Overview

overview

10

Static

static

10

abf7f807da...JC.apk

android-9-x86

6

abf7f807da...JC.apk

android-10-x64

6

abf7f807da...JC.apk

android-11-x64

5

Analysis

  • max time kernel
    496582s
  • max time network
    128s
  • platform
    android_x86
  • resource
    android-x86-arm-20230831-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20230831-enlocale:en-usos:android-9-x86system
  • submitted
    11/10/2023, 06:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    abf7f807dafa04d517a562f1beab15bd77f584f399b48e7f371a7fef42bf9882_JC.apk

  • Size

    3.0MB

  • MD5

    2f34af0337a3b85310a6026c74fb89e2

  • SHA1

    09da0f8c05ff3e7314063a07bfe7616dbef39692

  • SHA256

    abf7f807dafa04d517a562f1beab15bd77f584f399b48e7f371a7fef42bf9882

  • SHA512

    c1dd30b110d43c11a551bcd9d0fc2ba5e9f3bcd94eded0080a201b5b7ce6c0ba43a7e73faa041a15bacd6aa347b58873cd9f5d51940d64d521ff2d5f550756e2

  • SSDEEP

    49152:thCx/vtCQk3pmjS5/Xv9L7gtSMr9VVkqAjSqz5sMh+JjhwHZ6Hqy5E8lHs/Ip7f/:tE7Ymj2vFwLq/S25sMhsF2Qqy5Ll1h

Score
6/10
ransomware

Malware Config

Signatures

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.lydia.route
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:4183

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.lydia.route/files/PersistedInstallation4256446332070978092tmp
    Filesize

    90B

    MD5

    ff1ade18efa4c7ed112fb1441b087b8e

    SHA1

    f248060b0c36f5725c431c25aee9300b0277399e

    SHA256

    7ef0efcb74ab88a72f7b4a3c0bf5491bdd2a5a6f9724856532a5807997dbb116

    SHA512

    a6f9d2bc398b59e0f95d25703ff0f3d2a6fb2f5fec0589b1988239d709a46448f57cd6f0ab771b50028a3dc619748fb4ecceef76097e623e9c609782494a4d73

    Download Submit

  • /data/data/com.lydia.route/files/PersistedInstallation4389072401798723397tmp
    Filesize

    114B

    MD5

    c62be1c8167c7959698560900cfd9983

    SHA1

    ec91e75cf8e2eebf4bba90fa17fab7dd6d5a22ca

    SHA256

    28fec5667b4c88194937e449735edd1ccb6a3f3140314fec42ce06965c1eed6a

    SHA512

    410a0397f593726fe7414234d6909227197664b31c18b1e31e0d73bf9e18426166fff9894125c300eadf3dee9d39409ea59c3190b8123e340643f410d6d66e97

    Download Submit

  • /data/data/com.lydia.route/files/PersistedInstallation4874043851685120006tmp
    Filesize

    114B

    MD5

    c62be1c8167c7959698560900cfd9983

    SHA1

    ec91e75cf8e2eebf4bba90fa17fab7dd6d5a22ca

    SHA256

    28fec5667b4c88194937e449735edd1ccb6a3f3140314fec42ce06965c1eed6a

    SHA512

    410a0397f593726fe7414234d6909227197664b31c18b1e31e0d73bf9e18426166fff9894125c300eadf3dee9d39409ea59c3190b8123e340643f410d6d66e97

    Download Submit