Analysis

  • max time kernel
    47s
  • max time network
    136s
  • platform
    android_x64
  • resource
    android-x64-20240221-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
  • submitted
    19-03-2024 11:06

General

  • Target

    app.apk

  • Size

    3.4MB

  • MD5

    f2c6d87cdcccf037b8eda023365efe97

  • SHA1

    4044c41315054a0b50f7bf8f98a90cdd2e765f75

  • SHA256

    4035836dff03e5565a72b743deb1fd96b8f4eeef4554894a9777a1561a543e2a

  • SHA512

    65fd7ad4fe15a3e5e30fde89703514ef6781180f40353f68b33ac27d685973e93087a5c9213cbbc189823b124aaee23392acb689d4de32e6f2379607e54ba360

  • SSDEEP

    98304:gFttRPzDjoTwr5qCRbDrMomf9+/+c3BcAJwN:ctnDkAC9+zlwN

Score
6/10

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5045

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events

    Filesize

    56KB

    MD5

    0863924463582578ba7a28c321bff007

    SHA1

    493f04faa0d49201961047c7dd609f48d3d65957

    SHA256

    b31ac39f928a01d7aa4b240450fcc945b7191764701caee74101e1a3aee22acb

    SHA512

    7f34afafd1d97e8b3dd5a61217d9a5a72d0a946765ce71b5d47b6d18608e73711b373759914dc5b3d470e4867c0e85ff0151240c7c12cd45fefd7df4d7772935

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    f804508abbbffe22d4cf112ab4dd81ed

    SHA1

    c38c2233879f0fbfe04af2eed25cbb7a7fc204db

    SHA256

    2ce7792159ef80ca20ca907f126a8f1c7340c28c66c4fb3e04079380f9ef3d49

    SHA512

    3d56d55aa2606758e674defaa5156d37841185cd97e36cc26afdd751247115857be0aed47a5ef2debb6d7f59221f030ea119f6ba4b17b126f8c9c6eac3e2066c

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    5b4acbe47cf04aadbfc06edb862f14ae

    SHA1

    2debca62d1c006983459a5f506527b6b7d53a4b2

    SHA256

    0e59f23270169e5d733b31fdc1caa3603dbfc94046a342d5b24614d09d983b9a

    SHA512

    2429ae4d09fdeca7fd3333028b354cd8f743f88c64bdac56e7db3e1a8da034e05f62389ba26ec1f0c1d80c796505682b1e7f74c41f09b6830efe7ad20ae8f6cf

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    c7fd42a98eb969e125ce233d6df910c7

    SHA1

    c1ecd0af4379d7e5314da2c168ed5572592696a4

    SHA256

    aa4f29082a6702bb6e4ac85ffe16748d766953928c1149c33d306d57e9952982

    SHA512

    e9f4417c91ced20a75e373ba03583d27eaaa30460ecb43837f756f3e4aa678c337eab580977113105effc3baab86aae331d30c4e39513868c0bfe09331de61bc

  • /data/data/com.drnull.v5/files/PersistedInstallation3326093639980059704tmp

    Filesize

    90B

    MD5

    597c2ccda0086b1794e992ea4afb2ca9

    SHA1

    a023541e71f001194c54bb0832a702db56a79290

    SHA256

    93f6bc68d41c9f93ee86c456e37a2a49fcb13f2af09ba8323226415dd856f45e

    SHA512

    cfb388f598a94ecd38c389955968b0a5c2d2af880f8221e32b70e404f73efa7b0d9c4ed61d38ac56a6c59300930ef84a46e5c0c851fc8467841961a288888a3d

  • /data/data/com.drnull.v5/files/PersistedInstallation5613447020212544787tmp

    Filesize

    569B

    MD5

    55f4e9349b01c45338aaf259ffc09b85

    SHA1

    c78c7f1b8ee2711a7fed2bc7e51a88c72d0ef507

    SHA256

    572ee4e586f1df7274e73fe728d7ff5e99d1b4ae3e2b26d6a86b055402b26f6c

    SHA512

    3407304a7044be4598a411c542ab059e57c49b46f1c75f7a848e6d9a95a4b9becc3eb6b7bc3e7b0455a81ff72b080f84b7b606f00b9825c1e47e134552578f2f

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    2434098cf08e5e1da2607ce99259920d

    SHA1

    a718583d489853190760d38c668d33904384d099

    SHA256

    dd7ce01954aa8b83d3760b8b0502e4e5845f4b2891063bd23ce109ffca7e43e8

    SHA512

    b324efc9cdcb19323405f125b215af9c228e5cf1a94c32a2e032d238e30d474e1ecbc913fdae28f087580f2011e81453f0f801d835e9815442a203b0fbc773dc

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    dfbbd806e2488d593e8a19b94742745c

    SHA1

    894fb14deeaa84ed8e8fb0eeeb98f319c631ba95

    SHA256

    4fa22c9236a7f1bba8d3a25fd3f001708355fc4c2afd83e1b84cc656d6db2083

    SHA512

    2e98e4725d9d782ca390543641dd1120eaae79211b1678a753a934a6333f511763b0195077c5357c7bc757fb19cbd972b51d54f16b717043a6b313d3b45a670c

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    102B

    MD5

    1a5514da1d24367a53803a0e356970d0

    SHA1

    44a8167f0b3382dc1a27752c7bffcdad24e11ebc

    SHA256

    d743a527d78ac09e5d52073323c7bad75fe531dffb5ffb82c93f8780f064c2d0

    SHA512

    b9556b113715f1cbe6975a314b10e6e7bbe9e421469533fea437571bf094b2c8af3d6341659cdaad097bbbc42a4e446c970213da4b58844e514148e841ff7581

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    177B

    MD5

    b7f856550259d737c8dbcdb5132203c9

    SHA1

    036d3fed5e8968f0ca8b1e67cf0ad0a4eb94c1f3

    SHA256

    93f661568375d1e7f74f8c1cdde5ae4d4710cd64f477fc087d382ae926fc61ab

    SHA512

    666341ff3c907c7379dd9c716c0619df09f6468398608886fa0e4e8f5d06e2cc8ced3516c6bc962337c6facb0a0ed24eefe31c362f4883bc0938432498b119df

  • /data/data/com.drnull.v5/files/database.db

    Filesize

    368B

    MD5

    2b28814048bc8fdfdbd7942c82baa242

    SHA1

    5ab20721a472cbc2944ee4cb3dee58972530c75d

    SHA256

    fca2d645085f47532ccc9cf1b0333e46d4b35b868e1ed026e9e8028a2b512dbf

    SHA512

    c749e96dadbe9d64bd223e3b1d1e42499ca210d0d84c28a88016fab1ec76e4a4c8217752364aec186b3dad51c1fa7b24245a393d689443dfd00c4a44638f39e0

  • /data/data/com.drnull.v5/files/profileInstalled

    Filesize

    24B

    MD5

    c1f734c28c67d1adfbced21c5387aeb2

    SHA1

    fc8a018e6e7b6a53f81dfb8d232cebf47a548ec4

    SHA256

    a7229fa24dc416120a9d3eb55edf1de308d10f0ae353c65390deae8b87e2901a

    SHA512

    7ed1e19e576a879f8622aa51f762cf59a7d167ee1c36d944624611f87db6570bb8016c74ecac44cb1c7b3c4ce62abf9911bb1ef82ad3980c06f5e5d85ea86677

  • /data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    831a0e4afcf392c843c6cb09fef0a8ff

    SHA1

    0e619ae220ea1e6c3e7719b1c061585b04641383

    SHA256

    a54c1d4323a445624744cb5798e81a7698f891bc426e9878e3de8ddf013048cc

    SHA512

    67cef8a48b62699c7f51c5df4d4ee815511ad5a1d14a585d832991aae2da96d9c6ca4febc1773448a5751ebda70fc8e22f84d5ea22317c6597411f3479914d97

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    1KB

    MD5

    a59b0cb6683d371e99b7356cbb700027

    SHA1

    e8eb99edf1e93bf8741a73c95a3d9621517ab72e

    SHA256

    e0bcab712a7eb3b8880ad89f8d1098c67cd9435e0ab1f6ed46aada28cb72b732

    SHA512

    55adb5a1e0b143bc0af06dfa0515e123cfafbdd3646ab0188c9d9d2f6e9a7ebb8dc4fb53c787b618ccb4196ecab668f03693203ec59394a4032b88993e3bdb9c

  • /data/misc/profiles/cur/0/com.drnull.v5/primary.prof

    Filesize

    2KB

    MD5

    4a38ace36e460a0199d8075fefecd94f

    SHA1

    cdf0e032575019d7d2f16c59da1e65c48116a117

    SHA256

    15e64823a97df0504c073394b360f0b0c87ad77c5154b4aa8228d10726bd5d79

    SHA512

    46c5d7591995a1baf48aa96708fdb67bf52fd74c8be9de90ce27d0e4a9008558059e43cd5c80b087612207c679285c7231a3b47547f0ae2367ec78071217de57