Overview

overview

10

Static

static

7

9ce2ad40f3...99.apk

android-9-x86

10

9ce2ad40f3...99.apk

android-10-x64

10

9ce2ad40f3...99.apk

android-11-x64

10

Analysis

  • max time kernel
    4136223s
  • max time network
    157s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    07-05-2023 05:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ce2ad40f3998860ca1ab21d97ea7346bf9d26ff867fc69c4d005c477c67a899.apk

  • Size

    2.2MB

  • MD5

    8ce057ff57478e98c0e246355ccd27db

  • SHA1

    1d3cc636883c72d45e8f336344bdea97ec8d91d1

  • SHA256

    9ce2ad40f3998860ca1ab21d97ea7346bf9d26ff867fc69c4d005c477c67a899

  • SHA512

    5fd1345c3d605859bc56cf4cf7088712b63d929a3d576e99a88406eaa3387e4a996361c3bcc78275650609ad967636b7042fa42c244b183da96a0e7cfff78a1f

  • SSDEEP

    49152:grrgUCuMhTKb+/CZFLqtBOU3t95tnUAqkp3IQRRiEKfaFEjI:uTOKb+qXmBOuPUAqkpIQDGsEjI

Score
10/10
xenomorphbankerinfostealerransomwaretrojan

Malware Config

Extracted

Family

xenomorph

C2

dedeperesere.xyz

vldeolan.com

cofi.hk

Extracted

Family

xenomorph

AES_key
AES_key

Signatures

  • Xenomorph

    Xenomorph is an Android banking trojan that is seemingly tied with AlienBot.

    bankertrojaninfostealerxenomorph
  • Xenomorph v3 payload 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.great.calm
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4757

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.great.calm/app_DynamicOptDex/hDpdaxQ.json
    Filesize

    934KB

    MD5

    637d3020a6e8d9aa114d51e7939fe6a0

    SHA1

    7e172dabca14040635c9118920942805ddfc964a

    SHA256

    cc3c058fd60da1fd0c3c8f0e58fecd355eef4ecc1d138fe8c6b9da8920cf9797

    SHA512

    e426c769af5af742f4b6f2f0f1dce4df0543d55fa8652759417c850943c750e90ea4033a7ce5ebd1063779238c4961a82840f3074b00f7d62e7bcf9978b91e2b

    Download Submit

  • /data/user/0/com.great.calm/app_DynamicOptDex/hDpdaxQ.json
    Filesize

    2.6MB

    MD5

    033e4993902fa453fc96b86248ea7ae7

    SHA1

    efb980435f0b7de14861fef21e4c09434b519c4d

    SHA256

    b28162d529728bf31f7dac4eadf40825a0ea1e5e6039e9b521d5906280c29196

    SHA512

    fe27307d7401dbc3881b3f7aec18b228ea48285d3f8fa8ffab51b29a51a8eba91d677ebf7bdd9b44ece60c9f87a36604272ff98ff8c25102cb162f49f61aaca3

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Cookies
    Filesize

    64KB

    MD5

    9b23e6a88d5a95f155f205cb04b93cd0

    SHA1

    b62dccbbef087a0731f226b96d15d35d8aa5e5fc

    SHA256

    f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

    SHA512

    bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Cookies-journal
    Filesize

    1KB

    MD5

    f8d6b580cb114ae4ad2d9784a85a341c

    SHA1

    5a09c13f75f52e381f53357275439cac3d2b625a

    SHA256

    034eb2c80b21152298f3f79a7942aaa6a2f61634b47e6a91afb69f6987b31e4a

    SHA512

    f3a04ff8c8370acdfc4396e56a4dda7559a8cf06b78a77f6b2cac17e41345386ae9f32831758cc1d9264abd8a2507b9e09178a107bf4cfc436fa6dbbb71f27bb

    Download Submit

  • /data/user/0/com.great.calm/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    90444891c22b3f8a54325dc05905679c

    SHA1

    afc7f792c901e371382c19e965801ed96e5df4a1

    SHA256

    34dff85da56b3cc61cd469e3c2c222f0ddd42007eabcad710a1cd8fc3b38e191

    SHA512

    f1d8af0dfb1dba5083e3ca095167cf389b46d90e4eadabfd48041cbcaeebef02550ccbd4b9ad9458fa36963a9922be51b197f888b9cb8a6c50df6d382454181b

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.great.calm/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    cebed1883fc92039dbebfa07f99ea0e6

    SHA1

    d5cc0a4d8fae5d23098222e648077d6b3ea8259d

    SHA256

    3c37a615815fd3c21a32959546b5b0f218f2646acf329d121557f1069e2c5f06

    SHA512

    d26a62d9d8a537ede724e7967c2f7fea2f9551b10c6d13db68be8c0d7f47344fe35ece5f35d3559226eb0e9e5a00d868f862197ae954b0190941f872251d0ddd

    Download Submit

  • /data/user/0/com.great.calm/app_webview/metrics_guid
    Filesize

    36B

    MD5

    333d230bc8dbe1f4d4da70e8c8084604

    SHA1

    81b67aff7148508f4fa9417fbe28a6e85d23aa9b

    SHA256

    91ddd4068b88ef45eaff46ceb2d6de41e7476840f79d3ced34ac9beec02391c4

    SHA512

    5811cdbbf514a14871524b0c15fedf169e70b28be5e2801502332f61181dfff1ec7519ec27298e08482aae11f11fadcc244fdb7e25d7a72372f09d1eb791c2da

    Download Submit

  • /data/user/0/com.great.calm/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    0ff2f0c5513935db619e34356c3ddd72

    SHA1

    a67f60f621aa8978041271e88a6e2b6a96ff1f93

    SHA256

    d7945b17cdac295f99a124a6234eba9e568df7f38b5000890ed1f7c900d02821

    SHA512

    490787c16cbcbb93ff91dd1d79919b45e70828968c9d010b5e8eaf4b92195f5ed386b8f07e24260f6b2f3f78c7b6102442589a8e39d3e7bff0da02bb6ab4bf1e

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/21a97041b40c53c6_0
    Filesize

    11KB

    MD5

    6d654acf5edd7c535f8b11248fb0bbbc

    SHA1

    91fad1fbf60cbe76bb69852a56b18de491de8277

    SHA256

    b36579b06817b098e3c095c052de7072634edaa3d2aa43208765fc71dfb335f1

    SHA512

    f4ea492283a7b4e5d250a6d75169222e5af8a3daa4061f2c1792bfe3e1e3c8057dab1dd69890b19b516e2c159eb2031b3eecb84f143e2db4db996212ced3f04b

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/5dcc6771ad552215_0
    Filesize

    11KB

    MD5

    fa171e598a11019b802a7487d955aa31

    SHA1

    f014fc37396b360065030d71274ad7816c006151

    SHA256

    1266b262f30c4cf732dd31774e90fd57312c4889744db20d6171c083c86bab6d

    SHA512

    3020f9b36a7a65a7c47653442a36d2da6cd82267075841639e602ffd195ee988e2ad0d2de36069f279f7873e25f079a80712730f66eeee7db68d64371653105a

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/624f2bd216494a6f_0
    Filesize

    11KB

    MD5

    3a1df034ae3b1b38b10571094d5280ae

    SHA1

    9d86e25ca36d8f5c09def58c621baad6cac068f7

    SHA256

    ecb14c3ba5c40ccbbec69521b80154bec3aa7c9f2306aea87a8db4fd5620af1d

    SHA512

    ccdc7c0e1f3c2e021f8a4ebc9e5ea4d76d40537915bf10b19822acde263f8f09caec82db55b040797eb87f621b353c5289a47c28d7ea2bd087c0d4d9d3bc2bed

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    f8625dd056c99d951b9d55224bb01a96

    SHA1

    b1f6419b0ce066de63fd5714b7dc27ab887016f8

    SHA256

    2e81a7d2c42336a02fd93675700583cd1074e01773aad8738fee6de42381ae08

    SHA512

    bfd1d3637104445eead8e0070240ccbc13b264678c9ca8f060c7eda9d80cddd671a8c9e5afaf3cbe233be7676e66f705278e46f521c11221ae18ea26c2aefa59

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/a0c2ffc2995089d9_0
    Filesize

    11KB

    MD5

    1e5c0cfb7f94e9bec4defd960b1505ee

    SHA1

    f213858422193c145de33c74aa4349c6dc41a4d5

    SHA256

    cfb604388714401125ff1eb9e0ad186a2d94b2e6f2ba4f2ba0e2f3eb1d17513d

    SHA512

    7a771f34491e70cca6e79e81717655ef74c8ae731d3d728c986a9a8928dea828fac663c8e4d2cbe2a4ca43a090e02c7d2e14257e619957ee0d80f36b0bcf5f3b

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/ba6620262a558c11_0
    Filesize

    11KB

    MD5

    31bf6ad722755ee34aa06cc5fb0664c1

    SHA1

    f55ffc8e3543bc6272664b05a01d82261d343795

    SHA256

    dd13702daca2065733f5ebd6a5c7ab8e6f305ee949031d292b20192d8333fa87

    SHA512

    9359254ebe412ee840e975de23bc07edd5903e2a9a272ffeb200139939f6e5243b288021c3db86a23f5f03efc1707e57a182b03c7ab8fb8e5dfe2b4524f051a7

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/c74c995875787a06_0
    Filesize

    470B

    MD5

    2f11f81300643c191ad9b075610961b6

    SHA1

    a2f8ab22293e1356f25e38a44c88f6d6d3b1ea6b

    SHA256

    f832b421897aeada03ae7d6970a300a42e132c274de3f4895c96de1bc8c2b1bf

    SHA512

    3299b06b0877863effb1e1f72975fe9e3eb534fd29597b61e390205cac9c11bf3aa8c91b1906594fb96a84c2c5a0d37bc1f6721a0256af97e325e7d425e8e914

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    96B

    MD5

    08b1252d182b1b286635eea63656daf7

    SHA1

    44a7bc36cd6d7b7ea724990f9cbaae102b6f0b34

    SHA256

    f463a82c62487665c7c5a7c2f13113484c278cb654bbc78e65ad3fe15a0395ef

    SHA512

    0749abcc7d0ccd9430a5ea57b15710990ef077923cab384611882cdb59065659108be2579e1202f7aec7909774cdc7472af735f0cf248b487ff9666dbc3b75ad

    Download Submit

  • /data/user/0/com.great.calm/cache/org.chromium.android_webview/index-dir/temp-index
    Filesize

    336B

    MD5

    0bcd6886ff3dafb331347c2cc8068bb6

    SHA1

    726e84a61f2bcf177200dc0f444f2f3a08e26d74

    SHA256

    4396777bcd12359a68163360c3a04246319c4cbe258341c8fa8ec8a8d6ad6db4

    SHA512

    3c9b0a1f360a84d15aca4d3fd5beca1b2c7988ac31df58aab6424aff4d650510fa45a6fa12c15ec7085d1ed668dfc89e4bb1a2902133ebf40f10b0ce430eaf68

    Download Submit

  • /data/user/0/com.great.calm/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit