d6869d0862ba76d4562761732b984d87584e64ac11f0688e40a71b356be4ecec

Analysis

max time kernel
20s
max time network
145s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
02-04-2024 10:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3a91e5ace8cbd8a29968bd400c63f893d4300422a17db9d0df2162f49d1c0388.apk
Size

3.4MB
MD5

ecc3c4a1716431fe424770c1ae7aefe9
SHA1

c87652ef7efdbe782798677d76d3ed7285f2d905
SHA256

3a91e5ace8cbd8a29968bd400c63f893d4300422a17db9d0df2162f49d1c0388
SHA512

863b6db3ac143cebd03d2ef0499f337599d29f4a5e34b2e9eeb0f5b32a801392b94b369f1560918244a002c750096d62078c2306af9100f463cebbe62e1fbc2f
SSDEEP

98304:A3ndmZBa7LLP1yoTwr5qQpCFZg0h+Tmp6MBEx:A3dmZBanLP1PCXT6U

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.drnull.v5

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.drnull.v5

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.drnull.v5

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.drnull.v5

com.drnull.v5
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4437

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.drnull.v5/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
4bce3082ee03559d14a512a8740f57d5

SHA1
bedf7a89dfa6a9091d5b42c3b1d46aad6ae3eb6b

SHA256
7f02dea140f292215ebef1af8d9b7db24407780a8e4e47aaf643c8cf23c0ed9d

SHA512
38acea8333f4eee5ec6bb0a1dc9fffe5d923267414bbf91a0cb7ec72834473fcd993cd31c447f6ea9f9b91b45da6c8fe1daec95e7d1bf2acec4f7448e2bd56d9

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
5c214c3dc84adc7a14bc095656ec838b

SHA1
0484d4042f826d279d70abe8d42d53bcd9af6e02

SHA256
adefa82913d952642994aa7a0da6a409c3c8229d6e3a20f1ecbf0d1f0bad4501

SHA512
33388248a6dbcd1ae8dc3fd5c1895c9883fa8c4e12300171aabb7c2654c2492ecb133a8eb4c9c8fa76e642763d6a978017237e32f749f877b8cfedd1a630ccfd

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8fb867cf51d243f1df74276111a88ed2

SHA1
90b06693459a640edd38e0d5d0a70a77736bddd0

SHA256
0981fb3d3a425c3bac15f34f7c53f893291991c4b5e9c19fa6381114161f38e8

SHA512
70d653a5b3ed45fa159e059ea5dfdea178e9c25dbaf3ace368fed45db09e778772e033e317de9d598b71f365af9b1cd34e562271af0316c995b68d6362489b5e

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
cd947065fe512167dda2f9570edb3be6

SHA1
50afcd8f6eab51c7a7ae55838630ca444558693c

SHA256
451d7e2c155cf9ebdda5b38687286f6fd9e758eff23cfe225faf5aeb2f2d0b36

SHA512
f42d4b160bdeda51c2d87293cc56d8d503bc50acea89d25909dd9dda81862c4b64f4a533f4d59299147cc37199629466d6f90686df2183272015014a084936a0

Download Submit
/data/data/com.drnull.v5/files/PersistedInstallation2583072934559388792tmp

Filesize
90B

MD5
9a21a711cf5210d75ac36b893f328054

SHA1
3118e7accc208d20376baffba11ab3fc827984d6

SHA256
1da0d265593cffde8726924fac86da0662a2b4c134730bbd7635ef520f91b48b

SHA512
2d7165bb12dfaef4915968f9085cbe4597e695566665c0f8442a98baf4beb95911313f79b06c121a18b175352a0d766f49e92d9c45299882dcf1bbc29d3a86a6

Download Submit
/data/data/com.drnull.v5/files/PersistedInstallation5135560214534964442tmp

Filesize
567B

MD5
1dfae99bb778be5e9f49de5ba43aec7d

SHA1
f2dac7d385cde04cf757d99f02f948a24e199328

SHA256
6f0b243eafc863ca4721fe7120de7816435dd0e94cfcf0d86a74ae98c023ee1c

SHA512
0ff96df297c061c1dcd10ca3410a7b3222c5b76f61415e1655632e6b7faf09a06e6f3391b4b331522269e0e7d1ab1659f2b9242e53ddebe3adc0ac64e9369862

Download Submit
/data/data/com.drnull.v5/files/database.db

Filesize
102B

MD5
98df262e79747727357f6b518101ca48

SHA1
f90bc05c714b7ea577d3d60cf52c4029d90a7144

SHA256
1f692c70f655985b3a00d7280a8b3531684980cbeffc0c30930e6b2d6eb07d74

SHA512
545dc911428ad28dc276f3ae560c61893b34d855dce9e37013483bc0597bb2cd3fd3f947dc52f260c8a3aa171c29b69100146b3615176abdb73465cca247b8a7

Download Submit
/data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
26b594b25e94aa65ab4d5a522527d00a

SHA1
718f7b36d25b540f59e108977105267c2faf1ab2

SHA256
f46aa5b3aeeeaa9625d4a87b860a1e8b28ed96a57a2c1d9dab1612de0c384159

SHA512
8f0aadb429ec1ab49256bd4cd772b485891736fd7e16de94f73b119465608ffb31399fa48db51b07843ceda145d319d3ad99271a82456d4a9aa75bd67114f311

Download Submit
/data/misc/profiles/cur/0/com.drnull.v5/primary.prof

Filesize
1KB

MD5
71a2513c209c8239600dba4a08f44e11

SHA1
5bbecfe2ceff2e85bf7e6f0dd4b446fd706a7588

SHA256
a9e27277be6cd2059f1fc3a57f92449d56ed7f6464381c3bd402d5bf541aea94

SHA512
d2d6e80c92f079312eb7e049736f93266a5506459b793937bbe191200ef01d1ab80949cd956147bf85c72523a9fc7e23bb1cdb0e1e843e41373d1a6483c013de

Download Submit