Analysis

  • max time kernel
    47s
  • max time network
    140s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    16-03-2024 02:43

General

  • Target

    ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a.apk

  • Size

    3.4MB

  • MD5

    2e4bbafce56cce8563054c93f34c8f4e

  • SHA1

    71f920d527af88bb1fa055ccf78199ed9bb47faf

  • SHA256

    ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a

  • SHA512

    da64fffbcabaaf48a0d5ee407f381680e1ffa804f7d3e189cfa0bbc9ee6dd3e8c38f3ecd696780953da90eea4641ace842747c035bf8abd5d8d59d3dd2598c9d

  • SSDEEP

    98304:l3ndmZBa7LLP15oTwr5q8O0AaeMPNv2xWkVSKd:l3dmZBanLP12dev+pd

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4297

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    12KB

    MD5

    c581ff97eea5e61ce351a081c91223db

    SHA1

    4e682cff4edb8ff2b99df4f5b495c74df992fd37

    SHA256

    b3e2392422cdb436631c9769a142388c825b53827fe075a4617584a39b7e2d50

    SHA512

    4ca6d8879cc46760c47660216d6da034169cfc94903165bb33fc82d5d37c3e26517ba84647027f63f0dfd8b3e283a4bb834651858cedf8a147200ee5e503ae31

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    e4c8c4c8f650aa6c56264e891e082aec

    SHA1

    e0b2897dddcc58a1b9013b015f0adb8d889d215a

    SHA256

    35d0ed9029f1c8ba004581b628c70f63916af56d6ddd87d502c02c252fc1742b

    SHA512

    a87887c843342097e2417d241144669cbb02ba1b247efb75c674f94fd81e4adff65c6aa0aeb81c0d90af99778c8f387eed2bda42eb56e5bfe3a82031d6cd3e0c

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    cbdab30677e78ab41c812e1ea28a2431

    SHA1

    bef6deb9431901e4b7dc790ed79011a49ec43e41

    SHA256

    9d39232ca9497ea63c01638df08011382eab3526e7dbbe94f0bab5b9b0dc1a1d

    SHA512

    eb19577a0e85a8eddc5c10f27e34bcc91bde5b150ff446cca0fe82ed99022836175d8db37acaa91abd3881b0a44a99f715e41c61ff31d75efa29863a2846aad3

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    94c6f0c42a035ea18e1480ae1aa2938c

    SHA1

    6250fec2b0d2acf006229753e4dbe5f405c73c98

    SHA256

    3f4c0873ec467950740449315299b085708bebf6e5b4bd3c1223751f0ff07a4f

    SHA512

    20b89d04d4fad72ba7e0d3928129a212fa4f6ac1d190e0a44b2d680cb2b5d2e40ce2c9cf8677dd5694294c3a7b761a898add2dded1d0b0d50e4b3b58eececeae

  • /data/data/com.drnull.v5/files/PersistedInstallation6229230906809583893tmp

    Filesize

    569B

    MD5

    1429c150e72463122d93b66d9edd5264

    SHA1

    6edcfb35f9c4b43f3aff59557d5a0c4d3c610b0a

    SHA256

    fc6bd6ca7d9c7c1b921695b0971f743b8d8443820f0b072b1ee4c744227d1428

    SHA512

    5e7625d9a6102d3bf7beac1bdcd6406003a8db5cd443770f7d8441fe4d548a854b7f21ecf9e8f1cc11eaa647ad9465b1801c878d6c350a6bcd59c6cca9e9d68e

  • /data/data/com.drnull.v5/files/PersistedInstallation8612264766291606366tmp

    Filesize

    90B

    MD5

    d09a6e918c61919eba2cd70735a58374

    SHA1

    50202e86c36e2adea4ba108ce64b796a60ff780f

    SHA256

    c53112e1d72d4913a97ced48f3fb1a07a7649b500e020d2bd51cb37d6c7dada4

    SHA512

    b56b3c1509e0d938505e0e861620f499417c5be4bf80312ca9e18db2dcf86baeac2fb91ee19c3fa5009bbeee0a9018e7f66fca409b4ea395143e328e6f4341ec

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    b7d7f3669aafa0ff360b3ceecfbde360

    SHA1

    836c596526f8c3365bb66ca82ee46d62b44f234a

    SHA256

    29cdd99f21213d1b068be91d62f21b27e85c4aa881406a2bd3d7ba21a886695c

    SHA512

    4d552500c21c3759eb1c999aafb6d92b7f1692cca5d3de8b9c5dd36190594435f0d69b329533842ae3c4df32619a56afb1aa333bb6d04b91af229d55976cfa0f

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    ae410d67a459d886d346298c8ed7b35d

    SHA1

    067ef1cab350e75dbf76588375dbadf2af790913

    SHA256

    24e3cce290c8121a6c255a6c5ca85d72b2ae8a775e8e8b389fc251ff6a3385f0

    SHA512

    ce80616143226bd17c15ced88458de3ba7ca2a2582ff658a6d4124eaedd7c1fe55705af4a389790dea5b2447ae3a25107ef3d1a3eb79a95c023c78849e4bb532

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    48c27b042257984e7196a7f837cd3bb7

    SHA1

    7f490c16a977fa5ce844d24c0a3532c28a5f8ab9

    SHA256

    4f5d9dffe931254223d199784f1362038dfd39e25f9f574a6380ea3cdf58ce48

    SHA512

    5458dd4e9818de0cd53b5c4eae0e969cecea6f1f531c3ab12ac0b24485b729da2477d190a0cc0f7093434078ce4fd3dab6caf833e60acbc35a94fc40e0782f07

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    2KB

    MD5

    8b726c257d91d3850631a0a0d281f118

    SHA1

    65e46122cefbf4ba53e3eb84dd7d57b14fea182a

    SHA256

    5492f97720fc9d73472ae905023d53b32b9fca0d7227ad00f5cc72dd217f9317

    SHA512

    f363099a489bb3f7f24e2748b820db73160d54cefad9bc633bc66f062741fd62d1874084b6f7f499a7a7368f82433b0716ca15f8e0efa822b08c74be29082abe