71c78101f7792fe879a082e323fed89c5e4a43132d01d3f79ed02afd8db45497

Resubmissions

18-05-2023 12:01

230518-n6zrpsaf62 10

24-11-2022 09:53

221124-lwmnaafa25 10

Analysis

max time kernel
784156s
max time network
69s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
18-05-2023 12:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com.pagnotto28.sellsourcecode.alpha-5-apktada.com.apk
Size

13.6MB
MD5

425ca585e1689771f69c442036192d78
SHA1

3d7e48669307cc962f18de5639ae0697ed950d1e
SHA256

71c78101f7792fe879a082e323fed89c5e4a43132d01d3f79ed02afd8db45497
SHA512

4441be3ac3bf49229ddb771c4418719a60fdee11711265e41442a49f643e7a97c8b1731c786e80c811cd63124996c5787cb7588c06d81ae60a67cf46996925df
SSDEEP

393216:C9wxkH5macX7X52NWdXJq2TNhyWfwcVpMrfum77:C9wxkZqgY5Uvaq7

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.pagnotto28.sellsourcecode.alpha

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.pagnotto28.sellsourcecode.alpha
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.pagnotto28.sellsourcecode.alpha

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.pagnotto28.sellsourcecode.alpha

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.pagnotto28.sellsourcecode.alpha

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.pagnotto28.sellsourcecode.alpha

com.pagnotto28.sellsourcecode.alpha
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Uses Crypto APIs (Might try to encrypt user data).
PID:4079

com.pagnotto28.sellsourcecode.alpha:BackgroundService
1⤵
PID:4250

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db

Filesize
24KB

MD5
b1483b35cdb5d570b5478819324c79c5

SHA1
abc50e99be528483819ae62b935cc71a2e99eb4f

SHA256
e22222c45a2a42ac9ef063f3ceb895737fe4bd06fa4cee6539e1f7f20a0abebd

SHA512
d3c851dff361211b8f337e1acbcef015aa3ccea995453a1fbd87981e69fe5ec947a0cfe789ce6cfe949227376e53294ccd9dc9a71690448b7977ec192fef03e0

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-journal

Filesize
524B

MD5
35c363869b1bc9fc9d5767357df98f27

SHA1
e8184b26d5ba12612e64d6954eb754e7d551557e

SHA256
dad924482c6c17372c065529be84ecc28d182f8cb28a88d54649fe8000086fc5

SHA512
406b9feb3d60e177e332bd5acec8d136ba501f978ed60e32e224e1b1e53e0ccbc3f873790e18375e2493649af35e2acbfb7ab65d0e81cb043d0aa48734790763

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-wal

Filesize
40KB

MD5
ae71b3908ab5595fab7bf2d0a42fc0c6

SHA1
174331396d2391ee8d75281edcb462bd9ae49342

SHA256
0b593449bfe0309ee497863fa3cabb4c036eda28d899b9f9dd5bfc3f626185d0

SHA512
b104252165f4cbb9408f89dca6b63fae751afab7cfd0fdc01d29e6a2e512049c63ea64f99a4561c889894a32b4affad92272315bf399613e958811bbea6a6a9a

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-journal

Filesize
524B

MD5
c2abffd7f6cd3a5f562e99c7767b1f8e

SHA1
e462a6f61b75b5a3a1fd012328871102019a8365

SHA256
e2b5acdd30a42be0d5a12132e2b04eb0dc28e36494286c1734f17c0fb6af784b

SHA512
33f89a00409bda6e96a1a43de6fa4c170629f5dfe954fdf6a87064344b28c2a65af387f80797ca2c779a0bbaa452b6345bf14960f11adee88bd974b6cdc5affe

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-shm

Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
5a150d9cc1a012e5d1e1707fb63b6453

SHA1
4a7ee1077630f9187722c3c53da5c1832860a281

SHA256
2e15a0d7d59cb2b5c312349fceef234b78fcb89b34603a15e915b11152aa1812

SHA512
51c583134d612d86c422a6e3a0669a3ad53a43c1cf9f690e30c064a591c6457ae50b875318229b9bc0b38c86fb59b392497bb2b7d264f062d26cf1f201e35826

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/shared_prefs/com.pagnotto28.sellsourcecode.alpha_preferences.xml

Filesize
129B

MD5
b20a4b89ba8dc25b16e709c59e8e05fa

SHA1
a099f56b48b218f4375df7ba7c47670160534c10

SHA256
f3b2a50fb0cbfd4e1ab2b40daa0e7d70656a428a270bd0ddef19d654d097560e

SHA512
17dc04b14686ccc92b569e4c9845c8b18dcb5a8f4e6e189a06ac685073f0debf4ad130e49e49289ce2fbdaeeb408c5ac4da216444ab3dcc28b50023733d8ef0f

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads