Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

463f9ed427...8a.apk

android-9-x86

8

463f9ed427...8a.apk

android-11-x64

8

Analysis

  • max time kernel
    28s
  • max time network
    131s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    13/02/2024, 02:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    463f9ed427c5d003dbe5d0c79ec0046f7f7b4b73d412588661bf86d3aca8088a.apk

  • Size

    4.3MB

  • MD5

    19d7d3ff409bf1b5ed9e8f73fbc7bda3

  • SHA1

    ea7883aacb78245fbbbe0192635d94ffce7b73e2

  • SHA256

    463f9ed427c5d003dbe5d0c79ec0046f7f7b4b73d412588661bf86d3aca8088a

  • SHA512

    9a723550714b813d2b1a726e945d306ef3d7cb617fbfe802cd4b49ce403311fcb6b1f8f23c69b70d95343965d0650392ee9ea27293ff45bcb70da2b5cffde658

  • SSDEEP

    98304:pA+u4Y1sNALlOUajvyoTwr5qTZ8s9EcRjJeA1kZ3:pAk8OdHlBJ83

Score
8/10
banker

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 IoCs
    banker
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    6ca2cd1263e8226fa0045d7c640c7eac

    SHA1

    f0e7860da4663b06c3f6fc681acaf67ca9186192

    SHA256

    cd60b280ad8a1a9531349da7ce4df8f247f2e4c56410bce08c7d25840abf38e8

    SHA512

    c49ed3ca2ece0245d0954663ac7f57fff473af7e223a5582ffbe6344c408ffedee86ed0386febf0f006a31d1c4926dd64e874e92d3ade5267fbe152e7a0f9cfe

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-wal
    Filesize

    16KB

    MD5

    c52e96b9089336de7527cb556032b250

    SHA1

    52ee1e4ebdac445bb02c9e5ece393cc4f92e1682

    SHA256

    e623f5edd29e30411f9e3d751c70b7a6bece5c199b7a1f8f2f50c7ad139b550b

    SHA512

    4865aa4479ac859c9107bdbd0707fa11d1c4efe1d0f604d5d0265c98cd331deccb5214ac2213ac419fd9577535928019582c2a1f073d1141a3bc501ae83d5ce1

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation6153918868205384417tmp
    Filesize

    570B

    MD5

    c70ae6f8904276d51bca0b66adeb5307

    SHA1

    c8fcae39620dacb2139451727fde1f19aa381cb3

    SHA256

    bc5a2728acf48f69891a406485916ee0bb18b95b6b82fb75d85a7e864a2f1f4e

    SHA512

    eea8b55a19bc65328c4dd7a8b2c40d9b7a96f44751df1f8886efad6812a5324df8327b22a0847e112ff3c8ee98272cb873d92617cf0b063bf418970eca92b33a

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    bcc85a58782388b1ab937326f08ff806

    SHA1

    87d488822215776c81eb4f65fda443241b742f1c

    SHA256

    10e1ca68cd192d6620fffb27d710467720d934250a69e0e887c31a747ac2fb1e

    SHA512

    8296ac32cc2639f365c6b621a9fe14e7e43cf66b7ef815649fb0e6ffdcc012fb14c52c670a18371080a8ed1f3f13d8a57f8c241e2d449b89fcd02e6a680d8074

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    234B

    MD5

    d1286b5539d63f49f92121094eaa964e

    SHA1

    42fa14c1dd606cb273b7c1c883263fa56c44ccae

    SHA256

    f1a4469243a6d30107e410cb9682d98076d2d0c9aa649e080c7c32186c9a4176

    SHA512

    4b1d2a651c83714f9296ab3f591b5f7aa2b35b2811e99c32d571194304a31b40ff69f0f6eb6bd1872b492e87ce633377eab4d0d10574bbcb2fe60c6c1bf5a1bc

    Download Submit

  • /data/data/com.drnull.v5/files/profileInstalled
    Filesize

    24B

    MD5

    84fd75a5fdf448c4935e6e01b27f79b6

    SHA1

    61d0f0a3e57ebbbbe26fb772e1f469939b50c5a2

    SHA256

    5f9734bc3fb2d583c9e167a548bc4313fbac71bc8220d35ae6fa9a4a3cfde2e3

    SHA512

    09bf5827c2fb0e447ff4c4752f96247c8382abb1b6193a2f7b998ab6e2eadcc34caa297083ce01cf5ae872e1d89b009df69be74b595e39e3b022fa874bf82752

    Download Submit

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    66a30254f038bb9d4c031f7df51378ff

    SHA1

    c249ec61f55f92c7ba9f002c1af427233ef359d1

    SHA256

    c97145b3d8d762c4569344979dbe61c56ce70101caa60c61c1803dc84bf3f192

    SHA512

    ceec8c2ebcc213b41f65f54538f6515f36cb73a9f752f4f6e595dd85ce943bf74820fbeb4daf1c8220fb26c5641bdde15b7f7614cd2924117455f4423f08ebe2

    Download Submit

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof
    Filesize

    1KB

    MD5

    3bf4327df6b1fcec0de5399a885183ed

    SHA1

    4f2ceeb901b71d3f3c5d56ee9ac0430c94088308

    SHA256

    87964145ade7a79f223cadc1c48ed417d86ac1872b5f6d533814312da485e6ba

    SHA512

    5c3c3416af07cfa265043ee24909c59ea99d482f8e77f18a33b02cb0dfee6e48587341ee575dbd687fca82d249a00130c047b754994cfff9f9a4275724de4043

    Download Submit