35e3e6065d58afcfad630790b23425ebf64897468296a9c58f197ff1aad809f5

Analysis

max time kernel
2697883s
max time network
164s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
23/12/2023, 14:53

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

35e3e6065d58afcfad630790b23425ebf64897468296a9c58f197ff1aad809f5.apk
Size

15.0MB
MD5

19a01182b2f64b88cab3babcb9c1051a
SHA1

10b82f6fed07bdf6beb7cb08d798651658c33cb9
SHA256

35e3e6065d58afcfad630790b23425ebf64897468296a9c58f197ff1aad809f5
SHA512

b9c8757fa47994a7cf212ce58d462387577a2730fefb6c99001040babd2e4bde992e38bb19c4f9271152857ea876d616a1e8c3d17189180394ab41b3480bb3c6
SSDEEP

393216:7oH0B/6UPUoGaDbAXCgGX9n4con4aP4P2whYs:7oC/PUoGaDMxg5W5gPWs

Score

5^/10

evasion

Malware Config

Signatures

Checks the presence of a debugger
evasion

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	ch.protonmail.android

ch.protonmail.android
1⤵
- Uses Crypto APIs (Might try to encrypt user data)
PID:4994

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/ch.protonmail.android/databases/proton.db

Filesize
12KB

MD5
ea628e04765adaf4238a5dcdff4bbd51

SHA1
a801947619ea8c368efe9c006a324dc6339ac60b

SHA256
885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

SHA512
c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

Download Submit
/data/data/ch.protonmail.android/databases/proton.db-journal

Filesize
512B

MD5
63c3d19aca4a2926c191d8f18aebacce

SHA1
12dff1fa76dab19e0470ca1d73ae52f2767df7c0

SHA256
51fd68037669c8cd4544c7772ee6bedfddd327c796c0feecfb801ee97cb75479

SHA512
73b535d23ae994958ef6715a2d9e4f4ae2a798932e6ef5dcf971fa037cc8717bb60f14cbcaac2e4db528536a65f1e38fa71d017e3a646e77a1d8f0c29ebc7eef

Download Submit
/data/data/ch.protonmail.android/databases/proton.db-journal

Filesize
8KB

MD5
1f06b1fb92cf5c5afa55cb96e3bc42fc

SHA1
f0ca23812b9aedec47a48875d8c426224bd324bc

SHA256
9b79fce199e57d3f6b70eab4ab556ca21ea1f099f5cf6359d16b43454f6244fa

SHA512
12e4cade9c0755acb80437f39f3704510d2070591e7f860b182586165554f76e79843846090dd77c72c39a31397ef4b6ffcf7a59bf44ec4b6153457a3da07e52

Download Submit
/data/data/ch.protonmail.android/databases/proton.db-journal

Filesize
8KB

MD5
76ee861d7db9de66cc380760af53606f

SHA1
8e90a0fda8d1439f75cc266286f788548dcaa572

SHA256
cdba9ac459fd38c97c4cf22bde7ef35af77843ed19537cff9015c2a95b5a8f97

SHA512
91d1f2868763a2048c9eb4dbaabb4177d96c94f0e63b88d3debab128652f401eeb45d99e7d06062a1e8193956dc704ca2d6c4ce545b194f25595660c46ef07d1

Download Submit
/data/data/ch.protonmail.android/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/65896C1A0010-0001-1382-30CF167D64A8SessionDevice.cls_temp

Filesize
131B

MD5
5f0c9aebb2087b3291da53b2fed88505

SHA1
76daf9256e148db5a8c3110d5267f31c11d47c97

SHA256
f0f9ec9301848dd0d5d7414ec0c64608f9eea579cf4d30729800bc6b6ccf5a5e

SHA512
db060e423f4f6190a512247472070810d67ecae3eaec1ac6ff24bb231d6851950f2deb0c5723f72078334a0ec213c4898a42346461c2e6dd5f1f6f8a7af7095a

Download Submit
/data/data/ch.protonmail.android/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
479B

MD5
51fa47363ab8a40985ddad74cfc66d34

SHA1
39be0000f99289167cd4842b934ca9824fecff29

SHA256
7f1262085925d68e2070e555942559c2e5000c23c7564739b7fe241a2355bb74

SHA512
ed5188011072d192909671b6963dc0306f40064c9ff71b6f322211ef998255b687efc4422bea3caf40718050425815518ace86cb562c5d3a548f6ac59f6aad75

Download Submit
/data/data/ch.protonmail.android/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
1KB

MD5
e1b307ee33eea115dbaa7c3ef9e44023

SHA1
a77bd20a8afe408b7eaa1abfd2eba2098c53de9a

SHA256
5a9f3574e4d0f7c000003907e3f0dda77dec301857f3f91a187619f81d21828b

SHA512
84d6f36455e545be23273d78e6b97121d4421d559c2bb471f33c366b7d4db1d4c44dab2fe745e482a1a46847e5508550ec4014c9abda8fc3a24dfff0b8aadfc8

Download Submit
/data/data/ch.protonmail.android/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/ch.protonmail.android/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_4b1e1186-f6cd-4f15-b6e3-7fc668f2a1fc_1703504923439.tap

Filesize
370B

MD5
3f8c4041707a892a72c652f2fd4fbeee

SHA1
46c56886e6e580ba4e773384a563417ee345cf8a

SHA256
115cc9a78e54f4cb57a82518437a458fd91cb5bc19fc13d0889ef00d9e7baf64

SHA512
72293a8c2f15fbd2c4c1c335cae22fe914092e04fbb1784e7ca4f6ee772353ac804f2b7f0b8a741250c39d7714fe1f01a503ba79ec913753ca462f4b33a72690

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads