Overview

overview

10

Static

static

10

c4da0509fb...36.apk

android-9-x86

7

c4da0509fb...36.apk

android-11-x64

7

Analysis

  • max time kernel
    6s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    04-04-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4da0509fbef795c266314381755225e50d537538d5be4530c0027875a84ad36.apk

  • Size

    3.5MB

  • MD5

    7d14bf30f874b69d10026b07abcec26a

  • SHA1

    18b4fc2555f1051bd28ac21a3bb7e32e996c00a1

  • SHA256

    c4da0509fbef795c266314381755225e50d537538d5be4530c0027875a84ad36

  • SHA512

    5e21972564c885e08977b4bee56e83a1979a92b766e08c73dd1dd826be7bb8e65ba4494ae301013fa83601d21e4963ea4656b0d59e485760319bc8e993eb3ca6

  • SSDEEP

    98304:41+hKSo6QcUiaLToTwr5Lxy6VSAOH4i4AHI0uuv9b:41WKSo6qioU6kpH/l

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Acquires the wake lock 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Checks memory information
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4472

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events
    Filesize

    56KB

    MD5

    2e9d1c3cae0265eed2882c2b038b4380

    SHA1

    f8aea43d9ebeea7af40605495eeb99ecc2932b45

    SHA256

    6203c57b579f570d62e30ea42730aa2ce2a2d75c5b2aa25e894d814cd8f7510d

    SHA512

    f6932c28364afdc907a1a92f4f853820a8e82c51e348d0a3768476c40826639a31ac27b86e43b1368b12a5cbacb507dd4611da86b90778c7bfc8a850fedba0d1

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    824bf2a43f0e2ffe3aec3bba8ae71f88

    SHA1

    c5ee129b55eb59d2fcbea59086c698733e8583ab

    SHA256

    6f5176b1840e375b62742c4907dc887edabce04aa186214e3c07eeb9652475e5

    SHA512

    3c8b118108f79f6cc2807d15cb462368b5e7c521f1fd0a468dee694acd9b9f94441331a2086ce69ba22b949e8d3514840d5edab2178bd4c0bc21597c6c1d84e6

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    439c250f0967e1afb0c99474e937e2f4

    SHA1

    7d60a9ef7078383c7647469eafa813bac8c60696

    SHA256

    c9b92d78dafa063e8c830399512d49814ad576303bd56740eca9173868a4f355

    SHA512

    b06312b48a9c6c3d499732b5b0b30b4bba0b6850723cebe51978ba3251ed9266aa5487eaa09e4155c7af7a211ae1c00897b71cb5f8cf18aa97d1950a19ceda75

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    49d5190b14fc525042e47cc117a30d88

    SHA1

    93dec142a875ec478c318c427e1fc8d15b862281

    SHA256

    c9815c9dccc2ef28022bf70ea12939734ce3b9908dd653de8ce52ac7343f88ef

    SHA512

    277b020566c91c14fdae45c84677ac739d7dc1fce40f6df7852756eaa14ac0452c83e77870fdd764d96927dca1866cab4c749bd2f4ddb57e629a02f897b02fd7

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation2837260703231540326tmp
    Filesize

    90B

    MD5

    3d98bce9557ced538f5ce18608e5f3dc

    SHA1

    d2d775f4f555310b2f09e48d47e5928bb476d70f

    SHA256

    c4e47bceefffe032cd64f1f88b4cda393d14bbd344c062e64c84b62ed46bad5c

    SHA512

    ed888214394a09ffb8905133b24d428b6d6adba71fad81aad2948e3b8a74344d2655a2b957fc2197071bf02d5e3bb28c94e76967534278f9428f0a01d04680b5

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation81975593146886649tmp
    Filesize

    568B

    MD5

    7db0cba4593421179502f68156899251

    SHA1

    6a972979084c6a0045964212d9360b20f10ceb50

    SHA256

    f6d86dfd66d69307d40ebe47295ffc5dd468b32e52c1559723233e3b7cf92f6e

    SHA512

    ff9501c7adeb9ea2e74e4a4ddadc940db019ad05a2b26a74b134b64ebe6f0fd91826dfa907e024978a436981b148ac086a5a26635662737669d473c0e8641222

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    c0f81c3b9a267ddf575b8549895d2d0b

    SHA1

    f1bcc5107bfbb69de362fd39f8ff99278ea18464

    SHA256

    2efd2371f0e9874adc40555b1a3cc3c8a9fe39dc5d26a3a50d4366916bd74f07

    SHA512

    9b644e50f32712603b2ea0de0f7a843befa1f446c648bd6290c1414a01fc74ca85bd888d2a5417f35f6b59b2e017f3cb07e7e3c444203a0752e45d898438fd79

    Download Submit