Overview

overview

10

Static

static

10

app.apk

android-9-x86

7

app.apk

android-11-x64

7

Analysis

  • max time kernel
    5s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    14-04-2024 23:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app.apk

  • Size

    3.6MB

  • MD5

    e6995652396ac7a0219cfb57a95b6374

  • SHA1

    8a5aaae0b26e62a39a75831c1b5e5461bd522abb

  • SHA256

    14786e3fe720be26cbd551badf135dda21c3d0e664d962b95b1ed88081ed5843

  • SHA512

    77cef5499f9660abf90726d520f60ac44cf5f92d6bca161a80db830613bf8e060a6d2e4e09678df2fa2cd4ee13ed2beff9b5a7f65b6fa572e4b6d97ceb6d87a6

  • SSDEEP

    98304:+1+hKSo6QcUiazToTwr5LXMmFgY35gy88XY+tEaI1:+1WKSo6qiccmyAXFw

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Acquires the wake lock 1 IoCs
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.drnull.v5
    1⤵
    • Checks memory information
    • Acquires the wake lock
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4370

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events
    Filesize

    56KB

    MD5

    14f96c0f67ce834a84480b7d2b8c8bea

    SHA1

    46eeaf2f8c4db08f01ef3e3a78168d3adb4ae74a

    SHA256

    2ae775ea94edade3e9030e21108c9caab355e9851d587bc251a807cf6949ee73

    SHA512

    184e3520071f8deeb56e8a9af5987cdeebadafdea403abf116316cc3e97f960617058d90f8ae9f962fcecd2c6424b8177a5f070f139c4521da221980e65d248b

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    c2a95ea3c409a9305bdf1883bdaa4c42

    SHA1

    4124cb1440bda8e152e6090fe8c07cd76835a647

    SHA256

    d66eab990caf00b9416cf67f23c924099970ff04fd11ce31da2cae896ed55462

    SHA512

    0c35ece0c3ec7bdcfe4e406dae3c0dbc98f97d4658730b0c51042aea39ac39a64387598f4639ab8322f8c3aab6a93a3b7b4ea4ea750cffa7e60fe3bd227dd87e

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    0c2d3f917bc92850edb2be6eb3cd8c81

    SHA1

    9a4931c6773cf578b172387ddda271474cedca12

    SHA256

    2f2b5ce15f8572f0f5dfd1e7cdb2362294b1ec6668cebebc77621e95107c7162

    SHA512

    ea9b1552dd4298a883eb13f32a18845c3b64e260c0f24a85ed4567f8cd21fd1bda935303c41a52942f06d747ba9ff02072ec426774054c38f7a89cf50854a68d

    Download Submit

  • /data/data/com.drnull.v5/databases/com.google.android.datatransport.events-journal
    Filesize

    8KB

    MD5

    2149cd1243dc4954d38fff4ab2bcb495

    SHA1

    fafcbfee2a2130cfac582608fb9e304e64f748f6

    SHA256

    40a06b302c76df75fbe97f611448d30afb52de4e52858a0df78736709af3e510

    SHA512

    c2b2a67a3ff9f4f2988ad246b5595a98ef0a546e1235b183cc6284659499f8c9844ca48810c193efd32e59dbb7cb239f86a476fbe3da151d6648dc5539f189d1

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation5943000745584931929tmp
    Filesize

    90B

    MD5

    3d0b1c63535956e0f7e0a6944780510e

    SHA1

    34e6b4d959745a4241f1120546d3aa15c2fb6642

    SHA256

    274dd7c0e2d5c47506dec54d6e523d53401ec6b77144e1c2d8c064a508aede4c

    SHA512

    971a3412b3c2badebd57b917fab66b95e9a468d1c424954ed7878a9a27b7692f577ccdd90b0b69770d11b77d80dab0f453ce34978bd51c43157bfb83f2868a59

    Download Submit

  • /data/data/com.drnull.v5/files/PersistedInstallation6476990201863789896tmp
    Filesize

    566B

    MD5

    6a424e4b7c3ad241e6c29ff0e3d4f4bf

    SHA1

    f2bcfa6bde60e6d7895dab1b3bbcfe46eb223711

    SHA256

    1b51460a138268e6228d8ab35e01eb246e7f4aea1dd7afedb070aaccd1009e93

    SHA512

    85849ac1e32e563a0cddb48546e52540976df63305177101aded495d46bf04816a3913789033487590e94402858bf37d81ceba21eb35f5fa26b0f1110a81e298

    Download Submit

  • /data/data/com.drnull.v5/files/database.db
    Filesize

    102B

    MD5

    462532d31fda7d2e91375c1b7b6532dc

    SHA1

    0e4e3bbda2b75ad773dc14075c10be660747e781

    SHA256

    bde91fb7d5fec4359d0d18032046ed6eb1df1d30e7fa6675680307232f5000eb

    SHA512

    ac9c947bb393ae35d0ee305100b3d0c1575549dd15c59e612bd2227f306a46827b1b9af47d4cef97a4d43fc420711b058d88a8f5800ddbe51274cd898f04592c

    Download Submit