Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

238cdfbab8...0b.apk

android-9-x86

10

238cdfbab8...0b.apk

android-10-x64

10

238cdfbab8...0b.apk

android-11-x64

10

Analysis

  • max time kernel
    790832s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    18/05/2023, 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    238cdfbab88cbcb6b1a2379b2a18c993640c1f498c4cb0e9faef408331f41c0b.apk

  • Size

    3.7MB

  • MD5

    10f5a518febd8b0b08b7f69982bc0a7d

  • SHA1

    77137ca4881b82a9baf3dea99e03ce92c89cc742

  • SHA256

    238cdfbab88cbcb6b1a2379b2a18c993640c1f498c4cb0e9faef408331f41c0b

  • SHA512

    52c557425b2eff4f244c2c34280118e913574c0b3a51bff966c4fb4538afdc1220ad6f94956098aeb53cee4984aeff30142f148f6e19c1a978af6d0e7801f918

  • SSDEEP

    98304:z/Se3GAtk9/CYItyoKmFTwgzOOH2qWS9Rr:+e33tcPItTvFcg5W6b

Score
10/10
hookinfostealerransomwarerattrojan

Malware Config

Extracted

Family

hook

C2

http://193.233.196.2:3434

Extracted

Family

hook

C2

http://193.233.196.2:3434

Signatures

  • Hook

    Hook is an Android malware that is based on Ermac with RAT capabilities.

    rattrojaninfostealerhook
  • Renames multiple (142) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.dogilowopuna.zico
    1⤵
    • Loads dropped Dex/Jar
    PID:4787

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dogilowopuna.zico/app_DynamicOptDex/pskPXGY.json
    Filesize

    704KB

    MD5

    9bfea1b2027ec1635c3590e0ea14e3cf

    SHA1

    9cc1ea7f49e361961be1f5d2ab43658d41f86d59

    SHA256

    f2620b302348120f00c9bd7a3e0a6cbef991b484edcdcdd915fbbd13ac861eb4

    SHA512

    4e17d67bcd5f5361a3d9b27f4fbc29969b25a2686edffa9872e7bca1a6528b4eaaf7f90541eda8d31583d8e515b1a20d4d1b20dd4a88c9e83e07d91d525de4a1

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_DynamicOptDex/pskPXGY.json
    Filesize

    1.5MB

    MD5

    cf80a0964d7adb2dc9ab389185abcff1

    SHA1

    a630b6d63b9be79f2fe9f2fc38c91fcbc1d8d6ea

    SHA256

    f90f95cb686db2f9ce0607038438527e3665ca8e33c38fd168834f6d96def4ed

    SHA512

    ef1a6f7c47772fd49ae2fda552df4f54fea83e30c99980ae8e0863b4abcfe2d7cb9869449962129cb560760d49ee6349add36e6ca7417e6cf0e9f99d86a3ee53

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    c52724d88d6f794f75ec2760ee1bd452

    SHA1

    569c4e0d5cd9eeb15cc8894f2fa4819511e0f3a5

    SHA256

    4b51e6b7714c831e6c8f07fbd0c4ca7e80255c7119974d309a770f6c733ca80e

    SHA512

    072ee9fe2e0a436a4108b49eb72cff8aac44178d40830d27afcc93777e14c532cc2024132f16d91957e97fe2d776a57715533ef71537280b8815cdad2e9ef92c

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    ae5f967015e3a925568569c75f1d6e81

    SHA1

    1ad4324e41506a6b6340b6465ba2dca68ae21314

    SHA256

    1a38636d98ce1a6571d956ed55501f0d1d18f0757884ba3396fbb25c5937212b

    SHA512

    6dcd5d8c95f1f38c4fd6a6aeff4c35efff147895a4993fdb9f7fbed68e250ee202565f2013b25293288562fe03e2f3515b868edcbbd55c23c9da1e70fce974d2

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/app_webview/metrics_guid
    Filesize

    36B

    MD5

    c448721009ea7fa313ac7a0891050abd

    SHA1

    61b9cb3249ca50f0723bb5571e0922f988cf62cf

    SHA256

    cb026c7aea21c5230ddc7038a8ce0d2d16a388982a0ef106077c56603589935e

    SHA512

    76ef53ff40e9a39c93efe967b8ea68d714536ee67fdb785810cb5afb63b64f769bee4e5792c23facc96d26410c66fd00a40f4d4b90f8bcd4e99186a15fe43bd1

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    c4f64bdb8953318f9ac277553066aa76

    SHA1

    d54d0aab90d553470af435caac25377b0a72bf89

    SHA256

    0e94e9446dbfb8f677c06d697e0736cf71fd18fd1363e4c6b09aad13535a08ff

    SHA512

    0cbaa2d185499f304489c3976e1f64bcff50de07f1ee479fb8fa2858ed004dc9cc6070394e9cf2e12b66ba4381a7586b2d8184fd7c9a08c475b56139f6985d0a

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    e7f5420c0e36e753dfb879ec1df65496

    SHA1

    3ca5069e086180e4bdfcb0e9dbd4c23d7c674f3b

    SHA256

    d2e8975addc0eb8c5754450dd7a90ce6db01278e358bbcfaf4f092a2186461c6

    SHA512

    4c95a4486733a11b2b371b7d415838e7503a70c12b49a6a83afbbe229cd047f47c5bb8db141f33a409fd895ade2c9a0a8a8b7621d97c887d5b30b8ae4d5a15ca

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/no_backup/androidx.work.workdb
    Filesize

    8KB

    MD5

    b6ca8b30661a7844ed292db75a29a953

    SHA1

    8e0d397ab1f2ced1f143829084c3f53333743bdd

    SHA256

    63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

    SHA512

    d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/no_backup/androidx.work.workdb-journal
    Filesize

    1KB

    MD5

    627462b0f22daa01dd40fd0cd545a8a0

    SHA1

    1e7a1a7062fb92e4cb4229b5e951838c491340d7

    SHA256

    21624ff5397ebcb06bb6bbaea22a132ff188af2ce154ded6ac9328b0bc40957f

    SHA512

    f0a45973c23dd1ef2b229b633b6805d4f617d3e9384dfcba5d8a4dd50a327fb4fe50866d841d85e167405f2f3493016e434042e6172f5c110cd135ebc90e9eff

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/no_backup/androidx.work.workdb-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/no_backup/androidx.work.workdb-wal
    Filesize

    346KB

    MD5

    1624df27b8b03b9471bdee674240892b

    SHA1

    47a84476375e085abe3fde667a514288fa9ff0db

    SHA256

    ffb6addc19e6a755884b2d83c87a7d3fe4da53e0682167c3bd5ca560e5d38e22

    SHA512

    a1f27322568c62acd4b84830ef8934f7dbf005c49adf73917860bc87ea5cc06d5537b49f71dc9504c548693aae694e7bf8dfb93c8a1935c321f8fbd67eb76a24

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit

  • /data/user/0/com.dogilowopuna.zico/shared_prefs/settings.xml
    Filesize

    134B

    MD5

    78a2c63a0ec2f947097c8b764fb49e30

    SHA1

    e38dcf9d6a39c0f58cdabfcbd5dd4954817a7869

    SHA256

    7aaf74896c69acb15d2b36290e8bc74f6090e1b51ceab19400018fa7ed87285b

    SHA512

    96acd80ce5b0a1bd286f688de13b8b5ed9f2cfc73f034c2928a3d7a360a100e54c7a3239a45d7f81969585cc40b6fa9ab3ec4f7fa487e49efb1954b14d66484b

    Download Submit