17ef1a468a57dbbcd84e32df86509106e3065a82caa47a469cb3a694ce88c78c

Analysis

max time kernel
13s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
10-04-2024 09:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vc.apk
Size

4.7MB
MD5

88d421b5b9a7f52f1a961e52c49019b1
SHA1

1c69cd22dd43e313a4d2369ec382a30b661d16c1
SHA256

20a520aa0437428e4f93157979eaf181f3c3276abaea6ad01ce083ffa6e55e39
SHA512

2767836d7e3c71c9f1b2bf1c3be0779a054d7892ce1582d6121172bcba58541006a10cc278fa2bf9583d04e4c9257f463501f8b7bc2d2fe94a20c89c4ebb3b79
SSDEEP

98304:xti9x0frPpcI72EEjpDGKz+4NnPV+hNd8NTNrl+P3eWp0CHvwxU:9T725nxPQNSrgPuYHIxU

Score

6^/10

evasion

Malware Config

Signatures

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
evasion

User Evasion
T1628.002

Processes:

com.custom.vcopy

description ioc process

Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.custom.vcopy

description	ioc	process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.custom.vcopy

com.custom.vcopy
1⤵
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4538

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.custom.vcopy/databases/prdownloader.db

Filesize
16KB

MD5
a6b2869dce7d56502e895ac8f6d76ddd

SHA1
82d18095bf2617caa8298f9294a2206f6baf6558

SHA256
f2a1ff198b082b31f56906b6cd8fba96ad34e26d8f05c656cad5b9fefa3bcc38

SHA512
3ebb0248c634497e9428ec2413661236141fb5b5d632008deef15cd5022e73f46a4c01e63bdc0b3eaf69d7fd8a524a6331faf4af408fdb405d8660e3fd3e734b

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
512B

MD5
e5aa30546ae6afb897ecf6685072bde3

SHA1
0782afbd5751ce0ee81e75899f1b887f20797b51

SHA256
41d728aee51353e0f90ecc3e8af60c095f525cb354766ad2d2bf99ddd6090cbb

SHA512
d894126e1c077c558fa25f14b6c3c5c7bcddf0d8dfdadb4b91cb18ed9454e1be35f6346b8d1d8914a3561604e08de25d30c29ec74bb288437c926529927faba7

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
8KB

MD5
48284c28667edd5c4295091814012d6f

SHA1
74faec81c3e895cb042de6b49ee516440247daa6

SHA256
5b14033bae0fcea4df3f73c001509586ba2c7fbf745caca7db990cb16621820b

SHA512
a6219d9828c4db7c6a834047a21aaf11cf9787d2927b67385049bb6b4ac219b495969d20fa83f99994ff2567c5944736a711edcd5f8cb0cfecdb9f1a32108990

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
8KB

MD5
4763c671c9cedf3d22a1c8dd97bda32e

SHA1
b06c75d85e91b0a714aa6cf196da9a160e82a3c9

SHA256
b1d97630de80f965d42b857d946d6fd4d0839bb852535d3a5ef28b294b876f3d

SHA512
ac90e028fef854638c3d8f8112cefafdacdbf1a999b19df2d74aea6d1351c06a8fd95c20d030202101b91803d3d33cbdcfcedba0c644b73b182ee318ec37a496

Download Submit