Overview

overview

10

Static

static

10

Chrome.apk

android-10-x64

6

Chrome.apk

android-11-x64

8

Chrome.apk

android-9-x86

8

Analysis

  • max time kernel
    226940s
  • max time network
    49s
  • platform
    android_x64
  • resource
    android-x64-20230621-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230621-enlocale:en-usos:android-10-x64system
  • submitted
    30/06/2023, 18:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Chrome.apk

  • Size

    1014KB

  • MD5

    535d423f8b0c9d9513c593c047d8d3df

  • SHA1

    076273b577ee80383f264ea2b169e1f620171109

  • SHA256

    fdccb6b1b3052841a5d73196965bab668256036483dca5768a7192748bf8e580

  • SHA512

    72ac870c1fd1ebef4b76988b83795e4a11a058eeb86d83c83476838f8591b3812caac5018ed978ed785f16ca9e85aaeab88815ab81a3b91c138b5f4f54c263b9

  • SSDEEP

    24576:4vIKLQv8rdHsYV17CHV6oINF5ppSQ3BxeHSgS+Ubn8:4vsvW+Y7YdINf+HSgSd8

Score
6/10
ransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.lexujemiyunu.wana
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4973

Network

  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    142.250.179.206
  • 142.251.39.98:443
    52 B
     40 B
     1
    1
  • 142.251.36.10:443
    tls
    116 B
     40 B
     1
    1
  • 176.113.115.150:3434
    300 B
     5
  • 176.113.115.150:3434
    300 B
     5
  • 176.113.115.150:3434
    300 B
     5
  • 176.113.115.150:3434
    300 B
     5
  • 142.250.179.206:443
    android.apis.google.com
    tls
    2.9kB
     7.1kB
     12
    13
  • 142.250.179.206:443
    android.apis.google.com
    tls
    1.9kB
     6.2kB
     10
    9
  • 176.113.115.150:3434
    240 B
     4
  • 142.250.102.188:5228
    156 B
     3
  • 224.0.0.251:5353
    3.8kB
     19
  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    140 B
     2

    DNS Request

    ssl.google-analytics.com

    DNS Request

    ssl.google-analytics.com

  • 1.1.1.1:53
    android.apis.google.com
    dns
    138 B
     2

    DNS Request

    android.apis.google.com

    DNS Request

    android.apis.google.com

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    140 B
     2

    DNS Request

    ssl.google-analytics.com

    DNS Request

    ssl.google-analytics.com

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    142.250.179.206

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.lexujemiyunu.wana/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    820bff5376bcf187dcec2f5495e1af91

    SHA1

    ad5a16305b00bd63b178d83695e42c3fb94cee5d

    SHA256

    e83333563f0632cdf79042125d830ba8db06eddd943eea20fb623d407ba6712e

    SHA512

    17542be659ea067d30622f46b1277acf2d8254f0da4567df452bb6304a7ec7a8482a95ca1c98b5db68970f82eff713ec8f295a71fe876e321a7ea8624338f7ec

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    ec34ac847492dbc8c247b88bb27f435f

    SHA1

    64b0ea484cc202d18d353dfacafb69a0cc8a140e

    SHA256

    885281af3e5912234ef0b3c2a46700ab146d788e9729e44ab80496199cabdd41

    SHA512

    17e52e93c7a2d31f6372608c709d2a2041757da9f9a816d3306bddf1c69faee82adb6d30949b5cc65f0e7b0d7ec799d6d030424360f2c335e5f5f2a2a3accdb4

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/app_webview/metrics_guid
    Filesize

    36B

    MD5

    7863d217e4c8eefb1d78454c4320e383

    SHA1

    06b4d09854a7dd6fbe2df4e1382610da794ca4f3

    SHA256

    935a70e972a3bc26b50f9fcc4ff0885129d56ffba84ffd086d64509d6e8abd8b

    SHA512

    894a2479e5782b562b68906881f3b82924742656349cd91e37c839fd877da3ccb41857980407814aeb6c944807df1b3bd70ce11428ff34008bc27d7a60afbcea

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    42425107c311ce9e9c429c58a08ea628

    SHA1

    8fda725155089241adec02205e33e33fb58605c3

    SHA256

    428f9f2b29227ae3228e6f368d55a46316f73eeedbd74cb6ac5e5683c3f7662a

    SHA512

    54650a16a94c6194717bc40b40c8f12e87743e0a9c893ed690f593c5c9d2a8be9a9f991a22191fde1abb6a47eebc0104c0ee340002b6782c33bc5630e9c3da48

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    a4b9224b2ff2af39b2b5fcaaf4aab6f7

    SHA1

    bd5756294d455da119414ae618329c37dfac7cb9

    SHA256

    2e89fa810cd8ca89dac02686bcd19bf578ff9c18fcd89a7122957f13cb9c4474

    SHA512

    6aff55388f3901a36c43e9a76e8feab63503e07773200ca9818d02ac82cf531166e1ce382288e183926e7323d4fdd5f94b3e2bef79dc62fec78fba22993d9498

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit

  • /data/user/0/com.lexujemiyunu.wana/shared_prefs/settings.xml
    Filesize

    134B

    MD5

    8db9484ded18dad5f1f7848c74ed51a0

    SHA1

    7a386acad96c901de974ee8d3e13653c2622b348

    SHA256

    a51a9cf9be177ae20da4ed5f725b299939e84c6d00a482093d3480242bbffdb1

    SHA512

    1b8c53125ffa1b498e6940e1d3cbcff1ce4ecc7f5114972bd1ef95881639daa17f0a1326c26d022d733a3e3c070c14b2d10379c2c0f0ab5b9289b753145d5158

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.