Analysis

  • max time kernel
    20s
  • max time network
    132s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    16-03-2024 00:42

General

  • Target

    base.apk

  • Size

    3.4MB

  • MD5

    0426f0f7d5c8ccac04f8e30077d7d1ea

  • SHA1

    724612f75ec32a0bc96cb8a389044f3fd54bc39c

  • SHA256

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05

  • SHA512

    b3cb2e070c2d85323b740774ea19acc9e701df12d35d61924cca9ab78fc61f843b864b5d977365c571b2e0f192917cff270653b9457fdd1dbee8bb44096511fa

  • SSDEEP

    98304:Bl4wny2QuzEoTwr5qox+Jh8kVflKouoCxn:B3hQuz12OlEZ

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4255

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    c22a8dd97e89543cf0627aabd17d1790

    SHA1

    ea5702ed291c5c54f74f87872fa00e34da62f7fd

    SHA256

    5dfdfc2611f6eb4176cb217d6638b3fc2597930feec5b99e0e5a2727d7c8e494

    SHA512

    a75293134b48849db4fa2117e5920b207a09e8cad9df61fb93e881a12edb086d7efb5bb2c0fe4962c1679013de88372ff135bbade6820bab882c654cabc54cef

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-wal

    Filesize

    16KB

    MD5

    91322c87319d2735e37c2e57c5d6b9a2

    SHA1

    9121ddac06cfd4c01b8cae1d92f88d33ec42e8ca

    SHA256

    cea8ac4f754ed99a6abc88d7089edba6d5e5a9ee997ca3e8c50a54c7dd222d09

    SHA512

    e119ce99215cbef97bfb338362634e018abced9be5533a5f76cd9da14d2347eff4838c315f217ab287509f01d93e931b6036c3d59e5f290f0a4c85a204fdca0a

  • /data/data/com.drnull.v5/files/PersistedInstallation7334240612312449721tmp

    Filesize

    569B

    MD5

    da8d89b7527a184017773ce94794dced

    SHA1

    1ccf14eeab6c1e5670a666a3398397de43652ad5

    SHA256

    66fc15e8f02f67d6021f91c7f897f8ae9c1859a8120a35f16ed961663c53094f

    SHA512

    bfd121f5efb08a18036d917f2fc6cc24a694b15c06ede0ffd69035ae4a46785b42ef6663fa213deb52c3d8ebd20359af902a73134563e7a72718ad700f6dd196

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    ff16cacd039c0cb12ca2a4ae984d6dd4

    SHA1

    3d306814c194b1b7134c22b403cf8aedd38f97ea

    SHA256

    3d4300c6c2acbf5d9128edeeece82c68f0236530e3bbfbc2624770b48dc4e070

    SHA512

    b1c18f5be22d72eac4f23e44337c2271bb2a2f6b57c4e6474c2689feaf143101bf05fe7ca3407e8a4bb3968ca8857f8d2bab70134058da84a148d606b527dbfa

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    c0476d4b82c69f45f9c6b832c4695c1d

    SHA1

    f5a538dfaf5fa332e5b1c894c73ea63b5cb0736d

    SHA256

    579f931227dbd316e24cfb8dbce46176de357fca15cf54fafdd5ecf022749045

    SHA512

    c6294b48212c11ff360b49bd7a085b48aed214a260f800116f2ee98f6b964dd2d157ae3c2e7d4d66ece24daad075f8689a40455ced4ee39f48899ab7052b128c

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    a42b3974fe8602ac61f8b8a56ede3e9d

    SHA1

    b6c510ca21f000824de7bf95aec06e0529b78993

    SHA256

    4aa377ec853a19af20b7f452ca927c7cafa3eecb281e0a130fc82ceaea8a6f96

    SHA512

    4e1aae12ed436b7c85d5fbd13818fa12a098283256e8f4a1de89251fc7306d1e8376a0e6c2a7776d873c7b9de986bc00cf308d3a03aced49925a5b89a9e5f56e

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    e73468902801114589f5c95a7422a74a

    SHA1

    e003863c86a297f02dd3720d02d840cc1d55a55f

    SHA256

    a2db0b849ed4dedd5bf1a55a374f86e8f13cb28ca688100df9012eaaf9f2559f

    SHA512

    ae4c1d4aad965f70ca97207d04873305265ac13c579d9c031318207b2799c3fbaef5868d459aa3df37a67359731f8af0475a7cc452212ba3a8b987ed7fbf5ca2