11d84c07e2903a06ad01d1e91188dc72a5a34b82f8a06a413464387d0a5756be

Analysis

max time kernel
3536496s
max time network
166s
platform
android_x64
resource
android-x64-20231023.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20231023.1-enlocale:en-usos:android-10-x64system
submitted
15-11-2023 11:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Cool Photo Effect_1.6.apk
Size

98.5MB
MD5

e02e5e024b86607bfd4464c4eccad502
SHA1

34e51607e9697e67ccaa2975822aad1906f72067
SHA256

11d84c07e2903a06ad01d1e91188dc72a5a34b82f8a06a413464387d0a5756be
SHA512

886568471c4d67ff69b28057429b78b2c8384b2a3d2a6d977ebecf4f35c94e0db373b857a8b1c10a25ab48d8aefb831274e6cd2108c9ccb642917d8c896faf1f
SSDEEP

1572864:+jEhT1CL4aKxtb0RrMG5b4Iez0ZpyA340PBw/nNNgCt:n0JK1t

Score

7^/10

evasion ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.lab.photos.edit

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.lab.photos.edit/cache/1658186039475.jar	5156	com.lab.photos.edit

Reads information about phone network operator.

Removes a system notification. 1 IoCs

evasion

description	ioc	Process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.lab.photos.edit

Uses Crypto APIs (Might try to encrypt user data). 1 IoCs

ransomware

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.lab.photos.edit

com.lab.photos.edit
1⤵
- Acquires the wake lock.
- Loads dropped Dex/Jar
- Removes a system notification.
- Uses Crypto APIs (Might try to encrypt user data).
PID:5156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lab.photos.edit/cache/1658186039475.jar

Filesize
10KB

MD5
d532cbd4f180fe5fc0d6bb5f0e1677a2

SHA1
991f862931b10f1e4efcb27f60dbc596ca4fbc95

SHA256
5af63d2127385ce87df5e729040874f5043b20ce14e4c60dd95e410d660355da

SHA512
a071eadc4a25a4ce82510e5c6acc34f6d9c324e782be149209eb9f484fa6f1f8809261627368573be434ab513e1f66bf2dbb48cbc849b431d9dfbccdafce4dc4

Download Submit
/data/data/com.lab.photos.edit/cache/oat/1658186039475.jar.cur.prof

Filesize
145B

MD5
6355941e04b6d4c051551d59a330138e

SHA1
0d7158c6aaf37a7964fa9f7c51b6fe91c42cf80f

SHA256
02dd34d1b3fc64f55e47db6a10b09b53a631235c28e31e08eba3a53fbe730291

SHA512
b64679b94dbc92e9d336938a1937a6da31c9671baeec443fd888fa40844c38588d72e2f4b4d80462db8167e66e29e7d6402ec025eb84e88ed56b829dfc9bea89

Download Submit
/data/data/com.lab.photos.edit/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
8961719fded99d96899c1c589b548661

SHA1
f88ff9ca52956afe854439175e521753dca9374b

SHA256
5d545a2787720e7937825b409b80add7b06a73e9d74f3b41db6129ae00ffe7fc

SHA512
0dc5fd07a2cf83d9707b52fbe6c0aed7dc5fa2d999f35659bba20a9b5296d184514b512c1250be1c4bf31f9f1bc1a3ad7a6523dc874dfe838c8fe7123a7e3c48

Download Submit
/data/data/com.lab.photos.edit/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
773d6a66ee0ac0a90783c0f3b18a51c5

SHA1
7a98015e9860dbc3cb4cbc3e58a3b1fa4be51e0d

SHA256
b297ed22d8120a0bdfc227c1e30d6612fe8950fa4a17357df3c63fd28cf3788e

SHA512
74c5c31b3ff75aae1d4f3da2fbfac3067255f61265b6b35308df1c9bb24479c95f2ba4ba5f9949b4bace62c0d2cfe9eac35ebcdb3aa09aaea7a89b2794735bab

Download Submit
/data/data/com.lab.photos.edit/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
451c5f7c0986c320302dca147930a346

SHA1
01e3a8d165f98ff97a59c84f8a4fdd24ef3c97d8

SHA256
38d50cfc10d7383ffdd81092968f8504dbe0670412d209b6fb45306a225d201e

SHA512
48c38405ad0204c2e59d2b078fdc149a4342770e6f1eb416f938a9c749e57a9bded6d03fea097d24e70bc42ebfd8259149de95fa424f5353f94f1a5e64907cd0

Download Submit
/data/data/com.lab.photos.edit/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
b66d99ebed3d1cac51c971bb83be293c

SHA1
552074b31f23bb0d2cafc68b8d93b18975b17ec5

SHA256
95e4bebffd18a2f0624abac0ccacd25f121db83fb8276bc2378497ebc3ab87ef

SHA512
fe67dcff2d9d751fb93684af8828563fd4106c656f9d6d28c86688da28b821de1864092fa7d464f797bc269ebc606c4b1978c40576138a57d9ea5cda8e83dfc8

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0e77f86abb4a620f3b436f69ecdb9a3e

SHA1
77cb84e2bca17ef0f4feca689c4c8d917f285e86

SHA256
a5d985e777991d9fa27861cdfa0cd02dd2b38f47cd9a73783b15a9cf4c76546c

SHA512
92b8a5e1d131b0817712f7498294f06100ef3f35ac30c3d0410fadbb8451fc22c3eb7723972fb8517725bcc59db67654fb4294ef1b7ca0f6f8691c9eb7717342

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
53e7a46959afcccff415b62addd5d024

SHA1
5b3f84b3f82e33fa011531e34418d546c63a0ee5

SHA256
3bc1738a83b6c44bb1bd4b7134f8fe3b63ab1972a576d1c28c54e42842108eed

SHA512
c40cd94a30d976bbc634d5bbbcb19a35a1bcfbb4363ff586688ed706cae122365c13bb3673908df5d4fe7275cc5f9db1546fcf6587332711da1ceb1db1112299

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6fca7b0b8a56547ab539e1155f06817f

SHA1
53466ceda30eb2b6b1c58c1ce65b911ae882c142

SHA256
ce0b25d715b21836ae564962240c2cd2c8bd22f12d9c9c9ead954274c40b4bb0

SHA512
e44560a7acc511f41c52b3c2175186c0e80b1bd61b081172212d11d4aea30a4e0575a9e29e0935c61287474b065e5c8e9cf6eed3d750a4024aaa5863e54be6d4

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5a2a69469e62c6b9fd4e0e33ddd2381e

SHA1
387ed7da6dffa58a64e2cedfdc41ca98bbf7de9d

SHA256
52113f0e1343cea7f60036cdbea7b45b5685d68ce22180066fd1a876cf3e08f3

SHA512
b84789567f0597a1190e4de62b970609e8373d5b6af8f75066141852e1c590f21360d84e7062220fe6345098ee998995e57392a4927154788603c88f09046fea

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e5f1abd9757bc081f9b9ab59823d783b

SHA1
60434d171b0edcf972648fa20b2bb7396ff84251

SHA256
cfe0672d9c9103f9a33569a246c2e854db6bd49e325379e729b9cf0f9a44a110

SHA512
a538990074834794777bca2df1dbe49790b9b2bef4c60e77b0ddcb38952fcc729806c7c3d222190defbd3936e441c01dd940d024f6c37121f53ee5a635338228

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
16ce24d6a820df4d0ef8777dc1050cce

SHA1
649a96fbccce012aa464b93a499b202ba5afa803

SHA256
8b44be4fd08e296e6f4d013070fec0b57f768a9dd2022f2036db66419ef2231a

SHA512
7e509443ee91b5b2036d1ca7b493cb4225e4ca825ff9f1994f125a304d315dc9dd8c268eb5ac90a2284dab9437af6171ead558bcaa7a7cfb98f82847c522f3f6

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
64daa068ebd7752b38e4cf43c1f87b4c

SHA1
7980219ba5cfaf2b05ecfdc5ac1746c0e678ca49

SHA256
1cc993039cc68ad39c0bc06943ef5a6ab668a5011c3309f825a3204cbd14f539

SHA512
c6f1e04df4573f2d40d5ae15da276ce4738e512cf0ed21951f13fad75ed4baea318da6a1d0d967e88c5189bf73fda00b90bc5c398871be94bddd8de43f014767

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
dbeb15eea009f57b4b42668bc6ac6683

SHA1
7d872e6cf2291ea44559365c4d01b69506cdfff9

SHA256
5c735aeefe4faa05bc00eca4c5327eb8cc2a690a4712c732e92e7958e5177018

SHA512
bbfc63b8b5d0474ea1e0809daefb2f716a695c42febccc317feeefe3365dd29aaec4424e3fed0369de37bd2f8221ee76287a25ea8b483d40732d294e6b89fe2d

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ab9746c09caf37d226919e36d2c1e77b

SHA1
23482e1ceb20d3f0a0c116557a61d76123c2be72

SHA256
200f280f7abc4f68fe604027cc15c97b97b0f89eecc0a271ece1bccb84409150

SHA512
a04a8fc3ecd48c25137bacd7a348d6bfcec85a15bfda6d0167d88239bc758ceff5e8f51917a321e09d1dbb3419c5e0a1f010d90dd36f42832992aae8e281ef49

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9c092a65f2305f938aa918a325063a9a

SHA1
350f2bb942208fed0b609b628b007d1eca6836c6

SHA256
bb2abb36f40f28f1a35974022fec47684f24564576dff9edbe0e1cd4636c092a

SHA512
e2c7dc0d9f97d3d9e31b13fff1cac74f47316d1e3a6af888620a690fd8280c4d3e9e80d5b6808065b4d3ffbd9fba8bca98611d502076737c42b215dfa61484cb

Download Submit
/data/data/com.lab.photos.edit/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0ec7c6cea69d4733b779cb9c4d785041

SHA1
44ed91388924baadd6c7ee0ef8acb54535a60dc2

SHA256
7a5647b910457414232cf3c47252da0d02818b4251c98db2779c6ff8c186d5a4

SHA512
65b4436ebe636c3c25c910b33ebdfe58f07c98a39acb7ed9ddefdfdec291d233f808e918b3a7ae0dc8715e8bcb1d0d2ff96ee4f5e800f5c50338f9176eb6999e

Download Submit
/data/data/com.lab.photos.edit/files/.com.google.firebase.crashlytics.files.v2:com.lab.photos.edit/com.crashlytics.settings.json

Filesize
714B

MD5
5fc4464408789c5cff86141b396f0381

SHA1
05785aaf39668816fe659c1a465de132db2552fd

SHA256
ed84e69c5f1bc5220040c889dcb0a5e118a9d838d0492656454149591758b807

SHA512
2f97b7219ad717d533605ab4f70a6c9f35bc132327c51e50be176fab0c6dbc86f26cf6a070e5202edcb561257d50cf900aba9dd683595cb5f73371d569a5943d

Download Submit
/data/data/com.lab.photos.edit/files/.com.google.firebase.crashlytics.files.v2:com.lab.photos.edit/open-sessions/6554AE70032500011424C714BBA72D04/report

Filesize
737B

MD5
ff22147f186da2e74a24ed2fbe707e66

SHA1
9432abd7b8d450988dd9a23fb4045383e32ec62f

SHA256
f582dbca04a720a656862f2683f2a93f5bf32c3ada58c35518b893c48f592590

SHA512
8e57211aacc7142329b638bd87e0e51aeaa7cca18bdc61ebbb423fcd68a4ea2db2f541a1ea87e85b02d06640f4bd305c20c65ec8e8e967d81ba8fbf29e3fef5b

Download Submit
/data/data/com.lab.photos.edit/files/.com.google.firebase.crashlytics.files.v2:com.lab.photos.edit/open-sessions/6554AE70032500011424C714BBA72D04/userlog

Filesize
869B

MD5
91ad80c95b6b75b11c25903e3dddc81c

SHA1
97fa0c25dcb377a5110db7365ee6b6f47f439633

SHA256
ac0c687460acc1456b133e5d0df096a87ef8b1665e552e961822ff600af707e0

SHA512
12e32139988539a3617f5f0b6f0591b776e3e44a5174ef3bd891d636af5f30e48c609ded4c02f667865d5bf5976a9ad32fe985a3ec76d1e975c34ea1857ce9fc

Download Submit
/data/data/com.lab.photos.edit/files/.com.google.firebase.crashlytics.files.v2:com.lab.photos.edit/open-sessions/6554AE70032500011424C714BBA72D04/userlog.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.lab.photos.edit/files/PersistedInstallation7255785807666279442tmp

Filesize
564B

MD5
a33e6f71ceb8205ed1870bf7ee586304

SHA1
851b5c493cc33b6d84eb0be7328b1bb9c7ab1003

SHA256
e98912964bacd2a11ba255c280031084b82a7398752a5aba7576790f50937b32

SHA512
0130ba42e61a737095244175d55acd9e3a43b126762adeafbe74adc84eabd96262c9c8d0f7da0509d0fda027d61583dc776b48caf58b3872e37a23eac277442b

Download Submit
/data/data/com.lab.photos.edit/files/PersistedInstallation7712268544828608972tmp

Filesize
90B

MD5
8d82419c1068208b2244908ba97d1039

SHA1
5c995ec36f871ec4b9eb388578cae6f5f6b82401

SHA256
b2346b2ee84ddeb18780960d04449b6ad19f893626fc6fac94f61d62bcbbe23b

SHA512
6fac85d1774f604932fbfed891524d33f032d8a406f862cb73dae34aa31c7f3465e37fbbacf09ce66bd4d4939674fa44630111b1d234625b46c9f2b51b996902

Download Submit
/data/data/com.lab.photos.edit/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.lab.photos.edit/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
15a42ef9d696a38668cbe064a781f4c9

SHA1
93a1256cb14512cac943ff6ebec5309c2ba605f2

SHA256
9a8df1baae8bcc4f34f3cb20db5f93cc2ce945ab3f632eb8c1fca0729e753d8e

SHA512
1390546c8f5bbaff498a52c01aa35a715a229c3aa71dc71896a05253602bc63d69fa2a64d350852b425cf9f644bf844e6281040e2bc60ac5cb722c4f071563d5

Download Submit
/data/data/com.lab.photos.edit/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.lab.photos.edit/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
a73a2d163a762d29682f7911325859af

SHA1
65c79dca54a4aed04221e6a5887ae3f22a7b75eb

SHA256
072eee171c7f36d1990ee3aaf41966a4647a8643358c690736b452182bd6cd05

SHA512
f3dd4bf03fdd99ccb715ed75d700506ca83ea98b6877efeedbcbf23aafd2e0f9d64422ba57dd6d5ee1808e9d6f615dfb5e93ea12907c2c223e09dc7edd49799b

Download Submit
/data/data/com.lab.photos.edit/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
9097044ab6b01a9239c79d0011456c15

SHA1
9c5925e9b1bbe1f75da0a9a74a5ee5594e4ec068

SHA256
0792f9b9b77c0b92ac1c282a0d1fdd59887bfd695309a87fe3262a40e14bc590

SHA512
41a31417ad02927b37aa384cfa25dc70883fc243670754a294f372498b8885d1ecfd343827572c74de3c051b0efc9eb2bff7a4ad0498f8e863d09329b9364d95

Download Submit
/data/user/0/com.lab.photos.edit/cache/1658186039475.jar

Filesize
20KB

MD5
3e4c7cfe03c0013124c0a0b4a7f79735

SHA1
7061aaa831e19f82510a07d6628550fa4c4abc87

SHA256
a35c31d98ca212a0553053527fc39a7a8c8cfe22e87fd72d20f81a92cdc7bbaa

SHA512
e9341778de8925924b49b64181f5091f0c96898e7587a05aefceb0ee87921c1bb392081a305161b04123b59c7d4209f279d92702090dac9331b852f6e755a1cd

Download Submit