Analysis

  • max time kernel
    47s
  • max time network
    146s
  • platform
    android_x64
  • resource
    android-x64-20240221-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
  • submitted
    16-03-2024 00:42

General

  • Target

    base.apk

  • Size

    3.4MB

  • MD5

    0426f0f7d5c8ccac04f8e30077d7d1ea

  • SHA1

    724612f75ec32a0bc96cb8a389044f3fd54bc39c

  • SHA256

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05

  • SHA512

    b3cb2e070c2d85323b740774ea19acc9e701df12d35d61924cca9ab78fc61f843b864b5d977365c571b2e0f192917cff270653b9457fdd1dbee8bb44096511fa

  • SSDEEP

    98304:Bl4wny2QuzEoTwr5qox+Jh8kVflKouoCxn:B3hQuz12OlEZ

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5082

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    dd1b0d890279f8552b98208cb6e836ca

    SHA1

    dc07748b3bbed706584f08903627c85e7079f959

    SHA256

    37593e10ccf15cf53848f5065ce3d357b197bbde9234e8f7692f0c27b1851e3c

    SHA512

    eb28480b74ad25e85edf1b26123afdbbf4433cc4e5df2a48880fc198e7b0764be11cbb56c77684179b4fc97aebd3cce936c62878433e095100d420f291760521

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    c25d4bc40bfa7f540b14096d20f0cf64

    SHA1

    1f59f6021a71d0fcb447f606dfe052220203b0c4

    SHA256

    5340021e44092cb3b82b6c236e1d0fd4aa955f62268d218c5b4368c47b13081e

    SHA512

    fa38f73be45a5aa05adb511f814225c90f1b123201bb1521951546e66d45db63f754b61238785c0a7233f36e5c326609837199c24c4ac975d84f4446ade0bb03

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    323b8a2f8e927f6187a43132be1a533f

    SHA1

    a5524296b84e10b0de7734a9e1d66c6dbc359128

    SHA256

    fe99018164cf3dc07aaf8a78c4b1bde9da68f482ad906cce7068aacfb560287a

    SHA512

    f0e8ff68aed0f1fbf5e47de525ad16f31ec33b377cd932ead9c9522b2a509739922a0f3196064675dfefe76e32cb5e0fcf68395c668191902152abb13541c6d5

  • /data/data/com.drnull.v5/files/PersistedInstallation3248675540326956336tmp

    Filesize

    569B

    MD5

    d71a58b9e944760b28a9b42903e41f9f

    SHA1

    620605e04decc75087802bbaa370f358abf147f9

    SHA256

    c27cf123f33db34dc42eca7791b1a346a4109deac6925931e069e382bda3a639

    SHA512

    be2cce1932128463da5c267cbf97f0ecc0b3de78658282507d1967f55a2f3a7d3a7cbb24b7ee6a6c1bc139c7b1fea469389cbd1355bda7ae2bb4ee1abd46538c

  • /data/data/com.drnull.v5/files/PersistedInstallation620999129474222537tmp

    Filesize

    90B

    MD5

    a61cd9ad48d29d63977ade24dec83f3f

    SHA1

    5deca849037b4e0541e4155262dc30f190584ae3

    SHA256

    9c473f5938d61dc9b334f5bb5e5cc448d94d9a8fef0f366845185aa15107470f

    SHA512

    a620fc654e86566d062d72f968d4ad1ffbcd8a8f37ce440507f47cb45558c72015297dff1733b33b5379fcc456dcbb1490d22bc4c0e6e2f2c00f2fd109bce7fd

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    35148a619baefec2cd8a6db3f5390da3

    SHA1

    f49333e029557b055f6ef1c395387c8f8010fe76

    SHA256

    8d691e57aa4ff17c245b5da98a042ae13cadb3f920f90b195fefd400c0394ec5

    SHA512

    87d533191764c7b4a03677122085a3e31219531c396b5d2ff71c32b485e90cbdad7516fb9d4381bef2e778666eca3e71cd7447087fb02cf9ee5b9549af648473

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    54d3691cbce8f0a3200590127046e42d

    SHA1

    253898ac0213160755534cea6cbf78c746a58eec

    SHA256

    0290cd251b61e3e3fc43ead6043201cefae3b39542f0a2c828a3fec0012b90ae

    SHA512

    9925f31744ab6eac2d72b779b9a03cba3250f8ef37c00593d45f281425d8b2dcef931e7ce79373b4ae74d1878aa078213234d4730d6e910f071ea6719b17a3bf

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    9a32efabf98ec61fdf8a2ee3c3802f49

    SHA1

    1ea345004c6a08c84d7560916f2a2d2b55b2d510

    SHA256

    51ec2483bd46564f712df355bb002bcc0f1fa7080f8211b4b71d11663f953a69

    SHA512

    67d603a352e2da3d5b0d12fc17922f17801d7c59b646bb824b198b78170961ce06c3402461f80867eecea8552b2f1e3ff61b4d1f915d987f177ec7a87b99a8f2

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    c527078867c2d055b56399a72298f56c

    SHA1

    6c602fe383c1dbe5d6e0b6bd1a3e0d535b5fa5fa

    SHA256

    9e1b5b72a527141e89a289eb0627dcc55e74545fe0e38c8c5984e10048b56f93

    SHA512

    e36077f7f5085f8418c975fb58d22ffc1d0b8926206cc0e0176d97f2ea7da51a1b6ea11e99896e2ef0874adc42e4bb904b9c07471cfc8a6470d31c77471e2a69

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    2c1c3db03a87652fcfc68742160804b4

    SHA1

    a02eafefec8ace0aad04d654996a07f229722737

    SHA256

    05cd33aabf97531a8b06b30cd38391e2096e72579ba3b2420baebad6e8a33e70

    SHA512

    a4a2b849cd3a4f53fe30434794aa4bec3566084f2826b4dbc6e41637d98acf9c432737010a8dad3c57c796418e061d7a323159bc1f28ba295d5a7f2e94e00365

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    e73468902801114589f5c95a7422a74a

    SHA1

    e003863c86a297f02dd3720d02d840cc1d55a55f

    SHA256

    a2db0b849ed4dedd5bf1a55a374f86e8f13cb28ca688100df9012eaaf9f2559f

    SHA512

    ae4c1d4aad965f70ca97207d04873305265ac13c579d9c031318207b2799c3fbaef5868d459aa3df37a67359731f8af0475a7cc452212ba3a8b987ed7fbf5ca2

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    3KB

    MD5

    440de5b92922e668583e4c983d67f1aa

    SHA1

    1e798cffa9bc082028e0444bc06440ddead107f7

    SHA256

    8baa34102ba77de1b0619bfbc58c6e5ee73838157b4fe1e59ecd4ceb8c8f7242

    SHA512

    8c794c0b77519b46ef5931799787d74ceb3b330fafa6c53d83a50e45ddc886a2acea9f024a16015abdbc12dfab5571bf15fc5432b1a8f88dd795492f624b8b04