87bd5dca6830fa4e79f6be18b3ee94d32a304ebf96a4cff4a979ee051d392492

Analysis

max time kernel
21s
max time network
151s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
02-04-2024 10:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a.apk
Size

3.4MB
MD5

2e4bbafce56cce8563054c93f34c8f4e
SHA1

71f920d527af88bb1fa055ccf78199ed9bb47faf
SHA256

ad3e12c568548b28c0856586a92460150175344403a00f4f023ad229f3c14b9a
SHA512

da64fffbcabaaf48a0d5ee407f381680e1ffa804f7d3e189cfa0bbc9ee6dd3e8c38f3ecd696780953da90eea4641ace842747c035bf8abd5d8d59d3dd2598c9d
SSDEEP

98304:l3ndmZBa7LLP15oTwr5q8O0AaeMPNv2xWkVSKd:l3dmZBanLP12dev+pd

Score

6^/10

Malware Config

Signatures

Acquires the wake lock 1 IoCs

Processes:

com.drnull.v5

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.drnull.v5

Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes:

com.drnull.v5

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.drnull.v5

com.drnull.v5
1⤵
- Acquires the wake lock
- Uses Crypto APIs (Might try to encrypt user data)
PID:4464

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.drnull.v5/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
9cb5ce692f4024f27b0040b0f12e9f62

SHA1
41855f5b1cfd58edfa6c9b12fbbba691480feed9

SHA256
32fa5d66b77f79edc992a20fc76631c51a6ac64ba2bf6db2caf0624b400bcadd

SHA512
5f3375b628dec5a8f87a9735c89f23a0a4a1d407b4a0c63732686ec2179a47a2385c868b4fbcce085597d287acb9b51e02c133783cd7dbc60ea0554329d85ae2

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
568f391174bbf7e25b3cab152c592864

SHA1
79cabe47714df45612ab86603cdd7d64138554d4

SHA256
a1570d8b63e130aacb9b9f419e21a483b959d7b8d2daa8a7dbbb3d181004625b

SHA512
4cdd500e4ed8e10439bc74c80847fd6259236d3d1281eba6ec1c3e23a9cf09162e66062f26a7e450baf6d58f1942b96e03dbd3afb9db1f70a7c083569d79a302

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
cd7cf5e81354cd7d2a894e14d1beeb57

SHA1
e8d9574e92b6a2a6e90b949997cac186ccfe258a

SHA256
53bb76d7e913b6c70821b274cf863fa16d3299b27bb228dcd12a8ce1fe7e3040

SHA512
3e3956c7734007cb4debfc91448e2c8bd7f01f9e0334dbbaced3e20cd496d14036a0835ef8b29a5b3b56d1dccba8e88b9be4f5128d4a844e5316ee06d85fb7be

Download Submit
/data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
45d4b776e045f05c0084e32612e0832f

SHA1
e0338d14d35a0922abd95e37dc296bb1b69edc0d

SHA256
6ac2eb12d7183d972d65bf2da46b921e0a25adddf28f88769ddad785eb04a751

SHA512
03203cc607529decbd129c9ab242b2988a7e2dce348f181812d3a9f9ff30dd74027f9115eea40c063676c960f44f27ea0466c0096c46c241a30e4d60ac925131

Download Submit
/data/data/com.drnull.v5/files/PersistedInstallation1698827919192209515tmp

Filesize
90B

MD5
f88a330f420be9dbefdbcdff2772270f

SHA1
6cd62db0d9db4f5cee9f33a25c879315015c27f6

SHA256
e7fa397482e8bc5b9097c8865a89735c9da77604acc168ecc25a5c75e85079b9

SHA512
cb1bd2dadae8c9daa726297aa7739f770950f5599ac763b2d09e31daf13199db64c0a52826b98a700fb1ad02fd231123a252f47a6619fdf98d0ced246b86c109

Download Submit
/data/data/com.drnull.v5/files/PersistedInstallation1778620881807047690tmp

Filesize
570B

MD5
0b0227a584a1c74af1a2751e2d0c9f0f

SHA1
c860f2b390d70656fb373721db665f6a7386b6f0

SHA256
f327c7677d6978a4b548b3e34857f47d27bba14397af3c3d8a3a7967b466bb13

SHA512
192970581dab6532888be8f6503d70b33cd0d9d4f2a1574a2ab0aceaa4bb6369856bab275d72083f69d54dd2e27207abd4093f5e4480925aedeb9a9dd195b9ed

Download Submit
/data/data/com.drnull.v5/files/database.db

Filesize
102B

MD5
894ff4653866683213f8c305cd3fbb16

SHA1
28c66d09f1e0ed53d8c9436a25e367054586cf78

SHA256
ba36fb2a653b6afc3c35b89587bc6907670c7c10e854503152bf4ea82c67bfe6

SHA512
0b94926faf5df93ad34fc193458c1a99db2382857444c690b4bff81539934d490dd2ff7331952ab4a6bc7616a99df925ab24b4ac01cfde863ad921d324fb0420

Download Submit
/data/data/com.drnull.v5/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
e2e8571aeac1b88975ebd03eb71e386f

SHA1
30cefaae8fe1933940825ef5eb316967c7dfa9a0

SHA256
515af62ffb85951d9bb469f055dbe75524fa29b052254063712e6f6971bd82df

SHA512
51b997ff4e1a315f504a26a1cd942dd3a155372ac352b7ba12b11a1e813a141c51255d3ec3004024f873280e0ee4f4e695d7e89bc104ed6680b0bc2ef79666f4

Download Submit
/data/misc/profiles/cur/0/com.drnull.v5/primary.prof

Filesize
1KB

MD5
71a2513c209c8239600dba4a08f44e11

SHA1
5bbecfe2ceff2e85bf7e6f0dd4b446fd706a7588

SHA256
a9e27277be6cd2059f1fc3a57f92449d56ed7f6464381c3bd402d5bf541aea94

SHA512
d2d6e80c92f079312eb7e049736f93266a5506459b793937bbe191200ef01d1ab80949cd956147bf85c72523a9fc7e23bb1cdb0e1e843e41373d1a6483c013de

Download Submit