Analysis

  • max time kernel
    33s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    16-03-2024 02:43

General

  • Target

    ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a.apk

  • Size

    3.4MB

  • MD5

    2e4bbafce56cce8563054c93f34c8f4e

  • SHA1

    71f920d527af88bb1fa055ccf78199ed9bb47faf

  • SHA256

    ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a

  • SHA512

    da64fffbcabaaf48a0d5ee407f381680e1ffa804f7d3e189cfa0bbc9ee6dd3e8c38f3ecd696780953da90eea4641ace842747c035bf8abd5d8d59d3dd2598c9d

  • SSDEEP

    98304:l3ndmZBa7LLP15oTwr5q8O0AaeMPNv2xWkVSKd:l3dmZBanLP12dev+pd

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4479

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    5e3482788e9a4240a1768a2f0c0c5b53

    SHA1

    2d0e865599a76a5e4902492d99a403ef9ecfc09f

    SHA256

    2d0cb6b690e27a891b6035e03efcb712c9209c260f5727a52645a501f54830c8

    SHA512

    6c8f9c88b4be3ed015bcbc4030a40cfbc398b7a304f8ecc1aee533145329f783973621880115c333fd7b37d89c62ac5bcf03fa138f6fc96925e2c175d474dc31

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-shm

    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-wal

    Filesize

    16KB

    MD5

    21992c7b118dca650c5a04d18aaed300

    SHA1

    8fb62ffab43a79938b7863a94bc75cb1761d4550

    SHA256

    3aaad020e0184f670c889e17423007d374d2b3741657d4d52b03ce9cdb3e2038

    SHA512

    d8925749da52decc3df49ebbe0398c7b7eadf38b6f3611026753bd9c976f7f6f4235d4677463d7f6487b98548a784fc9530a8eca986a97a7042503f8f458042a

  • /data/data/com.drnull.v5/files/PersistedInstallation4720977085592668349tmp

    Filesize

    567B

    MD5

    273647c5f88b323a9248a360f0aceee3

    SHA1

    31a810e3be49acd57d62f88fe5c98c95fb7195ca

    SHA256

    41578a6b0e52c78e8e389537297cb6a4d5c4cca0ca3a899afa0ccb01c65fcb58

    SHA512

    2a40ad7e4429ee327afc55cf9dd9ff783aed49f43621714ec85fbcfdda6a894c85f8922ca2066210eea28ae3471c4b50a980d9670bf19d58ffa624ab0fb95e14

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    5fdbd1b58ed44b6cc0a05493a475e59d

    SHA1

    48f18d50061f5459df77ba456a602d1a033a2b47

    SHA256

    d3c3513900659617c6cfce37cfc65fc02f334022d0c026a8c0e3db81fa98db70

    SHA512

    0e92ed2e7955529b80575f2c9192371a408d2d0a1bb44110c2b693c539d2b225000db5b140885302da4507f8e88dc0dced7ed8c042b2ee69025ea3300446eaa1

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    1f2325b8eb921a042ceb560b9ae5616a

    SHA1

    77a9cad828756d7f23d5e91a2a780bd0e0f9ded0

    SHA256

    0f04556fc702ca5901930a8e553943351d567449d04b15cb4f4476df205b7470

    SHA512

    a10130861757ca1e3850b6b2f89c7901ee1faa6fc303a63a437d534bebe7640eaf03e72fe576c417e7f50efaa9f63df8812f618f117b0072aa439999ad6fa118

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    71a2513c209c8239600dba4a08f44e11

    SHA1

    5bbecfe2ceff2e85bf7e6f0dd4b446fd706a7588

    SHA256

    a9e27277be6cd2059f1fc3a57f92449d56ed7f6464381c3bd402d5bf541aea94

    SHA512

    d2d6e80c92f079312eb7e049736f93266a5506459b793937bbe191200ef01d1ab80949cd956147bf85c72523a9fc7e23bb1cdb0e1e843e41373d1a6483c013de