Overview
overview
10Static
static
7AntivirusA...ap.apk
android-9-x86
10AntivirusA...ap.apk
android-11-x64
7disclosure.html
windows7-x64
1disclosure.html
windows10-2004-x64
1myps_policy.html
windows7-x64
1myps_policy.html
windows10-2004-x64
1origin.apk
android-9-x86
origin.apk
android-10-x64
origin.apk
android-11-x64
disclosure.html
windows7-x64
1disclosure.html
windows10-2004-x64
1myps_policy.html
windows7-x64
1myps_policy.html
windows10-2004-x64
1policy.html
windows7-x64
1policy.html
windows10-2004-x64
1vpnservice.html
windows7-x64
1vpnservice.html
windows10-2004-x64
1policy.html
windows7-x64
1policy.html
windows10-2004-x64
1vpnservice.html
windows7-x64
1vpnservice.html
windows10-2004-x64
1Analysis
-
max time kernel
1073421s -
max time network
133s -
platform
android_x64 -
resource
android-x64-arm64-20230621-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20230621-enlocale:en-usos:android-11-x64system -
submitted
10-07-2023 13:24
Static task
static1
Behavioral task
behavioral1
Sample
AntivirusAI136DZAPKCOM1ap.apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral2
Sample
AntivirusAI136DZAPKCOM1ap.apk
Resource
android-x64-arm64-20230621-en
Behavioral task
behavioral3
Sample
disclosure.html
Resource
win7-20230703-en
Behavioral task
behavioral4
Sample
disclosure.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
myps_policy.html
Resource
win7-20230703-en
Behavioral task
behavioral6
Sample
myps_policy.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral7
Sample
origin.apk
Resource
android-x86-arm-20230621-en
Behavioral task
behavioral8
Sample
origin.apk
Resource
android-x64-20230621-en
Behavioral task
behavioral9
Sample
origin.apk
Resource
android-x64-arm64-20230621-en
Behavioral task
behavioral10
Sample
disclosure.html
Resource
win7-20230703-en
Behavioral task
behavioral11
Sample
disclosure.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral12
Sample
myps_policy.html
Resource
win7-20230703-en
Behavioral task
behavioral13
Sample
myps_policy.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral14
Sample
policy.html
Resource
win7-20230703-en
Behavioral task
behavioral15
Sample
policy.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral16
Sample
vpnservice.html
Resource
win7-20230703-en
Behavioral task
behavioral17
Sample
vpnservice.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral18
Sample
policy.html
Resource
win7-20230703-en
Behavioral task
behavioral19
Sample
policy.html
Resource
win10v2004-20230703-en
Behavioral task
behavioral20
Sample
vpnservice.html
Resource
win7-20230703-en
Behavioral task
behavioral21
Sample
vpnservice.html
Resource
win10v2004-20230703-en
General
-
Target
AntivirusAI136DZAPKCOM1ap.apk
-
Size
10.4MB
-
MD5
2281a663acfc3e81cbdb7ede827c2d6d
-
SHA1
9b13e7d7431a3847f9e1abb3cc793e498c4d86f1
-
SHA256
44fd5e974fc5c7903d67233ba9e4718b7cc63627a28ba8fe1d2c7ef6eb5f74c4
-
SHA512
89768d9beb8800a20d506cb40254df9a2259d334979db873d357604ca776b6a4c6fabd537ddf9c517eadb3607618f91b2f288ed66060348fb7037c29e3fd30ca
-
SSDEEP
196608:LD6T4a110xIPoIeP/ShMIgHUkiBY8dG7iFnu6ToJ+Ov8e1I7ao:L+T4a1CiPMIgHjWvEAnMhs
Malware Config
Signatures
-
Acquires the wake lock. 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.protectstar.antivirus -
Requests dangerous framework permissions 3 IoCs
description ioc Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an app to post notifications. android.permission.POST_NOTIFICATIONS
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
144KB
MD5c991e80bc396d7e9d84f943c8937603a
SHA1247cfd69fb168ccc74adf85f32bcccec988795fe
SHA256af2bdfa4523d041815caad3f42a259583d41a2fad04a4a4a2f3641aa75e41683
SHA512cecbe1ab89eda85c87ce57fcc55191402c7df6c72fc41dd80ea35d07e2404427cdb127427d4571b623e697b695e0c41368d3e8ff92d52bade3643b901391d4e7
-
Filesize
1KB
MD52fcfc8926cdb942eaf0765a48429ed2f
SHA1c5cf3793f0088e3da892e2cce3cbb89de1e03d15
SHA25642b5e99e91627d7931d5d2e2d4e0ee9b308a6f7048fd4d2e4fa70904d5b6f583
SHA5125ad26b530d23d60a0382817b26a12de76680f9ac26eb60ab5414f3d36266c7bb27a05b9d49d5aef76248ae424be2f94b8a4553c5ec5b51283b867954adc12dbe
-
/data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AC069C032700011202202B0A90A6C5/keys
Filesize15B
MD5573f30909f4bf560971e1115453c34fc
SHA1239ea999a5ff1fda1652483298fcea2627e76269
SHA256b0c0f5f2345c11fcf39b8528bc21c9a0a767d5061bb2ed0d7ebcd0552d8fa847
SHA5128cf5df41225b624953669de573c71b5fe87c63ac0c566d7a7b9674e5bd9c2c83cad46feec39841a724512098969f28bd86733f2ed00940364fa490c80ccfac91
-
/data/user/0/com.protectstar.antivirus/files/.com.google.firebase.crashlytics.files.v2:com.protectstar.antivirus/open-sessions/64AC069C032700011202202B0A90A6C5/report
Filesize756B
MD5c8b163f68acb0489fa28abf1867db325
SHA159448a4f69f8a2c78f59dbecf929dc55b98cfe21
SHA256c87bce5f9cd6557b20e82921b0e25bb7c9a6b1c72266b026543b0ea3689b38b6
SHA51287f4aff0e09371b8f9eae1a2c3ec417f5ea80c67884561b4a6a029647481ba88f1fc07b01d620f505050784b8130de051e8d30a4ae9186d98979e0bac8e810ce
-
Filesize
5.5MB
MD564bce546d5b79b78e6688420945edf87
SHA1665cd42c9831d0510db5756c004911c5b71a99cb
SHA25675078c407ef53a9433ecbdd76f49002a8a5bdc9df0da65ef0bc6040c6bce7dab
SHA51220c50c51b18bc7f1f281ecdff81e1395ec82a22d12b4a28cb9bf69fee56cf0b7059939f0542c545e8419a32ce158a6300901944f50364f51be33a4995c2399c9
-
/data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
Filesize590B
MD5616e8f2a609c4790839bdf4d79c32e0b
SHA133cda168b0a9f7924d31b1fc049f3b0247953088
SHA2565ff901a488a319b874121a9dc2e1df21be31b917d3740d9fb093981f3d61ad25
SHA512a12fa14b9542858060051075a032a0d2283a09e098590933ad5037f8269a9aed23ca348ca21a512964166754bd9de498ee5bbeaf4dcf7cf625deb667099c25bd
-
/data/user/0/com.protectstar.antivirus/shared_prefs/FirebaseHeartBeatW0RFRkFVTFRd+MToxMDc1MjQ2MjI0OTk5OmFuZHJvaWQ6ZGEwYjliODY5YTAyMjNhNjk2YTZjMg.xml
Filesize124B
MD5719f651334a2df315fe9c1d9a90ddddf
SHA14824f840daa5745f5f2f015242a95213010d9228
SHA256e95fb0c861ae7a830e3ba62369ba5ebda961e2e616688b904c888397fdd1e23e
SHA512522c320ef36251aa365624bc882fed075eeb57c88c9b2bbb8953fb013b11dffeff5525b463f4c78624e973c385ad40a08488ba974eceb91fe465de4c0dc74ccb
-
Filesize
389B
MD5c656d44c7f41c450fb18dc42741110d7
SHA1a8e3af6bcc7b64fb3dc44cb7cd015266a9f52f25
SHA2563723a27dd1b1a3360227b96bfd2562f40fdb5449cfd5db8e908a1bc59a98ab9f
SHA512d03669b7a1e2d6c558746d140e0e6206edc7e383c45040ccdca30ead23a65e3ab9f4ae226612e43ecc3da506c0f197af0d70573762b3e72617cc3163ce444087
-
Filesize
122B
MD5250b4caeba60ddf53228405750ba66ca
SHA1422ab714feb34e9f3b4f1cbe669887bcd581ddb1
SHA2562478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e
SHA512373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb
-
Filesize
180B
MD54a24f4ab6584fe097cff0ac91d3ae90c
SHA1f229535811ce9247efc1d97a65c4c67453877e8f
SHA256db22a54b9bbdd7b5ecf1fa8a29ab9c1aec735e46279acaa2cdf87c7d88845bc5
SHA512bcfca93749b31196f98f984a67993d1a86f9850858a3846b7a362b82ad4d6132f4183f2eb9b11825ab33c5cfdf63e884c0228a757aeda4907a5219b1647fb3ee
-
Filesize
462B
MD5dd6e9c66a12893da0f4b4495a0ad41a4
SHA1bfb60ec3d75d1e8d976a6be3c25d76bb5cd581c8
SHA2564ba0e3eb04d7c541d49bf4a103ce2b02a41512ba71bf015c9e7eeabadd2305bb
SHA5127183dc4a096bd425dcefd2183966f8f93d25bd5b813cd041c59af283c2cd4c8870fd44fff2e991aae1d2f26b3bbf6e18d41b149c66b7b7d2768a46f28a57d898
-
Filesize
311B
MD5084bb1a9931e2c4de4e934be3d5c6a94
SHA1b104dce015a85afce248edecab46707801fa5656
SHA256b7d9635dcb8bfdd9f3b560635e587e726f67ef0b97bcf3cf68e2ea61a441166f
SHA5123e546e58a51763961394b081b4812a24fa5df400621b943bf083d86bdfdd481275f9d0f8c5f4929555e7bc77caac1b344a323c2ddc60140c8693f8d1a8f09d04
-
Filesize
235B
MD5e22c7d687bbe1a37be660e14d2ada7b9
SHA1c662c3dc0541178e132350f7166586e7597f9aba
SHA2561595e8c06afdd16d0042fa3052317cd5560930c66a8fcafeee204cdeafb0e161
SHA512a57cf6860a9f4595e091b54e2b3e4d4e060bcbc92993820d9c0a2e5dea556c5c1833eb164dcbc611939535a61ffba1c439f3331e99abcdc7cb6e5c01e81febea
-
Filesize
137B
MD5d6b32b6f7842c43a69d96e6bbc0f951e
SHA1f09a77cc001d93e3386c5cd436a79ee29a46da6f
SHA2565d262a249d4523aa6285643f3e7d110697e3aa653bf68909d3a56f4fad151a75
SHA512e15f4e2d36a163ee62904a7d8e07ff792adde9992607f82b663df8047483283334eb2d7d6643aaca4395e11e9c1ffc51f8b3cad45b19922f31bdccdcd898ee56
-
Filesize
194B
MD5c78c495cf44504f575a670dc6bafda86
SHA177355bef2e78059d7a321dae6c6a56670bae772f
SHA256645640a89ddef96bd44650003d2906d1395e1c59949afc10365d4affafac2831
SHA512b166a79883696f8ce4c51132c4adf08ea99a7f6cd13c9ff55fc7026a6480bde3b9be64de96bdd51284974b1675ac9b46f528602b05de0e86b1d363b6a525a3b3