Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

e8f0e535d8...c2.apk

android-10-x64

5

e8f0e535d8...c2.apk

android-11-x64

8

e8f0e535d8...c2.apk

android-9-x86

8

Analysis

  • max time kernel
    3036570s
  • max time network
    324s
  • platform
    android_x64
  • resource
    android-x64-arm64-20230621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system
  • submitted
    02/08/2023, 06:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e8f0e535d89dd62514947b8bc50bef37636fae9dfd34290075755fab7cceebc2.apk

  • Size

    4.8MB

  • MD5

    cdc16e41df7ffcddece16a461c1cd809

  • SHA1

    280ef94a9cdfd0de3543a9e1e0b131510947294d

  • SHA256

    e8f0e535d89dd62514947b8bc50bef37636fae9dfd34290075755fab7cceebc2

  • SHA512

    df1ffd77d3e4981f70621046d32ec1b3f4d3eafbb143f4f554b5b4bfe97a481019669948f84fa67db9ff99cfc9bb3173195f079d253fe5b1e25e8bd376ccfdcc

  • SSDEEP

    98304:VJM84U89SirCLP/KKLQEtwwzBh7iAq28UC5BzfrGhHERR:s84UqrCjdFtfeBltR

Score
8/10
ransomware

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.doonheadclock.granting
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests enabling of the accessibility settings.
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4339

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.doonheadclock.granting/cache/image_manager_disk_cache/b8f15cca926a631f63352c05fe91391c8d67eaf4c1a8d64a0a6074d7a8292c9a.0.tmp
    Filesize

    1.1MB

    MD5

    3e4520a12e72dc97ea2e7cd2705d7faa

    SHA1

    8ac15d2f0ce9a1e5374ba56878bd5e72f18577a1

    SHA256

    61758bde0cc44dc1b6a561af5d1e7d36a2bbc0774590ddd227762a1e42e55cf1

    SHA512

    c9fc4ce75549e8574217637429ab7bc8cfe6329af2167a6eeb573d53d64971f4318b7f34743b29c6ca6567dd3982255e85524e7011c94281e4c62f646dcf7cc4

    Download Submit

  • /data/user/0/com.doonheadclock.granting/cache/image_manager_disk_cache/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit

  • /data/user/0/com.doonheadclock.granting/shared_prefs/app.xml
    Filesize

    107B

    MD5

    cb5c781759458d93802d26fb0fba6154

    SHA1

    8508555f4b722db102f39dd40ebd46c4e3c20d33

    SHA256

    22ec8cd22973ce9884e7b76d7f9e39d5c00df9bc3f91d1748b83d0acec0f5bb3

    SHA512

    777afff79e01f5730957a2770574fd16a33e9c026f3c89c70d25f007260dad988744309ed9f090049acee82b58c24e61f93034b1b95d9098d7ede5b4443fda3f

    Download Submit