Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

1603409b5a...3b.apk

android-9-x86

8

1603409b5a...3b.apk

android-10-x64

8

Analysis

  • max time kernel
    50s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    13/02/2024, 02:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1603409b5a0725977e7129b6df72bb9049b3a32e2e923b03b46821ebc90c263b.apk

  • Size

    3.4MB

  • MD5

    0d3198347aca8f11e2d90225079aff6a

  • SHA1

    8369d08c4158e404537a8d6f854fdb487b700671

  • SHA256

    1603409b5a0725977e7129b6df72bb9049b3a32e2e923b03b46821ebc90c263b

  • SHA512

    d8e725c472c001d897902611abaac075fd8057b3d63e6dff9b97610e46d004a6274bdfc05f0d88cfac2c64baccf85f897e3c6f7d97bd425ada61e993adffa4bb

  • SSDEEP

    98304:2A+u4Y1sNALlOUajv+oTwr5qXawoqi0vlvqV6Ihp:2Ak8OdjKWv+p

Score
8/10
banker

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
    banker
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4989

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events
    Filesize

    56KB

    MD5

    658a44574b6c6bfa9b447e585055abcc

    SHA1

    94b56736903ef5049e66e06d7e12a552801050a1

    SHA256

    66444e3eec2da05a9e268f8beda7fd9795db944066a543e40f2bf62e44214910

    SHA512

    a06374f2fb60d007c30a13540684b8538892ed01f4762a110cca3dc8de350050bb4d3c0fa92749903cc8ce52629b8ecef9ee02d0da465e002aac9b0a0fd384f0

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    9ff8bcd159768429730a90071435163b

    SHA1

    ffb757faaf3f1714b036521e361e96331b41f68d

    SHA256

    7b25abe587c2eddb43ed288e6da2be2e0be2e83091a09498850941b0fe4f7443

    SHA512

    3d5500993d18c6b727576fafb0ee54c2144a93b36b509fb68bc5c3c1cab7176f0e9b2f008051d0db727e960bc1f8a58aad80b2b56dad8869366b079309d98c30

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    e4668c3b2aa571bc3e0388d4265f2c18

    SHA1

    8fbfbf97a4657638ebf417d88b45a65254a6da00

    SHA256

    8df7ca00bed2de628f0d6b1c58fc2eeecae160cbafc2a61831fa9ba9ed78160f

    SHA512

    3bcdfb574d4b85a889f37a27f35c21c6fc3c4f21ce4d0ce4c15ddb0088363b56a2cb21ec02b8469fc1755df704351fa8bc02960391082be95fc0ead0f0794c5f

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    c9080e0def2e015fd0604c79739be9de

    SHA1

    54379bee01d2774219ab927a58fe57a820c6a032

    SHA256

    e3ae4b28b0f83a2b36e3582b41e925e787729eeeaa99708336c6457a2b20a4b0

    SHA512

    f9402b6074745cafd3fb55087bea03ded7aa9ac1b583765d13749a3e9afd244ffdc149c7d975149fcf3486d125b865477d9d28a7ca3b91544870a1784ef11593

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation4509294612115767022tmp
    Filesize

    567B

    MD5

    a54534a08f15fcfd0dbdc961f9f1a5cd

    SHA1

    b8434194b012e538db58822a51d3a82a0f35f80a

    SHA256

    89a5b0fe4b05328c0b0b49476da304ca645fdf2606c00eec2b0b2fb1052726bf

    SHA512

    f69f205253955707ce1433f9234280f36084f7b9cc04ff7c26330dc4999dbd01cb0193685b5c1d5f9b024fc201b93cf2567ae0ed9dbd1a67847ba7c3cea6029f

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation8443592804105786941tmp
    Filesize

    90B

    MD5

    46ee1c229f728846339a1d2fd133d7b6

    SHA1

    8c9b4eafd7b38022c2fe33bde39f20d41bbc8698

    SHA256

    4447b2b07b2106f5c112f797c14465da8bb506cadb86cc36ac38c6aec551d7be

    SHA512

    2fb519813df82026af59b36d2c3618d0829ea27aa96e6aac86e4e94e8a034db0d80da9aed43ff9c98419ef4a9cd3a971a6bf80dfc740119d2e4da8b5630e7d9e

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    bd9b798761d64583186161a2554410d3

    SHA1

    719674f4a8278746120d657bab18637e4b41860d

    SHA256

    4ce0b1ecbd5aa9be9f554e5d94b81e98d6fe8c08f14a88f0c10e218b32cadf52

    SHA512

    7ed2be474a08fcaf930ad70e4272d9ea4b5190a486baf66e9e82da4423dc36f442b61c16c37a89666fb44624d764be9f255d9df4467b11dbc1f32477d832c323

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    a227408d41ecad027ebe6f584277dc34

    SHA1

    99e8bf483b46a71d489d312cd9e2e7716869d208

    SHA256

    7b17b7deab2e648326a916ff0b4727a89cc244dd5380836344a6c916e1b2ed4a

    SHA512

    ea6cc6a44470b744c5a17b3cdeea5b9fc599267511584ab67aa28bbf93d6e316a00749c64f42678eb44dc4192db40215e70e8be16397a1684eafd01dd357132c

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    fa6c38d0e61dc9a5dbf9b1ef7c36c61b

    SHA1

    2e662640fd20765d906f403a1114b45f8ccc7be5

    SHA256

    6840cecd27968eec68e7dd18b1de71de6937edcfcb79a96ff6a9929d143cf216

    SHA512

    f63d9cddd303ea7066b76c40c07ad222c1ab2352847506cb7fb435a68904ce1aafd4dbbcbee67cdd8f4d65bdf3ebcfedef99de360b2287263e586778472dfed9

    Download Submit

  • /data/data/com.drnull.v5/files/profileInstalled
    Filesize

    24B

    MD5

    38d0ffbbd28e59405af6203f533b23d6

    SHA1

    5e600703b6296217bebc162948de35101993ae4e

    SHA256

    9b459fac405be1d931b91f05f5d2f244c6420ad1155d00b3e0727e3c1414492e

    SHA512

    a8e876cf28e4edfe6790a9b981698164cd586b137441d8213f3ba9a131bbe23c8929b8649a26285352bf2e9a34710859de38426f50d499f0bc43cadbd0abb9b0

    Download Submit

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    720909ce6e8a4f801af8f9f3c999ff58

    SHA1

    5e09c77e9152ee763290c4bd211443a456c4d890

    SHA256

    101aed14ffb20e5f47e222aac71740253f60a2564f1eeaa8508d865b1029dfa6

    SHA512

    9d9357ccf7079d2b15558a49611883ec01d7efe5d1150b11313a63bee7e81a1dc9ab6fd68717db13073dc2ce283a02c5f4e511c1f1d9f49dfb4ea8a1d5221c01

    Download Submit

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof
    Filesize

    1KB

    MD5

    3bf4327df6b1fcec0de5399a885183ed

    SHA1

    4f2ceeb901b71d3f3c5d56ee9ac0430c94088308

    SHA256

    87964145ade7a79f223cadc1c48ed417d86ac1872b5f6d533814312da485e6ba

    SHA512

    5c3c3416af07cfa265043ee24909c59ea99d482f8e77f18a33b02cb0dfee6e48587341ee575dbd687fca82d249a00130c047b754994cfff9f9a4275724de4043

    Download Submit

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof
    Filesize

    4KB

    MD5

    624b6afb18fde192091be7089664f18c

    SHA1

    7753aa5076de71a24e293005eabf0af1b3323c34

    SHA256

    95f73f2dda30908ce5ccdaa070d1d857b6ddae4bcfd9d829e43fc88d09708a72

    SHA512

    0a313460ea325f9ab2060e9773b7400a7079bd8b55e215305dc51a23f83775eab2873d249c1eeb758247f7f54dacc89b80708b66885c4deb97709189680eb60f

    Download Submit