20a520aa0437428e4f93157979eaf181f3c3276abaea6ad01ce083ffa6e55e39

Analysis

max time kernel
13s
max time network
150s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
10-04-2024 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

20a520aa0437428e4f93157979eaf181f3c3276abaea6ad01ce083ffa6e55e39.apk
Size

4.7MB
MD5

88d421b5b9a7f52f1a961e52c49019b1
SHA1

1c69cd22dd43e313a4d2369ec382a30b661d16c1
SHA256

20a520aa0437428e4f93157979eaf181f3c3276abaea6ad01ce083ffa6e55e39
SHA512

2767836d7e3c71c9f1b2bf1c3be0779a054d7892ce1582d6121172bcba58541006a10cc278fa2bf9583d04e4c9257f463501f8b7bc2d2fe94a20c89c4ebb3b79
SSDEEP

98304:xti9x0frPpcI72EEjpDGKz+4NnPV+hNd8NTNrl+P3eWp0CHvwxU:9T725nxPQNSrgPuYHIxU

Score

6^/10

evasion

Malware Config

Signatures

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.custom.vcopy

com.custom.vcopy
1⤵
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4444

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.custom.vcopy/databases/prdownloader.db

Filesize
16KB

MD5
a6b2869dce7d56502e895ac8f6d76ddd

SHA1
82d18095bf2617caa8298f9294a2206f6baf6558

SHA256
f2a1ff198b082b31f56906b6cd8fba96ad34e26d8f05c656cad5b9fefa3bcc38

SHA512
3ebb0248c634497e9428ec2413661236141fb5b5d632008deef15cd5022e73f46a4c01e63bdc0b3eaf69d7fd8a524a6331faf4af408fdb405d8660e3fd3e734b

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
512B

MD5
1795e20fc454ff001eb560eb76cd07b9

SHA1
69c04c38c13811134ace4ae3bc193c5a435cdd58

SHA256
4e650177ef2432f55d9991c6aaddadf052cdf4d408d81c52a92954dac9fdd55f

SHA512
93585a0e9ed75190facdc0892b6aaa640864ff62d84a132f1f15f7c2318249ba5b6346b627549c4d472097d18cef7b36481d07dbb030ff3d722b117234e450d7

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
8KB

MD5
f47cd5766f165d38bed0f8a6d29d1093

SHA1
d4683a76a728999a267ed23df51f988cb02bdce7

SHA256
703b0bc91bc27c7555b151666993757d16b319934166cac40bcafbfb0e80a2be

SHA512
c28ae6bd83fcb0719bccaa9d8af26c321deb446250ccf920f996c77f45fb586374f1325195c62696fca2fd31354e525843b2c04bdd5b211ac03aa5b4d325089a

Download Submit
/data/user/0/com.custom.vcopy/databases/prdownloader.db-journal

Filesize
8KB

MD5
d6bdcfffd39a18c231f2acbeb4a4743b

SHA1
8d96f85ef1870675b327ee896e4c466d3133aa1d

SHA256
e9a2ce8bdc915a101a4f9db0fea4189229b413ab2cd3c4a2fa5f9fa0c441c347

SHA512
155241364ac0de46cdc067cd1aa1b6a626a0b898104506a3d9c9c1fa89bd07a12199a4d8ad521738b1074aec5e2c40f5c4f67096c3bf4c32eeeaad080ee4e5ec

Download Submit