Overview

overview

9

Static

static

7

Take Chat Message.apk

android-9-x86

9

Take Chat Message.apk

android-10-x64

9

Take Chat Message.apk

android-11-x64

7

1.webp

android-9-x86

1.webp

android-10-x64

1.webp

android-11-x64

10.webp

android-9-x86

10.webp

android-10-x64

10.webp

android-11-x64

10a.webp

android-9-x86

10a.webp

android-10-x64

10a.webp

android-11-x64

10b.webp

android-9-x86

10b.webp

android-10-x64

10b.webp

android-11-x64

11.webp

android-9-x86

11.webp

android-10-x64

11.webp

android-11-x64

11a.webp

android-9-x86

11a.webp

android-10-x64

11a.webp

android-11-x64

11b.webp

android-9-x86

11b.webp

android-10-x64

11b.webp

android-11-x64

12.webp

android-9-x86

12.webp

android-10-x64

12.webp

android-11-x64

12a.webp

android-9-x86

12a.webp

android-10-x64

12a.webp

android-11-x64

12b.webp

android-9-x86

12b.webp

android-10-x64

Resubmissions

10-06-2023 23:35

230610-3k6qfsga68 9

26-02-2022 15:07

220226-shbgesbcb5 7

Analysis

  • max time kernel
    2813168s
  • max time network
    72s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    10-06-2023 23:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Take Chat Message.apk

  • Size

    27.2MB

  • MD5

    83f75f295c4756841f0a46e60b088cd1

  • SHA1

    998138ba24fd4d2d20616fba97c5d440abf7ad1f

  • SHA256

    af6bb4d550d911a6ef3b004dd2e245c9f5c4598b64073e524487add5e8b80897

  • SHA512

    cf6591e3024b809d19bf17f40f1ad3dc6fbfc59dc9bf1f542106c11fb00bb5bfcdcff221dce780a28ac03f775ddf872eea454330a8b8dcce277d241e6530454a

  • SSDEEP

    786432:E4rA0EQBtkQPyZKcrWecqjzPNpnIbEAL2ZQTJN:DrA0hbkaizHn2E6n

Score
9/10
evasionransomware

Malware Config

Signatures

  • Renames multiple (52) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • con.tanide.chat.messages
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:5244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/con.tanide.chat.messages/app_process_lock/1606324.0610604964
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cache.db
    Filesize

    40KB

    MD5

    0b760c62449d11d959625dc7309523c9

    SHA1

    6739ec6aa1cb2d28810f65dcc11e0116d80803a4

    SHA256

    11878f45a4f4c11b25249dafd92b8465a2ac256ec14ff8d388675254de615135

    SHA512

    ab7912921ebca5493f0bc3243d321e2a33be097c2d417d4aede237263b2c08993f1df1017340b549b384722b28d6046bfb1b7b374884f85a9482c40941bfb1cf

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cache.db-journal
    Filesize

    1KB

    MD5

    35626572569a8020b29f6f26bed54d39

    SHA1

    d83af72937389ceee6624fd8227fda4e0e6dc44b

    SHA256

    de78900b9262a43edd4f48469ee4ea72b5fd409f517e33e4dea3ae9fce2b9834

    SHA512

    5b7604150d845b44dfb57eb9c667c56bc43bca9fb87bf25cb77344274120555290ec19a46962a451ce406e5de1d01cb179354f3b0cb7180b09b7f6d7eae05a9d

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cache.db-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cache.db-wal
    Filesize

    8KB

    MD5

    113158def5ac0cb111d69be597485178

    SHA1

    001c8a7ca024480ddca6430affd66627b5be4a5d

    SHA256

    57fe900f8c8344ef97f31ff6ea71fac1ccb9dd735c83be526027a86017b39e23

    SHA512

    7c48483408c45eebce3ddd0cb9a5124e982bda6cd27d492d88d43c02aded51f8049a163c103bf4a50e8a505e984326e429c29a1a4403cc588b5c482802d1337e

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cookie.db
    Filesize

    40KB

    MD5

    0b760c62449d11d959625dc7309523c9

    SHA1

    6739ec6aa1cb2d28810f65dcc11e0116d80803a4

    SHA256

    11878f45a4f4c11b25249dafd92b8465a2ac256ec14ff8d388675254de615135

    SHA512

    ab7912921ebca5493f0bc3243d321e2a33be097c2d417d4aede237263b2c08993f1df1017340b549b384722b28d6046bfb1b7b374884f85a9482c40941bfb1cf

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cookie.db-journal
    Filesize

    1KB

    MD5

    020e01382815d7c1f0bf72836fedcb6c

    SHA1

    64a88242479dbe96fc30df903911082a08c56a61

    SHA256

    e744aa1e043a11bf236e2d3d7b5a493108431dc50e5ff19c1495b6ad604b5626

    SHA512

    145c030637680c8b355be145ec601d5dfb3a7e6d20cfeb13804a91cb8b5bfa9e39c467a664ae20de7f3fe86e0bcddeeefef7b8d7ec5a41460c50389e86d2ff30

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cookie.db-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit
  • /data/user/0/con.tanide.chat.messages/databases/xUtils_http_cookie.db-wal
    Filesize

    8KB

    MD5

    2c1bbee83e08912a0250df95f70532df

    SHA1

    421a2d36a07dabcfcc8c7855c1125dac51c3bd93

    SHA256

    986eaf4f0c5006bd116cb4af401146f857dc0ea825cb4f5965cfceb0a7a3ec25

    SHA512

    9fdf5fac831126e77973ec26983f9cbf66c8e7e8b81506559e3f15d96fbe26249817eeb7892f112af6c08a22273ac599f22dff7ceb2b1467807517af70636c8f

    Download Submit
  • /data/user/0/con.tanide.chat.messages/files/al/.nomedia
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/con.tanide.chat.messages/files/audience_network.dex
    Filesize

    3.2MB

    MD5

    692c6b1b89702297c59bd34c4bd1fa53

    SHA1

    f38cac946f03d7e869018acbdfe0ed272e11b106

    SHA256

    920e465a87a2409fc8d7186ea4e319c613c04d156bec75e8b91cb4d07b1deb75

    SHA512

    927048402fb314ef2624776b27317a6f996ea6b3d697d66b8b213d5be9559f24ae0dca8d2f8a9350d32310b8cab071933936640641d297ba522b3af60424df63

    Download Submit
  • /data/user/0/con.tanide.chat.messages/files/audience_network.dex
    Filesize

    3.2MB

    MD5

    692c6b1b89702297c59bd34c4bd1fa53

    SHA1

    f38cac946f03d7e869018acbdfe0ed272e11b106

    SHA256

    920e465a87a2409fc8d7186ea4e319c613c04d156bec75e8b91cb4d07b1deb75

    SHA512

    927048402fb314ef2624776b27317a6f996ea6b3d697d66b8b213d5be9559f24ae0dca8d2f8a9350d32310b8cab071933936640641d297ba522b3af60424df63

    Download Submit
  • /data/user/0/con.tanide.chat.messages/files/audience_network.dex
    Filesize

    3.2MB

    MD5

    692c6b1b89702297c59bd34c4bd1fa53

    SHA1

    f38cac946f03d7e869018acbdfe0ed272e11b106

    SHA256

    920e465a87a2409fc8d7186ea4e319c613c04d156bec75e8b91cb4d07b1deb75

    SHA512

    927048402fb314ef2624776b27317a6f996ea6b3d697d66b8b213d5be9559f24ae0dca8d2f8a9350d32310b8cab071933936640641d297ba522b3af60424df63

    Download Submit
  • /data/user/0/con.tanide.chat.messages/files/oat/audience_network.dex.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/con.tanide.chat.messages/no_backup/androidx.work.workdb
    Filesize

    8KB

    MD5

    b6ca8b30661a7844ed292db75a29a953

    SHA1

    8e0d397ab1f2ced1f143829084c3f53333743bdd

    SHA256

    63a219c7092be26641907c5f955aa977e7675e3922a8e4ee2af25bfed8c7bbfb

    SHA512

    d21ce3adf13d61369708ea000438f626973f20b08ca05a744c1cccb2d5e7c264a8af9c3ebd18a7a6a464d38e1c64146f8e881d29d71a0484dd94212315f6dceb

    Download Submit
  • /data/user/0/con.tanide.chat.messages/no_backup/androidx.work.workdb-journal
    Filesize

    1KB

    MD5

    0718bda222c77d928b50995668490056

    SHA1

    da14fbdf73baa2182f1b2e0b0cab60a28c93aba8

    SHA256

    1a69a937db5793da3ded0b991eccf14cd02dc2cdb030003e8ccc274d77944cf0

    SHA512

    ce81e52f4e3acc1a201a512d2a7c643936518f14563566676953b2db0685ffe11ab80ed226d5228e14e79086d11b7ec7bb86580b2031768ee06b338f65033cbe

    Download Submit
  • /data/user/0/con.tanide.chat.messages/no_backup/androidx.work.workdb-shm
    Filesize

    16B

    MD5

    4ae71336e44bf9bf79d2752e234818a5

    SHA1

    e129f27c5103bc5cc44bcdf0a15e160d445066ff

    SHA256

    374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

    SHA512

    0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

    Download Submit
  • /data/user/0/con.tanide.chat.messages/no_backup/androidx.work.workdb-wal
    Filesize

    217KB

    MD5

    566a702a7d7c8f9fae04782bc713a6cf

    SHA1

    f436181b533fba866ade55a30cfebea64945b635

    SHA256

    b258ec8e0e8be9fc727338d8ff86890f1ad2a12e13cc8ace8243b22059f28cbd

    SHA512

    40d519faab6e88c92ca982d6958b9c6643e7e6ffb0e65fda1e94cc6124949dd0d927a90c01a7efbbe6c9acb0ddb4480075424db78c7f403ed0d970564fbadfae

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/app_set_id_storage.xml
    Filesize

    146B

    MD5

    3c4cb529cf836b963aabbcc005c7d892

    SHA1

    b3ebf3e3a0f55a9760ecd10749aaff51145fe392

    SHA256

    44aaeaae84972bab0c40faf52f9d725d4675065320290ceb163028b001e0c0ec

    SHA512

    488f2ee4c80f08e1e885aa4b209b1a6c73cd623b116900a822ea7471176c7c02915901ecfadf769184f1b066b1b5f938adc26fe531cb617b88d2575c3ef6c760

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/app_set_id_storage.xml
    Filesize

    214B

    MD5

    3a4c81c65ab54e0ac15af24be2c8a486

    SHA1

    99bd41d3aa1459024061ffe8ba1662ad4d929cee

    SHA256

    d05e9e8dfbfabe6ec9375a3c33324402d31b17e50a15126b22142d6876f6a0c7

    SHA512

    76ee70c2c0850876f47d196d08481e93ddbeb61fc1f1e6edd39a7ccd08033af4047d4a2f3dd6e9c88b629c333dd858133eb8e006a4feaaa5fd89998e66c534e8

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/app_set_id_storage.xml
    Filesize

    281B

    MD5

    2b9b3c06b35fa3ffd323a80e7dab30fa

    SHA1

    f0e14aedf65efddf4f1f4749a945c6a89caa6459

    SHA256

    9b56010d969a12b811bc2d4d9d4ea59fb8e741459eeb5eceb3917b93efad6ba5

    SHA512

    5dde1ef1449079a32e24e50f607b36a56d3d7ed43f225d7b08c5ce27b1a5207ceba927e2471dbedb7f3fa50e7850e5221db6873cae48ee569b3f1573f9ca7f23

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/com.applovin.sdk.impl.postbackQueue.domain.xml
    Filesize

    4KB

    MD5

    d1ad946e7ea7b74672d8a309fe696205

    SHA1

    f617011dd97ab04b1482a55fcb0ece4fcc472e37

    SHA256

    460e9524a4a4c52f5acfd9f349ed474acc0bf2c486a5109199a4c6d95536b102

    SHA512

    5d27e5dd3a8e032e57556ee25f5ccf4b064cce9f45c9f234d6617742098378e2eee562cb55254cb320a3263a0bde45825b3c1230f91d50e8bc507ba99410d3df

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/com.applovin.sdk.impl.postbackQueue.domain.xml
    Filesize

    4KB

    MD5

    b4b07020c20a37385182bc6ddfcdebc7

    SHA1

    42951ef9c55bfd24e11069ab4bdfc694e66eb39f

    SHA256

    e513d722294633b325528c9dcf436dae93034b2a3aa5dc6b057b3eab0bd2a9f8

    SHA512

    abb439024544073769436e7b16150caea48d7539d16039c80cf4ff586a8bfa21ca4acb3923869fa8c149c39fa4aae9c930f3445a7abfd4ff0cf761bb845193e2

    Download Submit
  • /data/user/0/con.tanide.chat.messages/shared_prefs/com.applovin.sdk.impl.postbackQueue.domain.xml
    Filesize

    129B

    MD5

    35cfafbcf334aea9fc5d0dd6bc00e2c4

    SHA1

    2564c427480d9dfe250d9e37654faf252c621924

    SHA256

    02f67f3269d7a249ed5b4148191ffd92da92e21d17f5316acad139c1c2373200

    SHA512

    75f6bc0ac5567de4534055ed21fcfa06089e2eaae3e7c45128ff81bd8602232fdb9c5b32156731536b797bf6148c01baaeeefd2f45474e99cba0da61b8e1e26d

    Download Submit