Analysis

  • max time kernel
    19s
  • max time network
    139s
  • platform
    android_x86
  • resource
    android-x86-arm-20240221-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
  • submitted
    17-03-2024 02:07

General

  • Target

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05.apk

  • Size

    3.4MB

  • MD5

    0426f0f7d5c8ccac04f8e30077d7d1ea

  • SHA1

    724612f75ec32a0bc96cb8a389044f3fd54bc39c

  • SHA256

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05

  • SHA512

    b3cb2e070c2d85323b740774ea19acc9e701df12d35d61924cca9ab78fc61f843b864b5d977365c571b2e0f192917cff270653b9457fdd1dbee8bb44096511fa

  • SSDEEP

    98304:Bl4wny2QuzEoTwr5qox+Jh8kVflKouoCxn:B3hQuz12OlEZ

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4278

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    8107eece9c2dff682d20925ccc93d052

    SHA1

    f1f09cebc1f40c5e35ce10dfa630ea44e4669226

    SHA256

    afffb344284d7f96a717ac92d25527d414907b82b7ddaa25ad361fe6692e93a2

    SHA512

    7ce86c926bdd91ad4b28d4152792acb08526bd43579c77635fceb89e47c2e7588d5ee6271e8a8be3cee81648155b7f0410d7b4315ded4b29641a067d4f1214df

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-shm

    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-wal

    Filesize

    16KB

    MD5

    09c94405b1a0f29ff33d2dc8c2d63694

    SHA1

    1e661fd3ef903265ad43b0e59c2c761bf773cc27

    SHA256

    82ad140773af5c96888a3d1c3eac668fe6fda3ff0f32d73da82c7be31ba3526e

    SHA512

    40bac7deb1e7802be914766db92b8a96421f5d7cb10c2aec5c339f500a76d08c4044ecd185c945b55df3d6d5811b0e0eb9dbb5bdb2ef26ad671cfcf6d748c5a2

  • /data/data/com.drnull.v5/files/PersistedInstallation1017918087066384848tmp

    Filesize

    567B

    MD5

    4b6d2e66f8eee10b593a6d8621c5eaa2

    SHA1

    dc120a478bc305fac59651d607eddc781702e33d

    SHA256

    06fed8c6435bfb64e2ee1143e6a2d2c911cb31d3607e607a5078518b4abb3b57

    SHA512

    b65897c813ab0901e03fc65eec2b8ee99f7586a1704def317f0caabe0277d31ccf8be054c49184432636b19b4558c5d1ff810fb7bbf29f354589593562150fad

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    7df084d9d5e724c16ab4822c4714817e

    SHA1

    851fc18276b04e7ad6eb9e86f843a6ea0cf68bd1

    SHA256

    9c98f82b87b029b0e93f59a478c2b316be933bd51f0978249dc73a69e6efd12e

    SHA512

    0308107efe0d4f3f0436d79993e94df69ab4a1515d9ffd3e3dc03fb0afd1382938d5b626d686cf6dc4fa3da0dfa4615634ad47a9ad504cf90acb3a2bcaf36805

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    272ee13d415e97afea5f051449b6c1b5

    SHA1

    a169b10c678ade55b9edfcb6a6f5d70cf2b8bdbe

    SHA256

    88b05f2750f85f1d7c5836312ef38261faba96d572a341eccc5a418963db2c57

    SHA512

    3c161838b7b22a492f4f222b65dfccf411114299def5f5780b7c4635a48dd9376a10de0f487c523882ecab635bef5429492bb74f6d6ef712e8dfc0d850e262d4

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    0e7c3be2dd0a8b2332ea70214a9427fe

    SHA1

    285afe7c6d301d4885b2c8e5e64646928dcafcf8

    SHA256

    b878a670a7e7a23084f0f56d9f06ddbcf7aa8efdc9b69690af1fcff01b7bfc8c

    SHA512

    ab09b61ee02c92a2cac2542178020587f9bc68a2a1a0ebb51d81b0ee98164e8b804e9d5454cbfca023713f8ee24f279ea02066a4bc3b0bd3a2ae046b4fc6618b

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    e73468902801114589f5c95a7422a74a

    SHA1

    e003863c86a297f02dd3720d02d840cc1d55a55f

    SHA256

    a2db0b849ed4dedd5bf1a55a374f86e8f13cb28ca688100df9012eaaf9f2559f

    SHA512

    ae4c1d4aad965f70ca97207d04873305265ac13c579d9c031318207b2799c3fbaef5868d459aa3df37a67359731f8af0475a7cc452212ba3a8b987ed7fbf5ca2