Analysis

  • max time kernel
    24s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    16-03-2024 02:15

General

  • Target

    3a91e5ace8cbd8a29968bd400c63f893d4300422a17db9d0df2162f49d1c0388.apk

  • Size

    3.4MB

  • MD5

    ecc3c4a1716431fe424770c1ae7aefe9

  • SHA1

    c87652ef7efdbe782798677d76d3ed7285f2d905

  • SHA256

    3a91e5ace8cbd8a29968bd400c63f893d4300422a17db9d0df2162f49d1c0388

  • SHA512

    863b6db3ac143cebd03d2ef0499f337599d29f4a5e34b2e9eeb0f5b32a801392b94b369f1560918244a002c750096d62078c2306af9100f463cebbe62e1fbc2f

  • SSDEEP

    98304:A3ndmZBa7LLP1yoTwr5qQpCFZg0h+Tmp6MBEx:A3dmZBanLP1PCXT6U

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4239

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    12KB

    MD5

    edb655088d1ed9f33f9d0d499b7a3ef5

    SHA1

    565c4f4e43179dbfc285cd6331dc8ac75a901af8

    SHA256

    bb9e45aad35b43e895393e7a66e4ead6a5f728f90b7627e3c741d391bf65d4f9

    SHA512

    98cbf923880de82921c38973fbc6d711dc39884428d1eb4ead33658a5a7f163734e5121823d5b043ca44554d19c5b6f966674ac7291513944a94cec97d5be599

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    e579f1c80d1e2ac37e8be746e63710f6

    SHA1

    e0f135d978dc377f1f9aa17dad2c1f4b9555596a

    SHA256

    63b2795746b985654b0bb887a53319f2d7325dd903b7cb51ab6d9e3b8848c378

    SHA512

    38f1aa12c6a1b938d1297ffcfeb120bc832beacb6a547614de5c272b6b1bc5c0f697767659029987c4891fa059abf4cc3c5916d06dd9d0d2b8d8d05526ddc867

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    fe5f34c1b853949f828ce0a38d7b0ffc

    SHA1

    1872e46e88eb7cce3e336cdaa1c8fc12481a10f4

    SHA256

    0c773c3ac0655df4b81c57be126b312d0e0cc24081f12d9bbb27394d946ea345

    SHA512

    708c3a2cb4c690be05251e830aebeb10db54c025b874246aaa588db6d6bcb286361efae262534f8602a23bbf3b91f9637b4c280618572b5bd9f050545960e007

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    80b6af0d036c14c695e695ce1a0fd533

    SHA1

    55cef1592ad3256d7d4720bb342ae3d0b0217710

    SHA256

    200982a52fbf8e4b2387d3e14ebb6f867092af0439e7e1075f0038d1ea67cb53

    SHA512

    62b325fb66ecb5351a0f9f10829e065bea26e537245f72acb07214bb6b5e4f111398f654bcedf46a69a68e6c680cc63000cfbc1219f9e85b59bf62e76e5a20f5

  • /data/data/com.drnull.v5/files/PersistedInstallation6688086111823318999tmp

    Filesize

    569B

    MD5

    17b1263eeb9b5216596a6eb380cef676

    SHA1

    b6bdbc8bdbfad2749eb102a94a6e1514989057ae

    SHA256

    6ac0b69a339af36c27b3f5e89e1057040297143bebe089f4b94c7efb08aa71e6

    SHA512

    d389c920342f5c3e143305c749e04214e7c2bfe2db0964d4f5570e3ee684669d22e4cf01f9776144b211499b1bf115545da60ed2f96025f90735f1fd04b181c7

  • /data/data/com.drnull.v5/files/PersistedInstallation7925580708968166304tmp

    Filesize

    90B

    MD5

    993d6d9646d53cdbd372759dc4bfdc9d

    SHA1

    775a4ec95c0becd4bf9e4a1f3f636af44882062d

    SHA256

    6a3fecb31a4bf8aee026f30cb9c79f2a3b7f0b21158a46e7bf35d1e4557953d0

    SHA512

    c473eeaab89a5af9772c99116bd8f8df98649932a61a9e226dc68442eabd575cf4044d70b4003ea694884962ade764bf42bcd0e3c882c8274ea9d584a9a2587e

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    b9d478d9fc72e0d2bbab57516afc2486

    SHA1

    7a9f2b7270838c0923815eff5a21b2a012e64fd8

    SHA256

    3ff10491d8259141a35a6b7a119b388ecfa28d16bd61ebc3f04590a812d6f4c1

    SHA512

    26a7bbd45eef52acf53c5cab117ec1ba51ca0600aa23fa4c562dae067ca1e134f62de8376f8a1c415ee7451d4697f25b18698f119deda476c5d88ee16e65a428

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    eecd5379d316441aea65d3c8a50f8368

    SHA1

    91dfe973eadc33ac549ca3424c432251148a82ab

    SHA256

    41d97635d83b24928b0fd812889ade30223cdc7e12283977ff8f310499f91c0a

    SHA512

    13e5e2405b715250f6f02e01bbbd56c38e660c4cc0283f9087238e6eeea66953eb415459a814f6f5a4f16b4b3d27814a0c45a49a13199d47d09ddfb5cfa34f82

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    48c27b042257984e7196a7f837cd3bb7

    SHA1

    7f490c16a977fa5ce844d24c0a3532c28a5f8ab9

    SHA256

    4f5d9dffe931254223d199784f1362038dfd39e25f9f574a6380ea3cdf58ce48

    SHA512

    5458dd4e9818de0cd53b5c4eae0e969cecea6f1f531c3ab12ac0b24485b729da2477d190a0cc0f7093434078ce4fd3dab6caf833e60acbc35a94fc40e0782f07