Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-11-x64

10

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    1024234s
  • max time network
    152s
  • platform
    android_x86
  • resource
    android-x86-arm-20230621-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20230621-enlocale:en-usos:android-9-x86system
  • submitted
    09-07-2023 23:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AntivirusAI136_DZAPK.COM-1.apk

  • Size

    10.4MB

  • MD5

    2281a663acfc3e81cbdb7ede827c2d6d

  • SHA1

    9b13e7d7431a3847f9e1abb3cc793e498c4d86f1

  • SHA256

    44fd5e974fc5c7903d67233ba9e4718b7cc63627a28ba8fe1d2c7ef6eb5f74c4

  • SHA512

    89768d9beb8800a20d506cb40254df9a2259d334979db873d357604ca776b6a4c6fabd537ddf9c517eadb3607618f91b2f288ed66060348fb7037c29e3fd30ca

  • SSDEEP

    196608:LD6T4a110xIPoIeP/ShMIgHUkiBY8dG7iFnu6ToJ+Ov8e1I7ao:L+T4a1CiPMIgHjWvEAnMhs

Score
10/10
diamondfoxbotnetstealer

Malware Config

Signatures

  • DiamondFox

    DiamondFox is a multipurpose botnet with many capabilities.

    botnetstealerdiamondfox
  • DiamondFox stealer 1 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests dangerous framework permissions 3 IoCs

Processes

  • com.protectstar.antivirus
    1⤵
    • Acquires the wake lock.
    PID:4066

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.protectstar.antivirus/cache/volley/-4440143561595694984
    Filesize

    116KB

    MD5

    eea1bca387da7055866c93f1c886873b

    SHA1

    c6c96e82a613c2fbe076a8031409e9ca4b21dae5

    SHA256

    9d88823ce9bcad8a8f9a419e25e6b033a1ee543125b5bcc98039b1a4cd18ae44

    SHA512

    e38d4dfa49d436e8f76deb467cf0d7bcf5adfd206d022ed56c1db2d1ea66e4d704e454af2bdcb005fb8887c4860e53f6ff7127fb7a3dd41be5a087ef1c5aa763

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/-4440143562082814216
    Filesize

    394KB

    MD5

    6895605bdd70eb7c9f992727ceb7b7b2

    SHA1

    7082ec92e5bf1cbfe5dfa4c0fb86aacf6776c6ae

    SHA256

    ca635335169d8fee01308d8970a0dc01b57cf42584ac5569eedce4a6330b8adf

    SHA512

    1f9d7ebae6bc085d37f7a905b963efb229ed5fdc0215a2e92d77a749051f730bf2368ddfa559afaaf9018b4f677a95ad7a6fbf8a67538bdc968fc3c9aab8fd28

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/-504558873-1090045957
    Filesize

    216KB

    MD5

    3b0eca202854a17f70a2b636fefe690a

    SHA1

    79f1e19192e5e48e54b87a8356b01ac7077ec211

    SHA256

    d56b6da771d9c2f0c30ba0fdcafc8e13620d70113c3ffd73c6e6431a3be902ae

    SHA512

    0d5e3769a3570e3ca6bc77298b7959b45013cb681b398ae824f39b24ea4d28da9ea7298e98361b6a64fa6e82fa4a1d0eb67f6c58e485ee2d8eb4526d50a0810d

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/1832329520563655267
    Filesize

    954B

    MD5

    bd2939f87be580b1b5d56fe1872bfc9e

    SHA1

    1eb4f70f3346882ed3846abde9082ce91deb80d3

    SHA256

    67cfe4cdc7d2dd41c98b9eb1a78db019aa60ecc0ecbebf9f7ea26a3107f84e0f

    SHA512

    0d740174fe2a72d1bc2f59c1db14992a8e089e4b67419b59b7b622ea186bb2854e38bb3ebaa48b8d16ad2261e0e5e5cde68a4b8b60d6033a1250d9dc78ea5526

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal
    Filesize

    524B

    MD5

    1a0e79ed99d1057d75c96d6e71f6ed1b

    SHA1

    d57b85fca5b3b800a2ff04760d6b030c833e0aa9

    SHA256

    773243d19fa0c1833958aab05ac02557bd50fc08c86903a81687c240a2d10ec2

    SHA512

    6386543fa0102b403f1f215d55bcd4b003e6b363b83202ff680d48dbfad559a9ecc0713710e6ecb0405241e6918c12c413c1888b2434b73a5d8863b2b8c9910b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    864c1178a4715207c2b5834f735680dc

    SHA1

    35306aa3dba8807aaeece144e5c9c0cce00fb32d

    SHA256

    aba089cbfa9efd4b20cc48b8d03a6f67b84fb2a6249453de7e9f898a7f288da3

    SHA512

    fde8d01e67d1b97849bad7fe63cfdfce2d8cebb37dc4a6f41d3917f3c4089ec7c51e1432db531a6d01d0693e20c2096f4014e3cb8316a6afbc9cad5bfdf3825a

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/initialization_marker
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB46A200AE00010FE2E49B50929161/keys
    Filesize

    15B

    MD5

    573f30909f4bf560971e1115453c34fc

    SHA1

    239ea999a5ff1fda1652483298fcea2627e76269

    SHA256

    b0c0f5f2345c11fcf39b8528bc21c9a0a767d5061bb2ed0d7ebcd0552d8fa847

    SHA512

    8cf5df41225b624953669de573c71b5fe87c63ac0c566d7a7b9674e5bd9c2c83cad46feec39841a724512098969f28bd86733f2ed00940364fa490c80ccfac91

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB46A200AE00010FE2E49B50929161/report
    Filesize

    754B

    MD5

    11f3e917654b741e244f129d5c5424b6

    SHA1

    717b5ad4c7d087d0cd1c4b6144e437c171e9e131

    SHA256

    188d72e46eac41fb09d25e7059beef9a1594f3e6f267a834e806171b4eed4702

    SHA512

    f8d5c8ceeedc13785ab0ef1563d50fedc47ca9a31b2326405598ca8b2e45c234638062c68b543946b0f566db57935f2c4a68bf339bea1f44cde0608d48db853c

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB46A200AE00010FE2E49B50929161/start-time
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/PersistedInstallation520669285476122170tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/PersistedInstallation623899643699475613tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/generatefid.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/no_backup/com.google.android.gms.appid-no-backup
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/origin.apk
    Filesize

    5.5MB

    MD5

    64bce546d5b79b78e6688420945edf87

    SHA1

    665cd42c9831d0510db5756c004911c5b71a99cb

    SHA256

    75078c407ef53a9433ecbdd76f49002a8a5bdc9df0da65ef0bc6040c6bce7dab

    SHA512

    20c50c51b18bc7f1f281ecdff81e1395ec82a22d12b4a28cb9bf69fee56cf0b7059939f0542c545e8419a32ce158a6300901944f50364f51be33a4995c2399c9

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
    Filesize

    124B

    MD5

    1d790b5b0847155e79632975b9530cd9

    SHA1

    63ddf7b560bc9be6077360e8d0df37a26101ccc9

    SHA256

    5f259f2850a11e4d812452a29396645dce733036dddbd6b84f69cd8fe5347e5a

    SHA512

    e09813f01a37ee3d64a452c8d4964d941e4ca669e9918a4539a37e2fbd6adeb2de3276bf11551c531e5ce7521158a64187d1a7fef7c8db3e41bf0d7b52a4c682

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
    Filesize

    590B

    MD5

    4ee660fef3c8cdca33c6a3465acc6458

    SHA1

    65f42158627d94d0b442be708df490ff4cf868ad

    SHA256

    0668a8be966049719d15169a8794194fcff0335099e776725cb56e2ca86bc805

    SHA512

    d8c7da257e5500cbf08d11602f136ef09b5223a113b12616dae0389ad60895e2ff9175720fbf93d0f834ae1dc0c0c3e6ccc34911459154dbcf624dd405617be4

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.appid.xml
    Filesize

    389B

    MD5

    cb4f6fddc211ea186c7d97ed8b56793b

    SHA1

    027b1b3fea0db1f76678afc862d787652955ee88

    SHA256

    e929b3e7d39e8306abf5d0c785530306786cce668c062d58c030deba2bbd90ae

    SHA512

    1ef0357430e7506d899b39ccba8bc32c475b2ea44ffeb9abed6e0fdf4fc37806984b0438a7ccfacab7d9e17de0a95026298e9fc7aecd35ed51779e97e01fc66b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml
    Filesize

    122B

    MD5

    250b4caeba60ddf53228405750ba66ca

    SHA1

    422ab714feb34e9f3b4f1cbe669887bcd581ddb1

    SHA256

    2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

    SHA512

    373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml
    Filesize

    455B

    MD5

    60652c25de8cf3e75c396d08acc7197d

    SHA1

    75d212a722a10d950365b5b19f456264b387bae7

    SHA256

    5203aaa0e777929dec3c77a5861d6fcc29228601529d10963bcaaa06dae37c74

    SHA512

    97ad9308cac8c6f611cd6d50bf35d4509a583b38b212e8c6fa312cbde9617fba3d3029c81824e98785f65acd8df42becfa1490d0a88b13042849f66439b83070

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml
    Filesize

    235B

    MD5

    ffafc41f6d5d72cc688eaa53c5b04087

    SHA1

    64e738de9f30f32e2005a7b3ea2a2811fbe13a21

    SHA256

    3710eba6db135c34a0af562ff6763d10c872de3930a4b8dc42b7b2c6484e0331

    SHA512

    bd6ea03f12364a5839895cba0cce6fa785b5bb63c8cce975e6c1d3a9a2829830e3082ff95faa0642d1c6f5c2a3efb8e076e8872dfac6f9f99788e87e30924028

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml
    Filesize

    311B

    MD5

    088de44173075f4458493dd6c08b9941

    SHA1

    ab2cad7587195f41b4c57118cc60f63f73351c11

    SHA256

    ec02b52d610f9a3fbde6cee27be236644430f6e81cc0e3b4aa8f1a5e5511fc01

    SHA512

    4eb1a2f63e0ae5d4713ed983b68ebd384a1d14deec42a1a9f8a29b541b887c2f637081833d7852d12d4a1d1fd5518e45610d4cd6d784c71862130c5f4927286f

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.protectstar.antivirus_preferences.xml
    Filesize

    194B

    MD5

    c78c495cf44504f575a670dc6bafda86

    SHA1

    77355bef2e78059d7a321dae6c6a56670bae772f

    SHA256

    645640a89ddef96bd44650003d2906d1395e1c59949afc10365d4affafac2831

    SHA512

    b166a79883696f8ce4c51132c4adf08ea99a7f6cd13c9ff55fc7026a6480bde3b9be64de96bdd51284974b1675ac9b46f528602b05de0e86b1d363b6a525a3b3

    Download Submit