8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b

Analysis

max time kernel
2514898s
max time network
130s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
20-12-2023 06:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b.apk
Size

6.2MB
MD5

73e532519bcab9adc579bac24d889895
SHA1

8108bcda08173ff6ee82a7b1ea1cd781364493d8
SHA256

8d6e142a9b2c44b5fd43326af05ac40cbbe8b74ec05803086894907c0e243a7b
SHA512

9352ebdfee46ced1bee3054688aee3702e0a03a83207e0d8f50bfefc54781bcd902c05699a27b350056b19f55001235441d59da69586cc008a9a92e29e4a7f25
SSDEEP

98304:7NNYtstaIGtASqelJjhE2JE5RS5356GxRuMrq4461WSMleD5Wr7N40wdyEVrl6iH:7ggtWrdE505pPuIqx61WJlekN7wdN

Score

8^/10

banker evasion

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
banker

Processes:

com.nightlight.app

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.nightlight.app
Acquires the wake lock 1 IoCs

Processes:

com.nightlight.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.nightlight.app
Checks the presence of a debugger
evasion

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.nightlight.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.nightlight.app

com.nightlight.app
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
- Acquires the wake lock
PID:4254

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.nightlight.app/databases/app2k3-journal
Filesize
512B

MD5
04212d50d985c684ccd22b62b946c21e

SHA1
5d7f6b7e677bd838f31f354a2e3c08ac52c16747

SHA256
accb19f5b75792948086757c222eebf89e65a8ca743bc2e682c93057a65c51ec

SHA512
2bbc35c4957dc893c7d4de758bca1e9df2fb9198a329d0abd7b45eebdd4c9b1a230f685dffcb9c31de5b6d4c2882b95a4b0128fc6eadddb95f582c6f78404d61

Download Submit
/data/data/com.nightlight.app/databases/app2k3-wal
Filesize
12KB

MD5
32f302f42b4993625ac7204201cac63c

SHA1
60f598859c8546799438c4632f4b7d914c734ee7

SHA256
2b8b11ed04f086968146620a31ce6ba6c834deb7059e0f9194ae31cb9d7b11d1

SHA512
a2f6847100a5b3fbbc4aaad5d479947fb467a389cc06c9674ce9f1a0e73f5ab6e287bf3f9c64e2f2407a7e89b428b4836758a8edc7616180ff48dc8482e0c3db

Download Submit
/data/data/com.nightlight.app/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.nightlight.app/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
ace306eab5097fef4b16be2299989f03

SHA1
f9a622dfe2f6eece72a8139b8a17fb0bfc71bdfd

SHA256
72eedf929377ca4a8dfae8a0e6007bdf40bbb2653cf3792ecbc6a2bde72b4e9e

SHA512
a217703889ffa2881340726c344162f09ea55028898d5cb8beec9e29a3a904fd7c64d7fe8128d2c7550d5d86061468857987085e219240e73f6a2fe82eff3b11

Download Submit
/data/data/com.nightlight.app/databases/com.google.android.datatransport.events-shm
Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.nightlight.app/databases/com.google.android.datatransport.events-wal
Filesize
16KB

MD5
99236efdccf172d3765f5f23e711c944

SHA1
c5976df635d57d28308765cc9eff767081721b9f

SHA256
0c50d0020b0ce68a5337e9f82cdcb2a350fdc3ac1fa001de7969c33f0a7ed2b2

SHA512
07a460fe9594c2943e3850a33918d87ff08ea336b9ddbabe6aa78442f9415223c6827ce5e01fdf72bb52093f374422d5f58e38d2915a924198e4ce0b93379bc2

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1cd0903edf8431732c57ed99f73fc31e

SHA1
1319dadf5e0c76296d778f560c8892913fe6b1e7

SHA256
eec8de995bb79a731f8eb3a3a84d44e75ec7fe657e20c09211d5dec3ba0c51bb

SHA512
d5aeb5e0f34a861f1b3ae32f6c939c5335c4be73d462a78dcf6bfcec4892ed926a46a41989ce2fcdbaeda689dec0fc63df772039bca98edd5c8d8952b01acf6a

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
758182ddfffeb8189f055633a3766add

SHA1
13828a4e05f81a79dead550a395090fa267057bc

SHA256
017479443624b1159fd1e08ee23e988f2f8bd309c108d3e629b4361272615efd

SHA512
52e990b9c3be893ca9da3f9b1d340e6d97f5ae9e0b888d50d667de9f24c84e51b32cc9106d5db34ee2118eddd47f85091351758e33338e3bbfe9efc0fb464e2d

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
e53624ff0c02ec8a06937cabe3968995

SHA1
b9d9e8914c83a2801a6e70539d2bcb83e7908b48

SHA256
04f76ba2fe6f60c4b9833dcb0ac6c6620be9d30be31d4a6d29ae3154416650d6

SHA512
295d12dde2ca38b55d306ded677eda9baf4564ced6a748c05414c38e81d1fa0ac283e8d1321231571f86e8e5b0372bbe065918df193b9f8dbfed64a7737da5ee

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
1d20b473df6ba361398696a28d7fa01a

SHA1
37380a0feed594aa2851f9a983fadf69f88e8b4d

SHA256
0a8af21d5d2bdb93650ee0811b5448921126298b1f6a98d70f01dc9efeb3e4e6

SHA512
b58a47924acfbfcd86ff764f8e1f5f34fc4be777fb2169a9e346ea3a9daad8d78a31e6bf2248ca4e373eebc7afc9a67bbdc28c11ff844140978b32bb65a8a3c6

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
44693692da738db6eb133cf0e4cde91b

SHA1
e6bda56494c325d8d37ad89552263ae85d9b0550

SHA256
8fe0ac9db76d4a2dcd3b3d54c0efedcd223e25aabf716506493d50e243a7a2d4

SHA512
b34ddfe1ae343b1b12f7029ae476a0ba8e1b4043ccb520afb412b3f71335ef679bf29723c9a5c00af7e922e9982d5b3af54b2ed779da8cb601f378e5b9d26be5

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
0810047e837b98bd6774a9fbd8f1dd1d

SHA1
67a295ca10da8958143082843646aa950e2d51d6

SHA256
efc9a546800aa513fd038717d63a0389138d9b75afa1651cd37fa5d174744c3d

SHA512
d9165cfb1149c8a47e4c47d3602f212f172a81b2008ae18a0095434be2c21e62cdea01438ecc907e186a3afba9222546ec8db0035ffbb37e8b08bdc514653fc3

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
0b8c9c08f7a03453d94111d09e38986e

SHA1
e85a8c3b762cb453fc97d4ba12ea8d59394438a6

SHA256
dd40a85922f295bd992945dff375ad292a6da089db1b046377bf1a7f59fafa5f

SHA512
0af0121f3add19917b2a65f346dd79e39c8d55b04fa297e61c135788a76a014464c8cb7a493ad934370922f4827e97ff1611bbc94a9abc99ecaaf23c3dafbf0f

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
c837d10906d9ae603f2c5f6a64d059d2

SHA1
516e9dea9921f4593e7f8fe80c14303965edea7b

SHA256
57608ddd94f5462c0b07ce23d880fc31fc4a53f8ced503810e30aa4291d7af7b

SHA512
2850a98bca2887650ad4e985fc5394a55a6d95c504acb33bd588dbeb26c74a809915013e0379caeb97d1d7f03bc7333a6e027655a3ee1498a158f93d17946577

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
d6112f791ad174c1340ad57a31b4df61

SHA1
f98471c7ff9f816ead8df5435deed08ad9359f59

SHA256
bf2aeec55cd00f450b362fbbdaf9cb7b33cd439226794c19be65efbbbf12348e

SHA512
26c412497e13f52b8a97124a4444fe68709186d32d11214700a527e4153eafe863d780c005ee2422072238b2202abf01f5bb39516773f908916ae9ed47c82eed

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
8b34f5de022f66f82850ed3c297b223e

SHA1
4d4cb586cf2183698af8f6fd20c36c627119f073

SHA256
ff5c2b62d276a6bd4f5e766afbc54a2405a0ab3e042b7378bfdaef91eebfde9c

SHA512
c675bce2ee44d1006e615af300c11c1bf592b8be641d760bea4272e4375b817ef82d387ee0b777064c83b0c8e5e0d3bcc216b76d48f27fa7f0b23e8f60e01735

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
741fdefa5c44876a2a7794d3658d2dc4

SHA1
48d16e52f352f3c59181b084d4d01edf020a4bb8

SHA256
0b04e0465157b99b0b16d974ab4319b2e5403bfdfd35f5a60b26626693256bb5

SHA512
6be2460bcbfbb490cfed59302af9d6d496f30427066c1d2aa9f1ae21990f40fe9d7b06200c65fb77a023f1ca4d365faa6f2a4d12a6c9a1afc8a31808d700bb4c

Download Submit
/data/data/com.nightlight.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
d4ba11837f82370af546fa42256975ad

SHA1
e46372816b84c320a18b1995f9aa1cdd1f84b1a3

SHA256
09a7f6d47d7b1c83809cbda02626b162514c95c2c007aa81b49bdaccde5917c5

SHA512
3c3f3f3ea98f3bbb58ccd6897e72371e15d4345dfb3274a9fe06f53b1c53309bcacc1fb1321d6098441a22745617d266a70ac91aa771eb9c071cdb9d11be4422

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/6586A14B0093-0001-109E-90DC85AFEC9BBeginSession.cls_temp
Filesize
75B

MD5
33365854118ef347acaee71fe63807d2

SHA1
c754fd4d5157bc5467bc95ce433c4f6b3b1c1f26

SHA256
2d5c4677d710e30d8f7abae8f80bd72b0743e715639be76e737fe294a3940dbb

SHA512
8069b8726b4c7179b9a8f75024169957a469f3401e40595c3dce8bdf7fcfefc040ce9a0379183ec480716c8a234da5b2051f3c230f3d1878158daff06b60d521

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/6586A14B0093-0001-109E-90DC85AFEC9BSessionApp.cls_temp
Filesize
71B

MD5
baf9b8f210add444faa6fc0ad381804f

SHA1
2b96f29239af708cd50641b975373a3fe8ee8230

SHA256
59e54cf66d67f36fdefd1921166d3214498559687b0656ba74f18c604d5b1c90

SHA512
1ae82869da812e821d322ca39e2c8e44f68fda2e9f60e5438c09ebd1a62b4276ad11c1adc1e0baba4775d949ba413b59ae2c8e69faf7ec976a39fc0823c20468

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/6586A14B0093-0001-109E-90DC85AFEC9BSessionDevice.cls_temp
Filesize
48B

MD5
589e59397b14726aecc2a17b191cc00e

SHA1
aa5a32c16f0eeb2ab31a19e8344ed97c4d38784d

SHA256
30dc4b56dfa459b8766b1086514b3ee340e64589949f1382a813b22f19ae5d28

SHA512
83c156354683f8790d5d5df40cb1e3034bf06d08ca916ca15555f43a4399797f48b803b74928fdefa6ea6ad7dc221b3449ddc6146538c9355116691b7b481b62

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/6586A14B0093-0001-109E-90DC85AFEC9BSessionOS.cls_temp
Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json
Filesize
713B

MD5
2da6ec416b3df24fc7a6548c05f74203

SHA1
1c7bd5cd9bcce0d894d47c39fb06b62f737a8d9e

SHA256
3f2ba121775f839ab722c485ec02b9ae97c284cdf04c1cf6c6a03c756a91a541

SHA512
2c1f89818f63b846c80716975b966bc9fb4fce69da486288e68745ed9236f2e12db95627cd91a02e5ad98cf797b12a4cfb6b973d3fcc486c013092f445612cc7

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-6586A14B0093-0001-109E-90DC85AFEC9B.temp.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.nightlight.app/files/.com.google.firebase.crashlytics/report-persistence/sessions/6586A14B00930001109E90DC85AFEC9B/report
Filesize
745B

MD5
6a771e1fa0e5384df53455bd5c021760

SHA1
7be29a28a45aa0bdbcfcf8c16b063fb23ba42e2d

SHA256
10cc4729a9f97d9bf0ddf02119154bd3e301650459c993f99bc024b0edf6e769

SHA512
9ac490d34c249e48cba149fd21650aa96e40cb9cc091da612c0674f7c487bb6ffc64c52b7d3176b535103b7e2e1c6c01289dcea919c587c76b30621d16e7ec49

Download Submit
/data/data/com.nightlight.app/files/PersistedInstallation4407036949828836092tmp
Filesize
569B

MD5
304ca1058ac4240e534af0395d121312

SHA1
c2ed1d777dcde8c18f7216ec1d37fd299f749bd0

SHA256
6392928dbef47c00a4c2e5f6ebf5476e118747b453490a7a2175b8a954dd017c

SHA512
be73c700c3711e4f25d9e1da9bfb836f283efc2efacc8a3e1af917712f2d2b94f3f904683be5e5f38263eb9bce30e3a7e9a68c9f23241544d0a5ee463c2e9849

Download Submit
/data/data/com.nightlight.app/files/PersistedInstallation6090831101583902142tmp
Filesize
90B

MD5
d1705bdd8fbecb081325f745c6d13b5b

SHA1
3586e39586c4e2170b2c55c37a2456c1b9ae05a1

SHA256
0178247db05e0778cda382239fbfc51a9f5c9360fb63d1e56f855eebde75bb94

SHA512
be2f4ca1022286bf4484154e3f3f48a0cc6d9a0f730a5312ee04e9755704a2e9f5598fac79ed298059ce19be50ff5eca5032daeb5bad61c19984015338d0f04d

Download Submit
/data/data/com.nightlight.app/no_backup/androidx.work.workdb-journal
Filesize
512B

MD5
75bd30ffe0c0328631d0f13543b50a89

SHA1
5176c20696952456f594eb9ce3724ac990e8384a

SHA256
cd9b27d323863e6a3b9b01022ec6d3190566f0a2f7cd982dc34fac2a0146e01d

SHA512
ce483a25bbdac24a72febd948086ecf8e2749ee2763637ea54b9e70136b7a9ea9c89d8e92ed660e784ffadd5a34fef6199e03e67794d9b4d6c37fde2f4a5af6d

Download Submit
/data/data/com.nightlight.app/no_backup/androidx.work.workdb-wal
Filesize
16KB

MD5
f00104c32a1c978d07a265d045116a50

SHA1
7e3485253b23d86d1dda7fb884b24729cd85e6c1

SHA256
835cc44fad731b017d2049a2892edf8f0c637e8c3e99ff5c6a2ca820ca2126f4

SHA512
458d895c81f6e69f2297ae4eb6c43900bd02ab76b9b4646b3b14f3fe0d529146bb9916d7e69b1463620f041cf21465b3dad5e54acfe385c7b766c10081e07fdd

Download Submit
/data/data/com.nightlight.app/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
a174c5c6f43e88c0f5155c01a76208c1

SHA1
eba17e76d278ebf23bdb2c020178a0bc7dfa7466

SHA256
1a6be6c1116ca9f12c669800d1289cc06fc959383526affafb6d7da06f47338f

SHA512
c70035b77a7ff88a66b09f0310a49b7f6971b452d9fba39be56453106e3c8c66116b561796fe07450653cb411557b2bb60904f87d36c66bb5f5e2d397a94c1ec

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads