Analysis

  • max time kernel
    106s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-20240221-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
  • submitted
    17-03-2024 02:07

General

  • Target

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05.apk

  • Size

    3.4MB

  • MD5

    0426f0f7d5c8ccac04f8e30077d7d1ea

  • SHA1

    724612f75ec32a0bc96cb8a389044f3fd54bc39c

  • SHA256

    5bc930ea8c6d53a3f9d4081a99d604bde58b5503aaa937c969a26c01d0f86c05

  • SHA512

    b3cb2e070c2d85323b740774ea19acc9e701df12d35d61924cca9ab78fc61f843b864b5d977365c571b2e0f192917cff270653b9457fdd1dbee8bb44096511fa

  • SSDEEP

    98304:Bl4wny2QuzEoTwr5qox+Jh8kVflKouoCxn:B3hQuz12OlEZ

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5031

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    12KB

    MD5

    ea628e04765adaf4238a5dcdff4bbd51

    SHA1

    a801947619ea8c368efe9c006a324dc6339ac60b

    SHA256

    885e337c2156e4dbf2176a9677ade50418740532d222ccae5ad4aa371b54c6a4

    SHA512

    c0287b0e7b690a7231a37d1745c49f3d861b22aa65dd769ba6a8b5ab9da55443f749957781ee05a405019c39e1be45d37a971b821bffd62a1d5620bc39119abe

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    69f539019560352ae8c5f9f4ac7b5aae

    SHA1

    6a43cf6eeac311181c6e67503fd80cc308d4fc38

    SHA256

    d4949a1626075dab358074c80a40ca64dc92ee07904cb854ac5f29b1f1b5f4c7

    SHA512

    201635d250fcd5e02c4cceecb8b5e85e9ace460d52429f5b029eb19278b5629263ef3e61a44c0907943085972519a3d994cce23633a235cdfa1737377aeef537

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    502020ac9cfe72370a4749b19efece90

    SHA1

    83b88367f87b2b49233918bf4e09ca663d47b8f7

    SHA256

    c2d50edafed558a2d3b63b554d1f7b01ebdff9e7d5bd5a0796f35a180166fbf4

    SHA512

    e306f40b6faa166121a0bee7823f10dab6cd563dcb120a601469254b8fd34660e783ba0f7d1706edab7b790f9d38787b52a2fe28852df2461982ef4b0dde7eb7

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    0dc39d695044050d7cc36114b70c4bbc

    SHA1

    0b8de1ad0bdb2b1743e1c8bfa232dee5fd538f9f

    SHA256

    a3857b3375c8a13971578ad384105491851371256f2a880258dc8b5b86288702

    SHA512

    b04f157106fe6601e5e3d48ddce86fd5d0d6f0b6d873367779ed28abbc9c47d18956a37b75c397624136caea83d2c3ef710a69a699160248b711249810ad0c3b

  • /data/data/com.drnull.v5/files/PersistedInstallation2612922284243085510tmp

    Filesize

    90B

    MD5

    bdcda8bacc6ce5ce55f37c768bda573c

    SHA1

    9ccc4fe506d20dc7c160720a97e6084326db6436

    SHA256

    90f4c3d969f66aed13cc58f63c0b840c16abc0f2144b7ce24507c181daf16c6c

    SHA512

    79976acca2c8eaa400bafba64749c83eba5d38401989a6d1c369df6e7f25da01778221bd85dfa8e8d56666e93321b08f384f3afcaf92807d58997b51bff00632

  • /data/data/com.drnull.v5/files/PersistedInstallation6057280320231308677tmp

    Filesize

    567B

    MD5

    3c795b5b2a86ba9af1c55c5d41cc0747

    SHA1

    6c6f1584b7134301f588a87aa209b60f6c3bb6dd

    SHA256

    74fad8037624979e4fdc54dcd57b04f3c2c02fbf046da17e436a536379499a0a

    SHA512

    93d22d4b61eecc43837885f75e87fc0874df87aa2249dd85dec7f3a0e317fb131512517b2cf486e1edb45b63d38b66712ac4eea3da21999b7f3e1e82b524cf57

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    947531ae14a4baa72d55287fc764542c

    SHA1

    fe7ed2a57f37fbae719936fbf95f664eaba20310

    SHA256

    44c42bd30c9b21a48e49386e4d002927f47d943c1f8d18eb59c2565f0f14b00a

    SHA512

    d60c8fcc96a9054e4f59184d19a6b1533f33fe4fc3d897cb5245b10bea3836d974fd4a3f372c5056535588338c1a0c22950373577340fd1fcaa64200d9c0ba29

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    845260942ac3983009310f0b30029e93

    SHA1

    76e121a16b0f9764555588d8417409c900b65060

    SHA256

    9e44038478099e8663d1496f1e715e2067817e7b3af95708fbc8d54a233dedbe

    SHA512

    ff4f48ccb587a353f0519328ab06f432eb83e04f53737ce7154a2e02197f7dbf7973ae534ffaa9f4d86f5697a60f512370a6b3af92723e18f3b52c7a69bf5776

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    36d9b33d01ba7fac1fcd49873cd76e33

    SHA1

    fbe6f73f00dd52f501d854dc5e4dbebc349b2e1d

    SHA256

    963350dd357afe7980aee7ccfd373d2e0c9b0bb3bb1811149aa5d44d257e3132

    SHA512

    9553bd467f4e9887bf56f1efecf90fcfba92c4d02bf552839f70f8c960f184ab3495f524ab35456bdb6c0b207de878c8cadcb8792618f4de606ae2b965e56dea

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    9f8227a7b38a63a336af40e88765d607

    SHA1

    f6b784a57259cef07e4095c9e37c52e010b2533d

    SHA256

    4433dbc13770f0b4b93fbe193700cc175ad39d43023e08f4b5370a4183506c97

    SHA512

    7567d4bf0606521e89841b9ffc37ad3d8cb84ea3ef5459d51241a108d8baeea494827914c97d9e448fff252c2dea86bb98b7a042866bc93174146c95e1833c76

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    ed07502f541ac7a7631e0e7156aae500

    SHA1

    421b70ae86129a490852d538229d4abb62e5ae4d

    SHA256

    47492f6a70e41c76c8d117faea7548faab1007ca99eca6407ee044f58d7d3dcf

    SHA512

    05bd60cc7c047a7e8a3307736ba0cfdec5052207bc36ed2c090d9efdadc1c1ebc419b5018b23bd012692607e5e7350b4b50cd4cfc248f67748305bccaa3bfe4e

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    e73468902801114589f5c95a7422a74a

    SHA1

    e003863c86a297f02dd3720d02d840cc1d55a55f

    SHA256

    a2db0b849ed4dedd5bf1a55a374f86e8f13cb28ca688100df9012eaaf9f2559f

    SHA512

    ae4c1d4aad965f70ca97207d04873305265ac13c579d9c031318207b2799c3fbaef5868d459aa3df37a67359731f8af0475a7cc452212ba3a8b987ed7fbf5ca2

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    2KB

    MD5

    eb1f8121d0b189c14a6ced8826786989

    SHA1

    ebfcba6c310e1a483ebee7a9d4129018aa913dab

    SHA256

    21d5bd7f70fa5cea6a442a97569eba2620bfd1d0c5aecd0e3b2c3230c6fae968

    SHA512

    55327fe97c306912037f3640de1577704db81d577286df417c603b7d4629579cda09be93d7e87a75f4dfc9d466482f784f15a8c3520abd9766c943c61b898135