fdf65bac0251b744744d37d1dcea60f08197c0598a8a11194be5e5e03dc00ce3 | Triage

Analysis

max time kernel
12s
max time network
38s
platform
android_x86
resource
android-x86-arm-20231215-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
submitted
18/01/2024, 16:40

Sharing

Report Analysis Logs

General

Target

TikTok Plugin v1.23.apk
Size

6.1MB
MD5

ad7401c0c9864bb0e8a2e1cd4de81461
SHA1

0933a11dafb1496079ce4652b40c70ad19ce4d11
SHA256

fdf65bac0251b744744d37d1dcea60f08197c0598a8a11194be5e5e03dc00ce3
SHA512

9192e2318e0644c0b8ed6ad7f1027aa70155c2ca0c4604fe0b0302d4446f4be4437c4fd0c209214dbb037510a7e51bc91123151fbca288cb30ad143139f1353f
SSDEEP

196608:pvgFJGLDw2GQ1/udaOgCAho1QumbRwy73vDjy8A1iU8Z:dcP2GQdu8OgCaumpvDjpA1iU8Z

Score

6^/10

evasion

Malware Config

Signatures

Acquires the wake lock 4 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.rezvorck.tiktokplugin:media
Framework service call	android.os.IPowerManager.acquireWakeLock	com.rezvorck.tiktokplugin:media
Framework service call	android.os.IPowerManager.acquireWakeLock	com.rezvorck.tiktokplugin:media
Framework service call	android.os.IPowerManager.acquireWakeLock	com.rezvorck.tiktokplugin:media

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.rezvorck.tiktokplugin

com.rezvorck.tiktokplugin
1⤵
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4254

com.rezvorck.tiktokplugin:media
1⤵
- Acquires the wake lock
PID:4283

com.rezvorck.tiktokplugin:media
1⤵
- Acquires the wake lock
PID:4352

com.rezvorck.tiktokplugin:media
1⤵
- Acquires the wake lock
PID:4416

com.rezvorck.tiktokplugin:media
1⤵
- Acquires the wake lock
PID:4477

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads