1c0c7f7f486576199704b10c9cd4a8c26a525611516f070fd4239f7a7d80afa7

Analysis

max time kernel
190298s
max time network
130s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
11/05/2023, 14:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1c0c7f7f486576199704b10c9cd4a8c26a525611516f070fd4239f7a7d80afa7.apk
Size

8.0MB
MD5

b09dcb40ee0b848c64e6610c2ce6b566
SHA1

9a28f5ec22ef5ab85a3cee9d3504938abfe0bd9f
SHA256

1c0c7f7f486576199704b10c9cd4a8c26a525611516f070fd4239f7a7d80afa7
SHA512

419d9041f5658ed02962c1c8e610604c5a7d0958fd51af7f2941ee9bdaf1412c4bd4487e2107ad4d16ec5f5df14eb54debaa666aec6033b0f007b798e0f2d196
SSDEEP

196608:TYiLPYmJhKGo9JguOsgJMlzplz4lzIayCkGlzglzxlzzayCp:TJ7rXKGoXHzCaF3GW3hFa

Score

7^/10

evasion ransomware

Malware Config

Signatures

Checks Android system properties for emulator presence. 1 IoCs

description	ioc	Process
Accessed system property	key: ro.product.model	tv.remote.control.universal.com

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar	4285	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar --output-vdex-fd=129 --oat-fd=133 --oat-location=/data/user/0/tv.remote.control.universal.com/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&
/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar	4107	tv.remote.control.universal.com

Reads information about phone network operator.

Removes a system notification. 1 IoCs

evasion

description	ioc	Process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	tv.remote.control.universal.com

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	tv.remote.control.universal.com

tv.remote.control.universal.com
1⤵
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
- Removes a system notification.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4107
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar --output-vdex-fd=129 --oat-fd=133 --oat-location=/data/user/0/tv.remote.control.universal.com/cache/oat/x86/1582435991586.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4285

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/tv.remote.control.universal.com/app_webview/Cookies

Filesize
64KB

MD5
cb7543c4df600f2af58097cce0e334ba

SHA1
83cc92f38c27fdb4fa519b1ce2f37912f24af1f0

SHA256
64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233

SHA512
ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Cookies-journal

Filesize
1KB

MD5
95596246b693e594b1dd7a0842987c28

SHA1
0d2029d5f753e6ecdf6b26fe78ad29d34058a569

SHA256
aba3a82ef046d1dba1334554c27e7445384d49d0e267da905e4df409f987b8ab

SHA512
afe506e0d319a0e2b17518349805f6328c72075aab3c69e1efdef7f92a089e4e0ae1f751859145ae10478115e5733b9a40031b3dcd1d795164c93768b9da3d18

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/GPUCache/index

Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/GPUCache/index-dir/temp-index

Filesize
48B

MD5
f81459295f692f14640f50692fb68ba2

SHA1
6b51363ebddc4a6cd8ae1b3a96115a934e689163

SHA256
a328c40e995ddfaac14ce2514b90dbf4953348fd1ea9c2f14ae4068e034882e8

SHA512
6929d1087875519dbe0a259157bd412aebc52c54cef54e76c9e7cd102ef8178c845590c1efeb8f17edd0bdd2f70dcf877e11586ed8bd84500c40dee6a15e2787

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Local Storage/leveldb/000001.dbtmp

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Local Storage/leveldb/000003.log

Filesize
259B

MD5
bb96e04fedbeb3fc4c9e08f9a51510e7

SHA1
26559c95a0ef42a061cd6362b94ef2f1e2138afc

SHA256
859ae4d04797f3c8f29c005367b8b00a6a7ad2d5b384905280c73463f39d14d0

SHA512
c2e3ed4bff5ee5deb23aa20ff6ac17287cf5da1c6f5239912caef1dad15bab00f55608184aab4462d3c9b1aed52e0f3af9d764bfafed9816cc2b8ee6edbe719d

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Local Storage/leveldb/LOG

Filesize
70B

MD5
37484b3579421782e4a0a5a60b5aba99

SHA1
34e195aea29caff8ba315ab59154aef39e22bb3f

SHA256
890e6b6ef96420b61c20ee26eb5a0936e98542dcb9032cccd0e6c9ee324839c6

SHA512
30e5832aaf20d7b3b1e8280f0270c7c45f83878a724a47e40e12e788d071300c4ea69f8cbefa1e027a5676ee3585760abd2e15b3bfb0e26f3390af5ce4c020ef

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Local Storage/leveldb/MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Web Data

Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/Web Data-journal

Filesize
1KB

MD5
5d7047bbd50dd4cc5a6ccce05d0bbfa7

SHA1
07f2ab11e63b512b466b81db50122371d8c78ad0

SHA256
b9c4eb82e1e02e4aa54f4dbd8fee242d9ec8ac3887635555b44eba0c586a1efb

SHA512
1083e0f5e6ca057a6331527ee7baa40918a6bed7f2278bdc622a8fd37fc9057b8dade0ddc021dc2866006bda3f49d8ea15f7e86d93a6c97fad06e2975858fea7

Download Submit
/data/user/0/tv.remote.control.universal.com/app_webview/metrics_guid

Filesize
36B

MD5
772aed44068dab4db811683508fbb97d

SHA1
070eeba8bd5822749e3b843a98d0db507a4b6fae

SHA256
a457c7abdeb827028b67b2a067f70b6f2b2f27bc0f226c83b8058785c73f5c11

SHA512
054cb6e281c169af690e04261fa4af6bf43c46d71920cece3fd6ac692a6b618838a3847b96378f4a86654d7fe233efe6963b39a1253fb6a1fe98578066ba61d2

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar

Filesize
20KB

MD5
2048eb6124a452540ee51dae4145aadf

SHA1
d05005b2cd7fe4cd652b0d7fd1bdac2c19d51451

SHA256
105c54b6fe3f25350e92187467761598e4c21d62b1091b77d091f65f3bd98864

SHA512
bb6cb3853dd2a5d0701e20607d4e153ae201268dd2e5e2d06cc2df208b3b4dc50132a4ab428251b1644d2399fcc717662438d082ff14203387bab8794109d44d

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/1582435991586.jar

Filesize
20KB

MD5
fde2ee00cbd121cfab5290b078aa3ceb

SHA1
e2b77d5320e155e413d040a8c20020962065b2f8

SHA256
2897b0812077c654a9b3fbb0b6303d5cde681eeba7ad9981de65716c7810d685

SHA512
a9326aff8e454a2b4ac09984ef2a65fddd4dc146b4c44d839035549bff8c9fdaae490326d0b018f76c1ca2e4fb25426d74f550ca0950982fba632a023af99a56

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/501131afcd58cfee_0

Filesize
5KB

MD5
971948e42c1793854d9b5632b09ffcb8

SHA1
7ac5a3ce4bbb2d4390c24ce5b42909dfdd42ab77

SHA256
7b9e65c04fcbf90a160c637bbe82bd1e0875d1c05f35bf8387c4577fae571860

SHA512
fa3d7d37667128a513378119683b58b07b9fdecc4d69439d752565e4d43e812677674b11c179f70540c46b9d0a411d7ecb2ae02de085c6e9e86cd538cae82d17

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/dfe6b2497a7513ba_0

Filesize
6KB

MD5
9fb18cc891e5b4eb5ac72a701fec17ad

SHA1
ebd4ef3cfe252bf4e60d7760e450c6da670d56a0

SHA256
73a3d49a896205f3bdb32f531d3d2bda60aa521eba2a89ce97017ae7a8930a24

SHA512
c58731b62912277e373bfe2362d0c1539edf4c262395dced7070bac94052642507237da0af94aa7570884a8a11f517d79b2a50ec7542442bcd6dcad94c7f29fb

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/f038e94cb33282ab_0

Filesize
126KB

MD5
90a86fdf2f62ab3f0672b981930c64f9

SHA1
0acf7ea43344a1ae8c31f42b34c7a223f65560c6

SHA256
a82d6cd39196fc93e3c81c4984582eb525014fd570927459804071fc9a807088

SHA512
007c1d670c4e2641e4305844a386c8b130ad516f7014d45e2a1a25bf0089cfab3540ab00e45386113bab9ba16b606af7a94d74b49e19f33b6435ed93092073e7

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/f038e94cb33282ab_1

Filesize
196B

MD5
20e25d4ec038a60479c0ff4fcad966f9

SHA1
0529a5dffd06a9f14daae3fb3c5f42587f3ecbe3

SHA256
faae953a117367bd45a0abe04ec5b94f6d577e6b5fc2b5ffa09e2c9df97d971a

SHA512
5915dd8763c31e747dc9a6c86330ad9580682a66bd8e438e1c23ba738f0bb5f12faeb18600312fc2efa70bada081cf5fd7f0378d33d0d9e07cf86abf059f8eac

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/index

Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
48B

MD5
e3ee17200d1ac797b4f5eafbcfb86d1c

SHA1
490fc91bd0229d7882f086abfaf40a94c7128b26

SHA256
d563eda3a07732e6a6fcf82ba7745b41c6f49f05eae2cf2875a8f84791778ca5

SHA512
6c3f7f3eb66f624758c170f42f53f5dda0ede7b608fac8881d4dbb1a01cee5e9c682f8323e186576d566bf178a892fcb3c6932fb4dc3caa1ef1872163afe1c64

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
120B

MD5
bc4522315ed7c2e1b731ccdc0f5cae8b

SHA1
1ed998e66c30ed5a7c52bf9f9c55392be0875791

SHA256
20c5410b8db3f5f4191d33466a9e93430d0ae54e962d182edcad541a459992c2

SHA512
e63af3b10d663685b0df72a129a17b5413db8dbd62afd0c884f8e4dae4d6571c4e86596eda48ec9b81e90a57033b0cad8802561f2c85edc2cbae4fb89c50c82c

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/picasso-cache/e6d486c772db947674ea2209fa1bcb97.0.tmp

Filesize
375B

MD5
bd123fbc617be5a7e2c95ff5a72c848d

SHA1
e24ac4e586dc6988083b521ba5f3a6823fff4bff

SHA256
1c6e79f1ebcd127197f785cfbc47f7617f115b73d89934b593c8a74c9313d21d

SHA512
80b622ddeea522b51fd3c46444bdf101381a61ac97717769a342cb1cf43ca4933fcd16ebde1d0ba65bdadcba3a194771228ed610508a306fc5a40de68fcdac34

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/picasso-cache/e6d486c772db947674ea2209fa1bcb97.1.tmp

Filesize
604B

MD5
5106ea96b82ec1798387fe59f4c616d7

SHA1
0da82f14e33f5cd5a61f20376f6dc5cf43f33613

SHA256
5eb0ef5a57471bbcc2e9c7383b7da7d67b27ca059e89d8da668a77b753ba9707

SHA512
58e934a772499c342eb8bd03ae6696159a028badc2dc2bec3d0ab9440d8cff7674ada74b5f9b77a252fbb346e15cf7a69e85f67c919bc9a88206c6c64632ff98

Download Submit
/data/user/0/tv.remote.control.universal.com/cache/picasso-cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/user/0/tv.remote.control.universal.com/files/AppEventsLogger.persistedevents

Filesize
738B

MD5
dd00f993e405f35cf5e0a95c14213c22

SHA1
7a00805862c86062722e388007b9f63bd8fde9d5

SHA256
02d309ffcb7c8c902a94792a0886be9c0cc43198a8b60bd1b212b2f8b195cd05

SHA512
80164fdda70f97319b0227aa114f7887f0c3a0796ba419369a5f07872342a1c804fc633ba5670f09a22a1715e9da65c189134905cc3896ea92bbedd4e98c9d88

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/PREFS.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/PREFS.xml

Filesize
683B

MD5
63486339aec4fbdfbdfb593887723691

SHA1
52b3104a103d80aca7964646a64e9d7d3dba3ce2

SHA256
4a16e4a338ca151c7539d1b94fbda797f38fa255fddada6ec7e30e39c51a15e7

SHA512
128b63c1dfeb94dec62921cd287eccc87a6d18ef040e06a237c59b4e220921728d90fc6a45ff342852481b18ce9cc3627c3cf237974fb7a3767eca3bd005b10a

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/PREFS.xml

Filesize
798B

MD5
40601cee963daa30fad1a144c9a0f593

SHA1
79f1ec8919ee9b8841e15ce272ea85d5f7ef4e7a

SHA256
82f09a1c2f75576279099640ef10532e5c432be453e76b35a5d0803379abbe5a

SHA512
22e7b1f1fed590e940a03ce5b244c1d80cb1889d5608483ad0ea5d7bc6a6c079ce7acbadaa6cc7c0492b375193032f9947862156d11f127d50ee522f6330b897

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/admob.xml

Filesize
133B

MD5
d130d59c6a2ed8f0dca9a4f3c726c269

SHA1
7c6e38bdafc1c625cdb4de3203cab9240016f554

SHA256
9d0602852ea330c09bbc3de3bd28e8aac7f5ae165ea962a5b1c301da933d1dc7

SHA512
45ffda42de906c5ff38004bd86e672df67a5c04718373af8392b05a2d3921a41cd36e2b0e3dd7500265b6382263c4113be51a4aeeb572b3cbbfc0f1d06dd356a

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/com.facebook.sdk.attributionTracking.xml

Filesize
132B

MD5
850abb2853b084134668f23b6a4ab500

SHA1
1b6ae25d579141b5de1c9ee6a6c3a182d59971a9

SHA256
29f6e1b4f904085dfd1f1452f95db72126f05a4fd5e31db9106a015bfda1e26e

SHA512
5c83f1dc4fc8ecd2eac3c72db52e1fda445c189919c31113d4b7f928f7b32eefca0ff6bbc032891d410fa093b93c7b8616894cac31ae12e66e0d2576038caa4b

Download Submit
/data/user/0/tv.remote.control.universal.com/shared_prefs/com.facebook.sdk.attributionTracking.xml

Filesize
132B

MD5
1e85557d563014bd89f113ff15eee2f5

SHA1
61ff52c039f36913a057972b5a824228c9100001

SHA256
1a0ad60bc53b6fb45c71abf513a8291f1fac470629bc08b05a2dc997eca13e4c

SHA512
3f1db44c4f17b4e9fe06d46d3d5aead470ad8fada8923941120d6055b92de8962cb267ce170df689d8d1640ea441e47f684b05c7460025e59996a2e055fd5ab8

Download Submit