Overview

overview

8

Static

static

6

DianaApp.apk

android-9-x86

8

DianaApp.apk

android-10-x64

8

Analysis

  • max time kernel
    129s
  • max time network
    160s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    22-05-2024 11:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DianaApp.apk

  • Size

    14.3MB

  • MD5

    e971a3be09bfee056598b04ce602f90f

  • SHA1

    7f691267f6ba5235f8ce735eac7ba742231146f6

  • SHA256

    b4da10cd63892cc82bf11a2638ce20e315576ffcd13838aa1a1c70c294097f19

  • SHA512

    0fbf447d5aa1b05d1c9df7774d0d756b0086d3fefc5e5d1ad56efc348c18a795c8dc04088aca5c72a506b90c5c617b1c288944634b5417288fa5b68c04db7572

  • SSDEEP

    393216:m9YE8G2qTw6XNqK8+V07mk6zfVd9wnuc1ZUlHqnCZIzG0Ynx8:eYE8DqTL87f6jWnuc1UHqCZ0M2

Score
8/10
bankerdiscoveryevasionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks the presence of a debugger
    evasion

Processes

  • com.medicarian.diana.app
    1⤵
    • Checks CPU information
    • Checks memory information
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:4312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.medicarian.diana.app/databases/com.google.android.datatransport.events
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit
  • /data/data/com.medicarian.diana.app/databases/com.google.android.datatransport.events-journal
    Filesize

    512B

    MD5

    70a9597979b4dd0d3b1e5da90615266b

    SHA1

    5c67e11a653b03803b597b145fb85a554393215c

    SHA256

    7d3ee8e7d72e65c5b8a140ec5973a22e90af375e9c277decd8e932b3b979db52

    SHA512

    20c23a0919575ed2adb8631f25fedfa5cd13ed4160e54c52f38af7a9841ada7cc3c5a5c7fb3cae5277992bb6008127a37c48adb09257eac9e942d48734557022

    Download Submit
  • /data/data/com.medicarian.diana.app/databases/com.google.android.datatransport.events-shm
    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

    Download Submit
  • /data/data/com.medicarian.diana.app/databases/com.google.android.datatransport.events-wal
    Filesize

    44KB

    MD5

    b776585d86f23050ed0a8ff9718e1b99

    SHA1

    13c412c9aa685169575addd1a431b090f781018d

    SHA256

    646fe70f8011e3e80909cfc25752574890e6056f410b63ea78aa0b2933a71b16

    SHA512

    67a7f1c0194f2ae6b854572fc8a0bf9170cfe47384815df4d08793b88b6c7fdbf6775fd4e68067513169096c46dea4f8bf9a13175770f3b49f0053e3f03c7368

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoActivityState
    Filesize

    469B

    MD5

    9c1559d0ced3ac131f85e56dc083e54c

    SHA1

    0289128b35680a70ee686391f6e2187c85222cad

    SHA256

    412726fb4e962559aff8d6fae0049ffb86616b35483c999c1d69f4864fad6dd8

    SHA512

    45d7d83473edbc93add3862c4baa124764884efe8a3e9c85fc686deff99a80d859528c764b3850322cb8967b9aa11e1b16b9569d9df27de5481751c7579a47a8

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoActivityState
    Filesize

    634B

    MD5

    a2c374f4fa9a760d0f4d0bf2f818e54f

    SHA1

    f91cca2e13ef6f07b04322f28f3c7efc06af8007

    SHA256

    94db5ce893b96b5a90d30fddd0e6d4d89b561d4d1fe32bc654174806ccdd853d

    SHA512

    7edfa6d7accdc9522f8cde1937fc132cd1461cfdffff5ee1f47ad5c46322ab1838bc46a4e100c2f6146bc25040bc3e12a24c60fa0a87cf1d84c4ab501cef7650

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoActivityState
    Filesize

    634B

    MD5

    4e8d1213fdc96307edac3c7de9c93abf

    SHA1

    c8c2ccdf4c2965a7a63b7ce93c1644bbdd0af30f

    SHA256

    ffb62e4c5c45ffc5d882dc83e8e4bd7b356b913f8858289590f303e3d20011d3

    SHA512

    35503854445eb67b029349c291863daa818f259a3d7eeecbd172fdc3746848c64a6575bbf6fe4520be68c86ad28f732963553f1959fd542d97d7027f9f6ed699

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoActivityState
    Filesize

    469B

    MD5

    acb4c3efb8ed494d3f0b15bb0937228c

    SHA1

    d05bf47f85b1d451684e38154e65e666807521d9

    SHA256

    808a9136b388dc4c9f47603a86e6f336c2e994a6ab5aa99434891328975dd208

    SHA512

    28e396c2312433ae1c989ce75c5ce54f0a46eeacb422441715db6cca89b03eb35eae617cb156c7fc0ac474e05288d211863121485b6a28a69cebd49f22da5d50

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoPackageQueue
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoPackageQueue
    Filesize

    1KB

    MD5

    8464ea23cbbd3b48d90e6a57c9c6807d

    SHA1

    443562d6a6681e0da570f14930feec0478ae8131

    SHA256

    1ba4bb62063bb8fc2d8f2ad6ad01e506e3a93f1c642d6cda48e7136a4a881b29

    SHA512

    a5af5f1acd66efa72c347d1648ef69b7e02563d66c9895d00f4ef96066edb45453de93a983c925787f459df737beab31f6632578af06ded6dd130d763c2c4374

    Download Submit
  • /data/data/com.medicarian.diana.app/files/AdTraceIoPackageQueue
    Filesize

    1KB

    MD5

    6ec1826d5ed4dd33c0e6ecc7b1c3ecac

    SHA1

    12c2291654371efe4f136eae1f87332b9ac448ed

    SHA256

    5aef8b1c7727547e3085f3a65e527ff686d4b1813069d0e737548ed492564365

    SHA512

    37b8e95ee0c6fbeaecae06b348752fa919008ec93794f9dd8abd6558f57aaeeffa2c88bb39321123d642f11575ca0eb682a1be78029bb62b7023a72d1744be4e

    Download Submit
  • /data/data/com.medicarian.diana.app/files/PersistedInstallation2631589151858972675tmp
    Filesize

    90B

    MD5

    29b2869f024e33fb175e6ae920215ce9

    SHA1

    5d9ca9393f926403e5980ac32d2ca19fc6c97a6b

    SHA256

    c093202f3fe99989a2db1999f8d000e9e76db60496a108958a5bb0f84930a681

    SHA512

    5d398e183dd94aa9f6323b4ec65e2bdec048a176f52be3014dcbdd781dc126ed56ca031fa1d8ea8614e30c59554e23acfdee9d1a6d5e5a67ef0fd26e676062c0

    Download Submit
  • /data/data/com.medicarian.diana.app/files/PersistedInstallation7599788296592532034tmp
    Filesize

    571B

    MD5

    dcc00cd3474c33970cd149858e66b2a5

    SHA1

    2a952aec2a6a33c65d0e946256941854dca08eea

    SHA256

    86391bc424bd9a20a39571c8a1c71c78724da41ba967f22a675a5402fa425e10

    SHA512

    e7ae17f655dcd19754da1a1ba31d2c425ee45584698fc5358a85b278f30b9f2afc11c2829803fdae68d5c93777e382c11358a26065d10bd893e2838291b5fed6

    Download Submit