Overview

overview

10

Static

static

7

AntivirusA...-1.apk

android-9-x86

10

AntivirusA...-1.apk

android-10-x64

7

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

1

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

origin.apk

android-9-x86

origin.apk

android-10-x64

origin.apk

android-11-x64

disclosure.html

windows7-x64

1

disclosure.html

windows10-2004-x64

5

myps_policy.html

windows7-x64

1

myps_policy.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

policy.html

windows7-x64

1

policy.html

windows10-2004-x64

1

vpnservice.html

windows7-x64

1

vpnservice.html

windows10-2004-x64

1

Analysis

  • max time kernel
    1024487s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20230621-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20230621-enlocale:en-usos:android-9-x86system
  • submitted
    09-07-2023 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AntivirusAI136_DZAPK.COM-1.apk

  • Size

    10.4MB

  • MD5

    2281a663acfc3e81cbdb7ede827c2d6d

  • SHA1

    9b13e7d7431a3847f9e1abb3cc793e498c4d86f1

  • SHA256

    44fd5e974fc5c7903d67233ba9e4718b7cc63627a28ba8fe1d2c7ef6eb5f74c4

  • SHA512

    89768d9beb8800a20d506cb40254df9a2259d334979db873d357604ca776b6a4c6fabd537ddf9c517eadb3607618f91b2f288ed66060348fb7037c29e3fd30ca

  • SSDEEP

    196608:LD6T4a110xIPoIeP/ShMIgHUkiBY8dG7iFnu6ToJ+Ov8e1I7ao:L+T4a1CiPMIgHjWvEAnMhs

Score
10/10
diamondfoxbotnetstealer

Malware Config

Signatures

  • DiamondFox

    DiamondFox is a multipurpose botnet with many capabilities.

    botnetstealerdiamondfox
  • DiamondFox stealer 1 IoCs
  • Acquires the wake lock. 1 IoCs
  • Requests dangerous framework permissions 3 IoCs

Processes

  • com.protectstar.antivirus
    1⤵
    • Acquires the wake lock.
    PID:4166

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.protectstar.antivirus/cache/volley/-4440143561595694984
    Filesize

    116KB

    MD5

    02094985122eb9cf8668bbbad8c4bece

    SHA1

    4d13b0536bb7736f8b2e1d1ca6642f2daf031943

    SHA256

    04853ee71e8529535a935465722a146ea4518d9020e43431396829814cc0a9db

    SHA512

    3292ea9c84a7dfeb5b45db4b76c7c7c3ad39a7db7b42f4bcb62e4f93f79bd5a236cead666a5635492b47eeeb588b4744236c257ccdb0f2bf9b9209db6aff5164

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/-4440143562082814216
    Filesize

    394KB

    MD5

    d60d8a066d43ae90744e7e6a7f7fe327

    SHA1

    34cb4bee29f2fc0882fb3d7a8644928c16ceefb4

    SHA256

    aeb8a072a78b9792d149a2ee2697d803f0ac5b1d7e434782feaf30dd4ba40108

    SHA512

    31656406f4fcecbbe07e98774df07d648a7469a4ed956ed05fefcfb876f817057c07edd8d69d735013f3650d711e1f396001a66c7b8e73d89b265c0de7cf4c18

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/-504558873-1090045957
    Filesize

    216KB

    MD5

    eb72224d4fca301030b6df1398d62c67

    SHA1

    2e7f1509201f9ae59474f73f1ef0af6fab6a73da

    SHA256

    3fb0f56c90deba0d661ce42f4f08cf29c34d6e5f7523149716346bbf1df5ad83

    SHA512

    93958d00575b73a964e9fdc90f63b9d169cebf3110020df1646cbdf88909ae03ee8a139e22641ee1b3e07ab8b2396522456204462ff687970e7215b844eb7b77

    Download Submit

  • /data/user/0/com.protectstar.antivirus/cache/volley/1832329520563655267
    Filesize

    954B

    MD5

    0c2ad2ccd93ff5ac4a23f2bc7a54da09

    SHA1

    4bdb90afd323ac64d02bfb21fcfb6ada80be1320

    SHA256

    10e7b18bda7c6aac824e814d9dda181715d6bfec5fc320761f7e5104db57abe7

    SHA512

    7380bae30e4d6b43e54d43155a34bde310f1a5f7a5765784c549b2dcf8b076629821582cb3470fa3f6fbce5cbd16d3d3b84aaf1f80028ca19294582326ef23c9

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal
    Filesize

    524B

    MD5

    143f89a4fe44049276e48593d6af4034

    SHA1

    b2a9f25d0f1398a005f0ec732f6c2deb16ec16d3

    SHA256

    7898521727b6a5fbcacc110cc532f1e3aaa81d239a58a96f5f041f5c3072b518

    SHA512

    b74f9b02b4ad54bfc0ac1b45bbde4914751bccd0c7a5ffd490c66d88ea5235207564a6cf765f1557112e53df018f7ff5af10515629da5b15651c0d6ecf0845b3

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-shm
    Filesize

    8B

    MD5

    7dea362b3fac8e00956a4952a3d4f474

    SHA1

    05fe405753166f125559e7c9ac558654f107c7e9

    SHA256

    af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

    SHA512

    1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-wal
    Filesize

    68KB

    MD5

    44a44c9e8b8f5a3e9a384af54b352c26

    SHA1

    2b7b9f1a821fe037ff552a07dea3e3c1068704b4

    SHA256

    7ff787c626a9aa15e7b5e2b6b7bcad569174c6586027d33a73ac66ec3ce306e2

    SHA512

    6b171268b8be4d9ae2671347d91446a7a30bde427fdc712ed1229b5daab18d2c7b244024a4104e9f0c0d868b1993ce5a119e194050c3bba9cb10948b4b67037b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/initialization_marker
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB47A000B0000110469D66F44FE06D/keys
    Filesize

    15B

    MD5

    573f30909f4bf560971e1115453c34fc

    SHA1

    239ea999a5ff1fda1652483298fcea2627e76269

    SHA256

    b0c0f5f2345c11fcf39b8528bc21c9a0a767d5061bb2ed0d7ebcd0552d8fa847

    SHA512

    8cf5df41225b624953669de573c71b5fe87c63ac0c566d7a7b9674e5bd9c2c83cad46feec39841a724512098969f28bd86733f2ed00940364fa490c80ccfac91

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB47A000B0000110469D66F44FE06D/report
    Filesize

    754B

    MD5

    918a32a318e653c78014c3faf8297d71

    SHA1

    18387f217671579eaf51eaa47fe4f9873b87e5ae

    SHA256

    01ad5a5c91bd2449fea390fc8a6f6429f49fccf148971f2118b471eaa9913b60

    SHA512

    56e51a1863fce9ace5bfdb9ca748d3be6341399f8ebdfc5acbb59fd74d32e454576ebe81609e45b09644e59e0502c998d7285e026dd6f55ddd1ffbfb5a0c1941

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AB47A000B0000110469D66F44FE06D/start-time
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/PersistedInstallation1351932403161364956tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/PersistedInstallation5066513914448934977tmp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/files/generatefid.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/no_backup/com.google.android.gms.appid-no-backup
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • /data/user/0/com.protectstar.antivirus/origin.apk
    Filesize

    5.5MB

    MD5

    64bce546d5b79b78e6688420945edf87

    SHA1

    665cd42c9831d0510db5756c004911c5b71a99cb

    SHA256

    75078c407ef53a9433ecbdd76f49002a8a5bdc9df0da65ef0bc6040c6bce7dab

    SHA512

    20c50c51b18bc7f1f281ecdff81e1395ec82a22d12b4a28cb9bf69fee56cf0b7059939f0542c545e8419a32ce158a6300901944f50364f51be33a4995c2399c9

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
    Filesize

    124B

    MD5

    f66b059bac6abc02331d684b8655caca

    SHA1

    3344a9c1dbb3783f299e26129108e2a110d8ae3b

    SHA256

    7e2819cb3fe549fa08df7fbd1991f79457f670fc9ec5ce898cb916471d744540

    SHA512

    9ffcd8f42dc6666b485ee6519f1744a2b2e3d465d76d2a32dc819f1f8e8af0ccd104fc2e72a9389827db674d4a84ac234bfdcdb978bcc65c12bfe773ee8acd38

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
    Filesize

    590B

    MD5

    a521b8a171cd048683317508aefd61e6

    SHA1

    49a31aa90473b33bce7288cf738e218e31c71cd4

    SHA256

    2d6757410c71cd28a31d63c1b184250b65d4ce3e97556cf00789318f1a08d0ab

    SHA512

    ab4437e71808a3efdece5dd5c31e231f5b23fb9d00d5425e370cc8252795e10b74c2779d8aa2623c00466ca5bb268dc9b2cf6203534e6c4c310f4a7e3269c1ec

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.appid.xml
    Filesize

    389B

    MD5

    0a549850b119aa5e80b27a1e9718c7c6

    SHA1

    3be7f3c3413fe58e8cfa3e02c74f4477c34495f2

    SHA256

    862cc193435be4d9c4ec2868b26c114094113482473a2adf6b0da165bf67909c

    SHA512

    de644fa7a51663fac969de3cae254f24823a07fd15dcacae28610ff4231023be57b49f2860a0bd34ce8dc5aba5aab864013a8e770c2bdbcf71e692bade15166b

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml
    Filesize

    122B

    MD5

    250b4caeba60ddf53228405750ba66ca

    SHA1

    422ab714feb34e9f3b4f1cbe669887bcd581ddb1

    SHA256

    2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

    SHA512

    373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml
    Filesize

    456B

    MD5

    aa721e5fa4a9dd783df8bdf9dc860c34

    SHA1

    04f92b519a8669f8d5d3cdc225b9ef9b4e6cef7e

    SHA256

    c89d90e9eb0cff8b276c6903e4119475002ed06466f964ce9228d02e502fd900

    SHA512

    8e761461c8aa0ffe4e6e0fdc6d4b51936c895f8433d9139f3075c6a4025f7d45a73eb0d1f3b8a2e1344f15bebfe4353e804325885a38b9cb7ea438e59697c1e9

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml
    Filesize

    235B

    MD5

    9fbd838277089ad13c18db3d61f67377

    SHA1

    48b5a14d563ce331b925c2b6bc47f1fa1d6bbe1d

    SHA256

    7a5921292b46553bac32b1b9b6c0e4148a6458f9c853b1334622e06b978c3b5d

    SHA512

    6beb5db66139fec8a9946e302140376bf0ededa285b6d2e7433007066880fd5df241ff5c760025f607ced7379263b0b34c61195041c4827505255310bcdb4ca3

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml
    Filesize

    311B

    MD5

    2717f53bc2b81c1b005d8b30851ae9bc

    SHA1

    42e2b4d5f227aaa1a17a9b44fc011016a416e793

    SHA256

    ad75d67610b101097998b3293bbfddddcd12e5c69a7c5afefbd8e823e59622e6

    SHA512

    052caa2bf06cdab5c9b458b887a86e01388585e38545fc154daaf09b075005b1c674732b60de153f0585ba87f5513692d1f50cd09dbafb7f7a2fa759f73f6222

    Download Submit

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.protectstar.antivirus_preferences.xml
    Filesize

    194B

    MD5

    c78c495cf44504f575a670dc6bafda86

    SHA1

    77355bef2e78059d7a321dae6c6a56670bae772f

    SHA256

    645640a89ddef96bd44650003d2906d1395e1c59949afc10365d4affafac2831

    SHA512

    b166a79883696f8ce4c51132c4adf08ea99a7f6cd13c9ff55fc7026a6480bde3b9be64de96bdd51284974b1675ac9b46f528602b05de0e86b1d363b6a525a3b3

    Download Submit