Analysis

  • max time kernel
    1073421s
  • max time network
    133s
  • platform
    android_x64
  • resource
    android-x64-arm64-20230621-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system
  • submitted
    10-07-2023 13:24

General

  • Target

    AntivirusAI136DZAPKCOM1ap.apk

  • Size

    10.4MB

  • MD5

    2281a663acfc3e81cbdb7ede827c2d6d

  • SHA1

    9b13e7d7431a3847f9e1abb3cc793e498c4d86f1

  • SHA256

    44fd5e974fc5c7903d67233ba9e4718b7cc63627a28ba8fe1d2c7ef6eb5f74c4

  • SHA512

    89768d9beb8800a20d506cb40254df9a2259d334979db873d357604ca776b6a4c6fabd537ddf9c517eadb3607618f91b2f288ed66060348fb7037c29e3fd30ca

  • SSDEEP

    196608:LD6T4a110xIPoIeP/ShMIgHUkiBY8dG7iFnu6ToJ+Ov8e1I7ao:L+T4a1CiPMIgHjWvEAnMhs

Score
7/10

Malware Config

Signatures

  • Acquires the wake lock. 1 IoCs
  • Requests dangerous framework permissions 3 IoCs

Processes

  • com.protectstar.antivirus
    1⤵
    • Acquires the wake lock.
    PID:4610

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events

    Filesize

    144KB

    MD5

    c991e80bc396d7e9d84f943c8937603a

    SHA1

    247cfd69fb168ccc74adf85f32bcccec988795fe

    SHA256

    af2bdfa4523d041815caad3f42a259583d41a2fad04a4a4a2f3641aa75e41683

    SHA512

    cecbe1ab89eda85c87ce57fcc55191402c7df6c72fc41dd80ea35d07e2404427cdb127427d4571b623e697b695e0c41368d3e8ff92d52bade3643b901391d4e7

  • /data/user/0/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal

    Filesize

    1KB

    MD5

    2fcfc8926cdb942eaf0765a48429ed2f

    SHA1

    c5cf3793f0088e3da892e2cce3cbb89de1e03d15

    SHA256

    42b5e99e91627d7931d5d2e2d4e0ee9b308a6f7048fd4d2e4fa70904d5b6f583

    SHA512

    5ad26b530d23d60a0382817b26a12de76680f9ac26eb60ab5414f3d36266c7bb27a05b9d49d5aef76248ae424be2f94b8a4553c5ec5b51283b867954adc12dbe

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AC069C032700011202202B0A90A6C5/keys

    Filesize

    15B

    MD5

    573f30909f4bf560971e1115453c34fc

    SHA1

    239ea999a5ff1fda1652483298fcea2627e76269

    SHA256

    b0c0f5f2345c11fcf39b8528bc21c9a0a767d5061bb2ed0d7ebcd0552d8fa847

    SHA512

    8cf5df41225b624953669de573c71b5fe87c63ac0c566d7a7b9674e5bd9c2c83cad46feec39841a724512098969f28bd86733f2ed00940364fa490c80ccfac91

  • /data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AC069C032700011202202B0A90A6C5/report

    Filesize

    756B

    MD5

    c8b163f68acb0489fa28abf1867db325

    SHA1

    59448a4f69f8a2c78f59dbecf929dc55b98cfe21

    SHA256

    c87bce5f9cd6557b20e82921b0e25bb7c9a6b1c72266b026543b0ea3689b38b6

    SHA512

    87f4aff0e09371b8f9eae1a2c3ec417f5ea80c67884561b4a6a029647481ba88f1fc07b01d620f505050784b8130de051e8d30a4ae9186d98979e0bac8e810ce

  • /data/user/0/com.protectstar.antivirus/origin.apk

    Filesize

    5.5MB

    MD5

    64bce546d5b79b78e6688420945edf87

    SHA1

    665cd42c9831d0510db5756c004911c5b71a99cb

    SHA256

    75078c407ef53a9433ecbdd76f49002a8a5bdc9df0da65ef0bc6040c6bce7dab

    SHA512

    20c50c51b18bc7f1f281ecdff81e1395ec82a22d12b4a28cb9bf69fee56cf0b7059939f0542c545e8419a32ce158a6300901944f50364f51be33a4995c2399c9

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml

    Filesize

    590B

    MD5

    616e8f2a609c4790839bdf4d79c32e0b

    SHA1

    33cda168b0a9f7924d31b1fc049f3b0247953088

    SHA256

    5ff901a488a319b874121a9dc2e1df21be31b917d3740d9fb093981f3d61ad25

    SHA512

    a12fa14b9542858060051075a032a0d2283a09e098590933ad5037f8269a9aed23ca348ca21a512964166754bd9de498ee5bbeaf4dcf7cf625deb667099c25bd

  • /data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml

    Filesize

    124B

    MD5

    719f651334a2df315fe9c1d9a90ddddf

    SHA1

    4824f840daa5745f5f2f015242a95213010d9228

    SHA256

    e95fb0c861ae7a830e3ba62369ba5ebda961e2e616688b904c888397fdd1e23e

    SHA512

    522c320ef36251aa365624bc882fed075eeb57c88c9b2bbb8953fb013b11dffeff5525b463f4c78624e973c385ad40a08488ba974eceb91fe465de4c0dc74ccb

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.appid.xml

    Filesize

    389B

    MD5

    c656d44c7f41c450fb18dc42741110d7

    SHA1

    a8e3af6bcc7b64fb3dc44cb7cd015266a9f52f25

    SHA256

    3723a27dd1b1a3360227b96bfd2562f40fdb5449cfd5db8e908a1bc59a98ab9f

    SHA512

    d03669b7a1e2d6c558746d140e0e6206edc7e383c45040ccdca30ead23a65e3ab9f4ae226612e43ecc3da506c0f197af0d70573762b3e72617cc3163ce444087

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml

    Filesize

    122B

    MD5

    250b4caeba60ddf53228405750ba66ca

    SHA1

    422ab714feb34e9f3b4f1cbe669887bcd581ddb1

    SHA256

    2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e

    SHA512

    373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml

    Filesize

    180B

    MD5

    4a24f4ab6584fe097cff0ac91d3ae90c

    SHA1

    f229535811ce9247efc1d97a65c4c67453877e8f

    SHA256

    db22a54b9bbdd7b5ecf1fa8a29ab9c1aec735e46279acaa2cdf87c7d88845bc5

    SHA512

    bcfca93749b31196f98f984a67993d1a86f9850858a3846b7a362b82ad4d6132f4183f2eb9b11825ab33c5cfdf63e884c0228a757aeda4907a5219b1647fb3ee

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.android.gms.measurement.prefs.xml

    Filesize

    462B

    MD5

    dd6e9c66a12893da0f4b4495a0ad41a4

    SHA1

    bfb60ec3d75d1e8d976a6be3c25d76bb5cd581c8

    SHA256

    4ba0e3eb04d7c541d49bf4a103ce2b02a41512ba71bf015c9e7eeabadd2305bb

    SHA512

    7183dc4a096bd425dcefd2183966f8f93d25bd5b813cd041c59af283c2cd4c8870fd44fff2e991aae1d2f26b3bbf6e18d41b149c66b7b7d2768a46f28a57d898

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml

    Filesize

    311B

    MD5

    084bb1a9931e2c4de4e934be3d5c6a94

    SHA1

    b104dce015a85afce248edecab46707801fa5656

    SHA256

    b7d9635dcb8bfdd9f3b560635e587e726f67ef0b97bcf3cf68e2ea61a441166f

    SHA512

    3e546e58a51763961394b081b4812a24fa5df400621b943bf083d86bdfdd481275f9d0f8c5f4929555e7bc77caac1b344a323c2ddc60140c8693f8d1a8f09d04

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.crashlytics.xml

    Filesize

    235B

    MD5

    e22c7d687bbe1a37be660e14d2ada7b9

    SHA1

    c662c3dc0541178e132350f7166586e7597f9aba

    SHA256

    1595e8c06afdd16d0042fa3052317cd5560930c66a8fcafeee204cdeafb0e161

    SHA512

    a57cf6860a9f4595e091b54e2b3e4d4e060bcbc92993820d9c0a2e5dea556c5c1833eb164dcbc611939535a61ffba1c439f3331e99abcdc7cb6e5c01e81febea

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.google.firebase.messaging.xml

    Filesize

    137B

    MD5

    d6b32b6f7842c43a69d96e6bbc0f951e

    SHA1

    f09a77cc001d93e3386c5cd436a79ee29a46da6f

    SHA256

    5d262a249d4523aa6285643f3e7d110697e3aa653bf68909d3a56f4fad151a75

    SHA512

    e15f4e2d36a163ee62904a7d8e07ff792adde9992607f82b663df8047483283334eb2d7d6643aaca4395e11e9c1ffc51f8b3cad45b19922f31bdccdcd898ee56

  • /data/user/0/com.protectstar.antivirus/shared_prefs/com.protectstar.antivirus_preferences.xml

    Filesize

    194B

    MD5

    c78c495cf44504f575a670dc6bafda86

    SHA1

    77355bef2e78059d7a321dae6c6a56670bae772f

    SHA256

    645640a89ddef96bd44650003d2906d1395e1c59949afc10365d4affafac2831

    SHA512

    b166a79883696f8ce4c51132c4adf08ea99a7f6cd13c9ff55fc7026a6480bde3b9be64de96bdd51284974b1675ac9b46f528602b05de0e86b1d363b6a525a3b3