Overview

overview

7

Static

static

7

60b0e7e09f...55.apk

android-9-x86

7

60b0e7e09f...55.apk

android-10-x64

7

60b0e7e09f...55.apk

android-11-x64

7

editor.html

windows7-x64

1

editor.html

windows10-2004-x64

1

index.html

windows7-x64

1

index.html

windows10-2004-x64

1

index.js

windows7-x64

1

index.js

windows10-2004-x64

1

jquery-2.2.0.min.js

windows7-x64

1

jquery-2.2.0.min.js

windows10-2004-x64

1

jquery-3.4.1.min.js

windows7-x64

1

jquery-3.4.1.min.js

windows10-2004-x64

1

jquery.min.js

windows7-x64

1

jquery.min.js

windows10-2004-x64

1

katex-auto...min.js

windows7-x64

1

katex-auto...min.js

windows10-2004-x64

1

key.js

windows7-x64

1

key.js

windows10-2004-x64

1

keyboard.html

windows7-x64

1

keyboard.html

windows10-2004-x64

1

latex_parser.js

windows7-x64

1

latex_parser.js

windows10-2004-x64

1

rich_editor.js

windows7-x64

1

rich_editor.js

windows10-2004-x64

1

Analysis

  • max time kernel
    762836s
  • max time network
    136s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    13-10-2023 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    60b0e7e09fe91aa785b85315aad3850e7f47f70a5aab7ae9ef31ad1c50477f55.apk

  • Size

    3.6MB

  • MD5

    b8019c6df196812517c445f802143d08

  • SHA1

    59c6ef85e25b688d8000e697ad2f3f7420dc7820

  • SHA256

    60b0e7e09fe91aa785b85315aad3850e7f47f70a5aab7ae9ef31ad1c50477f55

  • SHA512

    1c8a90e282ad9b633d3d455558b3eff2b054d1686ddedf16979ec934b29bf8297ddbe368fba4fd1467341b55d9ef8703568af5aa7bebd97f6ef0cbea79ac6e3b

  • SSDEEP

    98304:3zVifzai61uitbqGH/8o80oyHnqPHzBr0N/EhwjkJmd5JpC:3ho6/tbqGf8ohqPTBwgM4m2

Score
7/10
ransomware

Malware Config

Signatures

  • Checks Android system properties for emulator presence. 1 IoCs
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware

Processes

  • com.loud.help
    1⤵
    • Checks Android system properties for emulator presence.
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data).
    PID:5076
    • sh
      2⤵
        PID:5113
        • /system/bin/sh /system/bin/pm list package -3
          3⤵
            PID:5133
            • cmd package list package -3
              4⤵
                PID:5149
          • sh
            2⤵
              PID:5173
              • cat /proc/self/cgroup
                3⤵
                  PID:5190

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • /data/data/com.loud.help/app_DynamicOptDex/BFHAGAc.json
              Filesize

              298KB

              MD5

              15c418e8d73b6cef1a8b487c58026d29

              SHA1

              da5de2b1666dcdd44f1d51dc9cae1df772a378c1

              SHA256

              a567ffa64f4f2e514d7a539fcf00898a722d18e5396fcc54b5c9a9dc50d8e5ed

              SHA512

              551aaef0496db98c27c7a1dcc2b363bccdb6b663b85a2bedd6b6f6d021ced66a7bb98fa482d58b680f8b94b5280fd9ea4c35a103ddf5cf040c5fbb14058b9e0b

              Download Submit

            • /data/data/com.loud.help/app_DynamicOptDex/BFHAGAc.json
              Filesize

              298KB

              MD5

              a5d1f5499382383a603ddc58ae15262f

              SHA1

              966b1e04c26f252f99df7ae5a03e837f7cb37593

              SHA256

              6b43f9f2afaadc5b239052b249cc67593771ed317b9d70debf2f8c694dc3eb15

              SHA512

              4b56eafbfc2269107e4a6232154de87bc5d75423938ba2ab760b78cba62af717012edcb07c558aaa7055157f32d0a629493b8fbba49d2745a5c0cded7d8bfb75

              Download Submit

            • /data/user/0/com.loud.help/app_DynamicOptDex/BFHAGAc.json
              Filesize

              654KB

              MD5

              da9ab4f896cf98d9efef0ab26a22d779

              SHA1

              8f8959dea48320466d886a601c8a6ffa3928298f

              SHA256

              038ab2ceaa1c1b783f665f3b3a7beab67a4457bf67ea5e42721983f6bd8d32d4

              SHA512

              99a35a36dc77e0f7033dff762791ae5ffaead81f57b1656c287fe80dff45e6a00ae8b082d8815f1bde41c64b3046e4936bbc552797e8b3a84a8d4ea2a074604c

              Download Submit