6e0d01c4c547d235c247a6d0719f2aca2d4996ae78df4b671275914a9e3fd2d3

Analysis

max time kernel
608199s
max time network
130s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
16-05-2023 11:07

Target

MarMuzik.mp3indir.apk
Size

4.4MB
MD5

dfb59aa18633530f29a7fb27cb156187
SHA1

ed6b9ce8013ca13678a77e1ce53100ddff392c92
SHA256

6e0d01c4c547d235c247a6d0719f2aca2d4996ae78df4b671275914a9e3fd2d3
SHA512

7dbd8ce3559b44ae5c7411036f4a9b70820040ea3b00eed89bd86037feff51172cd3ff5f7030195d286f3b003c44fc5e8bd80810fb8c1353e1699328c248b50d
SSDEEP

98304:k4Y9fsk3NdWLn5JuhaSjYVMvbAukWlpbmdyEdGzfrX4oD:k6cNdWLn5AhBOMvbAtWllmdyQuD

Score

7^/10

ransomware

Acquires the wake lock. 1 IoCs

Processes:

com.simplemobiletools.smsmessenger

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.simplemobiletools.smsmessenger
Requests enabling of the accessibility settings. 1 IoCs

Processes:

com.simplemobiletools.smsmessenger

description ioc process

Intent action android.settings.ACCESSIBILITY_SETTINGS com.simplemobiletools.smsmessenger
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.simplemobiletools.smsmessenger

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.simplemobiletools.smsmessenger

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.simplemobiletools.smsmessenger

description	ioc	process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	com.simplemobiletools.smsmessenger

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.simplemobiletools.smsmessenger