16f0f153400ad518473513452a4e36c082e20fc59bba677da

Analysis

max time kernel
3781794s
max time network
153s
platform
android_x64
resource
android-x64-arm64-20220823-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system
submitted
03/05/2023, 11:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

015893103a16ab984c491180a53e7319.apk
Size

606KB
MD5

015893103a16ab984c491180a53e7319
SHA1

98d89b68c01c492b860e17da69c1a4aa9cd3bd2f
SHA256

2a78ef24571a66f16f0f153400ad518473513452a4e36c082e20fc59bba677da
SHA512

6d936fa0a1d0c54587ca137db88e0817b16473ed22f398a76291db8d61a46ff4dffb2ffd7ce1b71037614597b81f023f311487b2570a1c28766b985610fb83bf
SSDEEP

12288:hu94/jl6MSNyT1Rrx/N9yEFiZkXSbqlwoDyAn+MmkRcptU6Hj:hm4RSNI1xiMiZkXSO9Nn+MotUIj

Score

7^/10

ransomware

Malware Config

Signatures

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.free.powerline.batterydoctor/files/wapsdk/run.dex	4252	com.free.powerline.batterydoctor
/data/user/0/com.free.powerline.batterydoctor/fileswapsdk/local/230503133728907.dex	4252	com.free.powerline.batterydoctor

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.free.powerline.batterydoctor

com.free.powerline.batterydoctor
1⤵
- Loads dropped Dex/Jar
- Uses Crypto APIs (Might try to encrypt user data).
PID:4252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/Cookies

Filesize
64KB

MD5
dfb2098ca7b3bf16d6f5f1e7d3839af5

SHA1
ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d

SHA256
e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224

SHA512
fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/Cookies-journal

Filesize
1KB

MD5
233d0a3be297ceff7966972e27f1f7f7

SHA1
60ec5581fc5377fbc22d8443ca738c033357a22e

SHA256
bb0687a4d2061f153501a075d2dd471422e6ccb0159c0d1e0b83c6850ec4f07c

SHA512
87ff67a5d4d0da2636c4e5aef5899b6d60a3d8a0723fbf61eab73f0c83137d6e32f969389f6d2c967c6183ce68e13cf49b2fb25ce1b109d8cc1ca5fa2f5f8f4b

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/GPUCache/index-dir/temp-index

Filesize
96B

MD5
68cbe9efa6967dbe44fd0b545767286f

SHA1
39496d12fd8fadd534af58ddb62232b946564341

SHA256
3a729701995be00b02632108c793b29c4a136a623576e6b82845ea1871d1edfa

SHA512
5d3b57a37a52671e8f7e35951a5f7453a1176c8f3153a4c2150803db6654d0ff5d8a3e37e981130c5dce37937e7ca1442d35892ec40e42ab8358039b1399243c

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/Web Data

Filesize
120KB

MD5
a48cd9324b1f8754b07f00d863b840f3

SHA1
11c6614775b35a58f440971dfc87c8aaac6d6173

SHA256
8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420

SHA512
35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/Default/Web Data-journal

Filesize
2KB

MD5
f735bd16bc5f12a29288f8d23e9f2ca6

SHA1
92ec238a520b2dfb388537be444d54a950973a02

SHA256
718a2e3284d54ba9970f00dfb8398759e699ce447bfaede8500a39337adccfb2

SHA512
9bdaa9b6be8cf4b08dfa04e32ced195ce7d91d1b1f6104137efd7e5a61ba792d27955429263330d3f4e036fc49738e2bdafd3a12c3147e0d18740c9fc3ddbfb6

Download Submit
/data/user/0/com.free.powerline.batterydoctor/app_webview/webview_data.lock

Filesize
38B

MD5
40c97a3be8bb70cd028e464f1e9d98ae

SHA1
a0c3f06051d6eab3fa7499e8992ddfced2f6b7cf

SHA256
12f10f83663790173034354eb1206713b88e27537b99a2f1a1fc4fa1728b1500

SHA512
5d81a31d71023cb232141914325ffe7f03bba9c5d7ef6754c7353954ceadf39c0b6236ad61f4c5fe9b54922ff65ba1de43f1f724cab419cc9dc88673edfeeeae

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
61f0407a603efadbdb9d5488ed30cc44

SHA1
08490f2e09dbbfc4670d520d6b8313aaecec2add

SHA256
25e3b283c0ed7a0f8cf2ad4ad9667ca79cb3152f5aea979e7af35df6fdd24b65

SHA512
ada78ec43d0c936f4cccbb110d97d43560d1d4d07ffc70317b32eb61d136a151312563ed491c283007b61ea0f8dc121141772c5385d328425c572ad2f242cc75

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/9a65dc267f661c8e_0

Filesize
612B

MD5
9eabd1c9d53e164efd14508dd53d68a9

SHA1
62cce9b616672ffdd5676787ae603e9af7a98696

SHA256
84923f4fce0513cc253a01b91943a240d1bd3803485c93fad8e4f2a2696ce9e3

SHA512
137b6eeffd178cb07a44efa72fb3d6a78522b5790985246953f7ee73539a7728d834ecf171d267ea9012f4a403993341d859d540d6102f3984287bccc9f5ba0f

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
3d6926f846e9e77a6edec493bf37f048

SHA1
bb7f1ab4946fc1027b827217f7d1deaa2f6cc3b1

SHA256
d4d497ad524f02be023c0c60804ce69c5e9a60a4052aa0a4af8a4d82a9aafa32

SHA512
518f42a6d3fb034f1fbdb1f3072fee2f49979dcebd33043489aa0f766d8928fd9099610e7f7499780d7d1ab20d48b9369c3a1b7eb82d1e278fea766c2cefaf1b

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

Filesize
96B

MD5
1410e79b223c97fd2079906ba547ee5a

SHA1
f32d44a7795669b7c5bed2cf3685d8e7c7da0f1e

SHA256
94544fe4857d393b801facc1db6a80bfbba1bd165380a62d6a876c57fbdfb615

SHA512
4919f1b5435c534017fe75bc0526e68818c03eb50c90fc4ba499074eeccbf80baa27da1bd68a8360044545784b6f60ec30512fb028868dc3dfd5368c7b109d0e

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/bf5dc0ee1d9598d0_0

Filesize
610B

MD5
47dd08726975f9b754305ef02af32973

SHA1
03f07c7930e2da65ca37f131c0286db4ce995eea

SHA256
aaa20d06290b922eaa98f77b71333d55bbd1fd9d9bf53dfb25079a381ab35f72

SHA512
f98c98659f3da5911c8b97052c0cfca01daa1581869ffbcb2ccb0bbf4d0c6d13ff8735beec982c0712c134d89aa5f577a54ffe302ec317afc0eeded39d5a1105

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
144B

MD5
240ca4f83530e85762dac5c74a05fdee

SHA1
a0734c82caf7bf665b1fd234916b594610151a20

SHA256
6303211a6a3cf236e1d15a3d5746ad7a5020b869ce8abba978da842d32d3b3e3

SHA512
e64bf48e3277d3a6300af8807a160d4b8cdbb53e4d55201b22a5299cf2b118e939ebedea4dd5f62405ebf882676b74bd32b1e435a54ab4382a1d67e19f121def

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/Default/HTTP Cache/index-dir/temp-index

Filesize
96B

MD5
52e07c0f4da69b8880682445db27b52b

SHA1
485633205c7e97f8ac9ffb6af6f8434f42cc470f

SHA256
ca66ab7fcf39e0dffc5932cd401afa11727ff58f1c37a49fdb5fdd296252a04f

SHA512
e076a857fe4cd047507f13316c77388eb78ef3fe041dcc4718826e3a218c6839c73b98c821f469357e934540b769bea322fd7849abf3c37b0780bd4f7b1a9044

Download Submit
/data/user/0/com.free.powerline.batterydoctor/cache/WebView/font_unique_name_table.pb

Filesize
57KB

MD5
f080fa2a56ab5479d58063e5ea871447

SHA1
4b3fd57a98916fa5784305b76ba30af26b5253d9

SHA256
0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815

SHA512
8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

Download Submit
/data/user/0/com.free.powerline.batterydoctor/files/wapsdk/run.dex

Filesize
18KB

MD5
717957629fbcf9392743d0abe701c081

SHA1
d9f0882584fb33798638e54eae71468f43b54715

SHA256
498047ac2d05ec07411dd07832b6c9bfd87f4ff8dd78ffd239847d6e899d8752

SHA512
c962ef46cfa6e3d6d737b44d323bf5530b3db8090076506839af19bbb11a51298a80e050fd613f37802fdc1c6666b84462241dde0c609e4ae222722a22b7b6ba

Download Submit
/data/user/0/com.free.powerline.batterydoctor/files/wapsdk/run.dex

Filesize
36KB

MD5
9354d10c4411f89c0c5d97ff01b81ed5

SHA1
ab3c15cbe17fa4428b19cb78075a20571d6ca368

SHA256
d201c2ed6be87f9aa05f1f255438dd4a0d93780fe6e056b7b210157aa168046d

SHA512
4b4e9c781a6c0f682eff808141b6ff7b92b71219c936aba6242640c262d3f06c4e472209cb43e1e57af969876ae6adfa5c960c9ab5943c3be59d80b37ab48f85

Download Submit
/data/user/0/com.free.powerline.batterydoctor/fileswapsdk/local/230503133728907.dex

Filesize
233KB

MD5
40dbdc1415cfb23e7cb488f3a370d423

SHA1
d92f6ce73367535b26af9e53b4af974c69ff3a4d

SHA256
1967707abf3c7f215cad79cd2b3e4b5c39c81ef8d720893897ba461aef94adbd

SHA512
1144ea36ee712be712b762f0266e83aeac55f3ca298ec8141b8a78498bb64a2329bb5f678e2ec748b575e90c2d81ce6af24f82121f639ec323d37dab9b7b61de

Download Submit
/data/user/0/com.free.powerline.batterydoctor/fileswapsdk/local/go.png

Filesize
161KB

MD5
1b5702a3b7c032f05461432a0935d3b0

SHA1
54eaf04448310b70834a3980a4e7ecc699a95685

SHA256
ff250e2550807e980ae885948814971fc129066190f0b576971e022ff1cc674d

SHA512
d6d46c638756ecd623ba8abcfac7e8250b514ead4b510bbb99970b67a7929293bc138c9faec51679b8aafa2c96986e8e68be04f5878815e07ba0c95359c2df30

Download Submit
/data/user/0/com.free.powerline.batterydoctor/fileswapsdk/local/localCopy.data

Filesize
161KB

MD5
1b5702a3b7c032f05461432a0935d3b0

SHA1
54eaf04448310b70834a3980a4e7ecc699a95685

SHA256
ff250e2550807e980ae885948814971fc129066190f0b576971e022ff1cc674d

SHA512
d6d46c638756ecd623ba8abcfac7e8250b514ead4b510bbb99970b67a7929293bc138c9faec51679b8aafa2c96986e8e68be04f5878815e07ba0c95359c2df30

Download Submit
/data/user/0/com.free.powerline.batterydoctor/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
97ccd9a2b2063143df56b6937f961ca4

SHA1
5e78a91ae5df289ce83443cb7d5589dd3504fb5d

SHA256
248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd

SHA512
86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

Download Submit
/data/user/0/com.free.powerline.batterydoctor/shared_prefs/com.free.powerline.batterydoctor_preferences.xml

Filesize
129B

MD5
b263d04f53502433766ff142a60e8cc2

SHA1
7dbfdd3c25f771ed91b8bf0380e363fcfd136073

SHA256
29a565d83f89f62adf31aa1fe11c0498da3cd77f9afb2c6660fc31aea9366f1a

SHA512
6c5874226935e4aadc763cb06bc8ccedc0523daee26115ec49272bd9fa5470dbb0fc6ffce9453aaa645c32d0c786ec7371ea39698a1503a8fb92c7914b92c91b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads