8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b

Resubmissions

16-06-2022 16:39

220616-t6ez7aafc9 10

10-06-2022 11:23

220610-ng7e9aaebq 8

21-01-2022 23:31

220121-3hqw8adac2 7

Analysis

max time kernel
1297856s
max time network
163s
platform
android_x64
resource
android-x64-arm64-20220310-en
submitted
10-06-2022 11:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b.apk
Size

6.2MB
MD5

73e532519bcab9adc579bac24d889895
SHA1

8108bcda08173ff6ee82a7b1ea1cd781364493d8
SHA256

8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b
SHA512

9352ebdfee46ced1bee3054688aee3702e0a03a83207e0d8f50bfefc54781bcd902c05699a27b350056b19f55001235441d59da69586cc008a9a92e29e4a7f25

Score

8^/10

banker

Malware Config

Signatures

Makes use of the framework's Accessibility service. 1 IoCs

description	ioc	Process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.nightlight.app

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs

banker

description	ioc	Process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.nightlight.app

com.nightlight.app
1⤵
- Makes use of the framework's Accessibility service.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
PID:6220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.nightlight.app/databases/app2k3

Filesize
72KB

MD5
d5d6108bd3a3bc6cc55cb095fab919e6

SHA1
122105729b7b923acfb7a9b1a82c1903ba5d3826

SHA256
dccbcb7ef2f54888a19368b3a072476542d3abaaf3dec6eda3096565ff278cff

SHA512
174684ee787f109129735714244e606b46d86434c2a54e46e0344149d983492b59b9a8cdc21f8316062b0853167ce2940319d1553208115ace177e2fe5ac58da

Download Submit
/data/user/0/com.nightlight.app/databases/app2k3-journal

Filesize
1KB

MD5
dfcab1a45048478a82f71076fab48fe0

SHA1
40c42ed6dc6a077603a814379626433da939ee93

SHA256
0d2c0ae667268c5e0397d12db4d3e49c20c20dd42ec728f37d42ae4d71a38272

SHA512
9509abed31062688d6181573347fc5cbf508de02f421cb9994572eb1bfba249e05b5f5640734a5a7feb3d9eb6473233d1a1e5d832a796dbb733251d3bddf075b

Download Submit
/data/user/0/com.nightlight.app/databases/com.google.android.datatransport.events

Filesize
112KB

MD5
42234a0297173062f6ed764ca6c0208c

SHA1
d8105d91e5557e0392dc749fbac6974d2daed956

SHA256
7265e8650b06d78c24ca70a41564680abfe6e529ce6ff5f5aa7504caf9113dc6

SHA512
001960aca53baf55b045b0b1d1f8609d1d614bb145306da3d8eca698d33d3a6d5b66a81cedb8a581b7e0a9fa97349b0ce0b19113564ecfcc41ba95201b871f53

Download Submit
/data/user/0/com.nightlight.app/databases/com.google.android.datatransport.events-journal

Filesize
1KB

MD5
c2ca8c530bce4382e69b51e718038445

SHA1
69c821ca9e3134d7b2fb3c499952f4dc55ccd5fe

SHA256
1a1808b19371d4cdb15e071e6bfb1463d30094bcc0b11d72a482bb1442f780c3

SHA512
816a0df5eaa9f59c2aa6b4fe2e00d06e1caee175095f0c1e3663a605f92d4f0ebf5ab0623c5d2cedf493cd7904a560bef68db709bbe00d16a38ee95e2ddd3d93

Download Submit
/data/user/0/com.nightlight.app/databases/google_app_measurement_local.db

Filesize
88KB

MD5
8dfcfdcef5a9793fb83bda404ec3f42b

SHA1
dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b

SHA256
a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2

SHA512
e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807

Download Submit
/data/user/0/com.nightlight.app/databases/google_app_measurement_local.db-journal

Filesize
1KB

MD5
12e2a10eec86f9bb06032e508ef9ea34

SHA1
e7e69bc586cceca15ddac8c6836d1fe9e41b586e

SHA256
1c0ed6ca48576162881dd39e9b57f264388d3da0687042603815e185f7be0f31

SHA512
c9e43ecd0cb6e5cd62bb95a5b39fa4b88f965dae494d175c4a31b0f1e69a5a6f5fe66ace9bfc76b407aa77beda05a86f05a00e70940cec823b9dee2ff9f9cf23

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/62A329B503B0-0001-184C-3DEDE53EB7A4BeginSession.cls_temp

Filesize
75B

MD5
406c7c0c4bd3ec09dc81189206511087

SHA1
561e8fbf22cd192edcab6d21ac941aeb9c133c8b

SHA256
6ecab667f09d870de9a12aeea5bc55bbd460ac3474f03ab0982ec480702681f9

SHA512
24612a51a07875efa17ad42e65d4449a7c7dbde60d0323c4c1c87d1ce0df58925212b24839a05e874e4e362c482a7f7b180101e1ba6332ab99a20894181db17f

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/62A329B503B0-0001-184C-3DEDE53EB7A4SessionApp.cls_temp

Filesize
71B

MD5
7c10c30b6b777abc2c90265214941dc9

SHA1
f3e60c28799f38e20018e3907bab977c07d1f129

SHA256
d4bd1e37aefe6bd2d402441a74a13571139483488cda24e49712b1c1db82be92

SHA512
960d9acfe6133f76d7e448ae7f5c37177f28f9e3ef7a2889480c64468ff73ef5d5d7c91a168d9a7ce53455a3b957667e156ca766202e12d16a6a21cc83fb3cd9

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/62A329B503B0-0001-184C-3DEDE53EB7A4SessionDevice.cls_temp

Filesize
48B

MD5
34cb853bdbc623365d2e5d752f172d3d

SHA1
1967218d2a60437edf9cff14429b0b83cb6dd424

SHA256
0d59d59f330a43b5416904eba174b9bcca8ff64af51b4d05e5e14f2dc09938c3

SHA512
f284db4f71b8c38931db7da88177c74b659946797b51fbe7f10c573950d873c6eaf7827a7f4a570ffdb230475b4fe755acbe9db063cf957c26641a654f448b01

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/62A329B503B0-0001-184C-3DEDE53EB7A4SessionOS.cls_temp

Filesize
15B

MD5
b3d9541cc92a9153d14e5160f8d8c008

SHA1
2e1ac80eb381dd82a03795b682f92020348c0113

SHA256
1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d

SHA512
78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
599B

MD5
4b784e25b6f407222f1c8b6cca639d85

SHA1
bc5c3c1e16be1e4bb574a0cfbb301fe25b578f92

SHA256
0af787163609706743fa1d9797880823b48153981e9a41ebafd83d24d209233f

SHA512
77a763b690d4844691d892798b18bc6e8b6815e432f289c3e4f2faebd3c784f8e42d969d3403a049e782c11f7c2beb41e6c2a7fe738ff96cee801bd3b80c9a8b

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-62A329B503B0-0001-184C-3DEDE53EB7A4.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/user/0/com.nightlight.app/files/.com.google.firebase.crashlytics/report-persistence/sessions/62A329B503B00001184C3DEDE53EB7A4/report

Filesize
745B

MD5
cb05527af410d18b585426d3b5d704e4

SHA1
71e26b50a1290425164cf764e501492343f42f0e

SHA256
6ed35802a0fe6757e179f813f8e84c71fce5e04f821c35b085693d8e8418272a

SHA512
3be7ecfd628febc38f645fa2ca9714eee46c9c1caadf820941e81ecd6d4ad119f975a4fa9a9ac689378ab9fd23956a50e3d5be47bef31f7a60a43a45b23243f7

Download Submit
/data/user/0/com.nightlight.app/no_backup/androidx.work.workdb

Filesize
8KB

MD5
e579a6b00eef1318f9166352228eba18

SHA1
76988896854f0139083e77862eea1a4846cf039f

SHA256
4b34cf505050facf47aa7936e4e7667e1969105665c632b3eefe7ecddf9a6935

SHA512
c47632e957d87727bf6504a82ca7a44d8da24d30cd997a0f449a96e4f97c656a1b4d9da3fcd827e2a48c59677688da0b872358ebd0f9369d898d1b8ec18d5699

Download Submit
/data/user/0/com.nightlight.app/no_backup/androidx.work.workdb-journal

Filesize
1KB

MD5
b6dd524fa706429c1941d846d9a7f02a

SHA1
e368263683c397de1365451c9591baa125f99f48

SHA256
f09e26bd88cad436b307991f64df66cbd13d2cbafdab2b236c3df217b027e08c

SHA512
09c059b883ac7b17f0a03d755bac4a1d1337c8ac2e6faca9b89c0df67db2263d675cb0721400807661754430e751cfb52f994510fffa7d1979729a6b6a755d12

Download Submit
/data/user/0/com.nightlight.app/no_backup/androidx.work.workdb-shm

Filesize
16B

MD5
4ae71336e44bf9bf79d2752e234818a5

SHA1
e129f27c5103bc5cc44bcdf0a15e160d445066ff

SHA256
374708fff7719dd5979ec875d56cd2286f6d3cf7ec317a3b25632aab28ec37bb

SHA512
0b6cbac838dfe7f47ea1bd0df00ec282fdf45510c92161072ccfb84035390c4da743d9c3b954eaa1b0f86fc9861b23cc6c8667ab232c11c686432ebb5c8c3f27

Download Submit
/data/user/0/com.nightlight.app/no_backup/androidx.work.workdb-wal

Filesize
217KB

MD5
3c957d46afdaccca1fd9b994350ec62f

SHA1
b4b355aff380315d32b07513f0b5d88dc8ace8c1

SHA256
47433bfb3b7831e8b2bcac54fd903de8420e9ec259f54a78dfa6863c464fc265

SHA512
a78ad1e709fc67c77dafff093fe046250fcee06a10d0de6faebb7cadac1d3b282f8c66f4e085f19a25d7ba55154a0ea077e1a5b8f833ae71307134b209dc6949

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/FirebaseAppHeartBeat.xml

Filesize
134B

MD5
dfbe23589071d44733b56553f8ced30f

SHA1
dec17e5c20dbf26c46cbed2125b4c2c54f1bb56d

SHA256
68fdf5508572dcccf3df805f7cfc233a86e26419cf738b779b14c9f6c5836ad5

SHA512
94e58284b6fea123244337af4999bec85493087f95f5ae986fbb3fdec66c73b74f8332abd6577e8279886c46f417a1f97245740770dde682d0a5b3e6cb4a7c2c

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/FirebaseAppHeartBeat.xml

Filesize
188B

MD5
66d53c201c13207572f2e7bc991f6ba5

SHA1
c464a465bbeec71483b732327903e75d3c1e335a

SHA256
f878e78ce4aec2e5ad528c41656a1c69c7504c941369d8ebddabcd4388eaf329

SHA512
2638a88440e6559744ceedace99d64ebd9fd0fe526a95eed75bc4da149d09e3a5e3cd7bc526c87a95936089cb188bd096fc908e5b3f6486c60bb46232910c476

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/FirebaseAppHeartBeat.xml

Filesize
239B

MD5
66d4973d6ce43a809a73bdbb0845306e

SHA1
d68f9eb8c9a87435cfd9bb745f7d9d6facb254cb

SHA256
57028632242f30b8f956fdab42696adfb95759df0e3d19a7ffc9a7aedaaadedc

SHA512
9ef8d75fac434d35047aedc7377db36469f0e3d03fa486a0ebe085a48f48ee93262f866415c37f967eff8356fe590c9516b2c105e943b89fe16909688121bceb

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/com.google.android.gms.appid.xml

Filesize
192B

MD5
1f6f7da4af36c0553673bf85f11446ae

SHA1
7c144df3621c3893d6194ecbf56effc538ce65aa

SHA256
550b3bdfdfb795437f4040917004ec579ef8ee905a8a8ab59355398a3fb0b8a0

SHA512
5f83274121ee7ad0f923dd18584063c0152dd310ea65b0895e703b2e4daf13041de74b8029e42f734964dfa93da864547f787c005f6595e46ea6730144956b16

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/com.google.android.gms.measurement.prefs.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/com.google.android.gms.measurement.prefs.xml

Filesize
449B

MD5
fb6fe3873828ed020b57a4d3b9445aee

SHA1
abfcf5e91c02634014327514f75da42a090c3da9

SHA256
bca794f7a80a046e798a79ddc327718333a7f098c21a60cd520ee04caf90f149

SHA512
3e9505c3d572c2c3c06c7c84e12b293e85e223dc25253928c0f2fc1e27a999394c65a0ae2851db537489551f773b5ee5ddcaa7e7b457b941a11595c612c2db69

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/com.google.android.gms.measurement.prefs.xml

Filesize
122B

MD5
250b4caeba60ddf53228405750ba66ca

SHA1
422ab714feb34e9f3b4f1cbe669887bcd581ddb1

SHA256
2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

SHA512
373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

Download Submit
/data/user/0/com.nightlight.app/shared_prefs/com.google.firebase.crashlytics.xml

Filesize
235B

MD5
98b63e9ca8fce2cbfac808cd0f3663a1

SHA1
6b661e2a9b56cd4ad987f0c48800b5454bacfa02

SHA256
1557f27bedcb10143f52ba7316c14a49f485d094f502ac408864fd99c494c3e9

SHA512
10d042cc809ccbdd5d3ae7f850f1ccf565e904628590dba417052b307b8fd40754581819fe628faa319e7a489e51cc644b73592b7cf13f69ce916ac89be08d96

Download Submit