Analysis

  • max time kernel
    19s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    16-03-2024 00:37

General

  • Target

    base.apk

  • Size

    3.4MB

  • MD5

    0426f0f7d5c8ccac04f8e30077d7d1ea

  • SHA1

    724612f75ec32a0bc96cb8a389044f3fd54bc39c

  • SHA256

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05

  • SHA512

    b3cb2e070c2d85323b740774ea19acc9e701df12d35d61924cca9ab78fc61f843b864b5d977365c571b2e0f192917cff270653b9457fdd1dbee8bb44096511fa

  • SSDEEP

    98304:Bl4wny2QuzEoTwr5qox+Jh8kVflKouoCxn:B3hQuz12OlEZ

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4267

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    ebf130a15b91f0640eadca24352e5416

    SHA1

    b6794b6096dc254d60a47f672b066cf722e62625

    SHA256

    4b89ca99d20e7136e8a015e46a47ac00edd6c1dab8ec9b99783b284d7824580c

    SHA512

    929356d922176b5d73a4aad54a9cf950250974d1ca09cd0200165a552d69f599c5650c32476c86a085bd013567651ea58c38b14f694b88bf99f14b318cfc6e28

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-wal

    Filesize

    16KB

    MD5

    1e7ea5c30de8eb46bfaa22466fe40474

    SHA1

    a6babde801ae9683433483d1071a83d0c2067744

    SHA256

    dcc9666bdddeb31173512d0e15f6bacffb7a9aa959774761b959650c2ca0d3b8

    SHA512

    8437bf9e69a8f7264c8ac5b8e4a41204a3ea1a63a71fea3f694472e87bde4fbaf774c39f909333b1465e7e63630ed7fae0da06383b1828c57c4c31aaa666f72a

  • /data/data/com.drnull.v5/files/PersistedInstallation7584632914215281687tmp

    Filesize

    569B

    MD5

    0027e7195e5eaa5c65de608b167f461d

    SHA1

    849996b0b7426f1be416d48e51f4ab91aa8b9d71

    SHA256

    811ae78e9a7029665367d4a189c04e44a6535f22e3737352132b79c3680b0737

    SHA512

    069976796cda99eb4b35f5ec65f3482b59c118e45688086f08f15edd78c5214d85e5d78178b0baff064bb24b4a8b849b11d0684d948beb0b4635f7cb5a4aa9e2

  • /data/data/com.drnull.v5/files/PersistedInstallation8880040995390218982tmp

    Filesize

    90B

    MD5

    e2bd01e4a119343e8727c9af1e95b6c1

    SHA1

    dbc63e3d36c79af240909dd3df087355f2481e7c

    SHA256

    cd988dbc57fb70bd7c5b602e810a5e25647048ca071080b8196149ebe173f466

    SHA512

    9ee26169da920876f2d66ce7a82dcc7034535ab2d187494b9bd109963a9c25d1de54fa1e81afc03bc1635c802106aca7c28e358420ed823fad7d4b0f9a3b8916

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    dcbf6503676ae969d2523559e2b59858

    SHA1

    c7ea6998a703d21bf824f4c3653451fdcf931602

    SHA256

    2d4e0d81d370353e68729de34104cad930cf589a0d39f48629e1e6cc1c9cbc11

    SHA512

    bdf821cf6a02b1b510a4e26b5d34ac99d115b96ec52e5807ce52afee44bc23b5f9d9152910ca739d42d812a8beee6a536125ec6f21b8d1f7a041f7bacfd972b9

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    df5e652e1e0d9a695843acfb472989b1

    SHA1

    57f94dc4ea186dcd46b9c76bc490a798977e4bdf

    SHA256

    94d48c8a6323cc8ffb73622c8963cf0d80bb28272dec0c425fc3c3df3bcf90f1

    SHA512

    658fa34fd0d0eb33366792cfafc36ced472bb511944252cdc142f2c5093ca5ab3ff9e0f208c646dba96b5317415ad78382309366aa6b015a4ba46c46a69fbf93

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    4f0fa7824e3c37a06a2a5640161bf7f6

    SHA1

    db2ee63bbadfafb2d3faaf41d9cc53e85be70461

    SHA256

    2941ebe1089e7238131a5c6cad6a72a7016f47d0b528c33d353f53aadf9e15a7

    SHA512

    4091c5075c54a9d3392a74d9c7b525f2c584e26eeefcbe9f0ef03b1c3e5979453d0607906287d1c3002c3608b12c9679f044597f8adfb921fc1d6526cdbba72c

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    e73468902801114589f5c95a7422a74a

    SHA1

    e003863c86a297f02dd3720d02d840cc1d55a55f

    SHA256

    a2db0b849ed4dedd5bf1a55a374f86e8f13cb28ca688100df9012eaaf9f2559f

    SHA512

    ae4c1d4aad965f70ca97207d04873305265ac13c579d9c031318207b2799c3fbaef5868d459aa3df37a67359731f8af0475a7cc452212ba3a8b987ed7fbf5ca2