Analysis

  • max time kernel
    38s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    30-05-2024 13:10

General

  • Target

    manager.apk

  • Size

    4.3MB

  • MD5

    02a2ff9e69d85de4dad105213f620382

  • SHA1

    690396a68222724daff6622715643cfa48ce5940

  • SHA256

    c2da3df534ece06c4e87d60ae4690f4c58a9b6d3d05a45898181123201c1d8d9

  • SHA512

    041c83686150960f2a5373f6a84a58d0361e0374b6947cd5c0071ca5fbc11569aefaf614831085a1412146431eab96ef76893792aede0c4f820a7c170e28ea23

  • SSDEEP

    98304:AAU5ofra3s1A/YOkmr8R9OobyFB9Uiwyt7JsXFI:qkCYS+Fbq9Ure6X+

Malware Config

Signatures

  • Checks if the Android device is rooted. 1 TTPs 2 IoCs
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

  • Checks the presence of a debugger

Processes

  • com.vanced.manager
    1⤵
    • Checks if the Android device is rooted.
    • Checks memory information
    • Queries information about running processes on the device
    • Acquires the wake lock
    • Checks if the internet connection is available
    • Schedules tasks to execute at a specified time
    PID:4631

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events

    Filesize

    40KB

    MD5

    1d81bb3e2966e3517cdf9299f85e2247

    SHA1

    bdf2e42446eaf92a55cc20e912341aa96e7f9ec2

    SHA256

    e21fb9293a350dc8d7d2fdebb938e3d2f997c446d29316f49f02f778d0ee075c

    SHA512

    23796abdb86812b19300d376b50a81e7747733384eaaa0eff69f9103a072fc016dde94e6b400da0f89e44920143772a26b6a0649d6d319faf32ab1e3d0e990d7

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    24KB

    MD5

    599e78db7df5b03f6abacef90306aaaa

    SHA1

    2f74bf3efd3a50022fd95fb4dbcdacc5c0da55c3

    SHA256

    49ec4ce66e1695db7bafb739fb17e17d7a815668a9ade171c00cc94c53d17f7c

    SHA512

    df765405586348cd5f13f9a679580179be23335466485101fbb7dba6e9bf3ae797ec2c9385d5ad569a74349a5da1a1fb8c3a1a28173052b141357b08018d8791

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    16KB

    MD5

    6d5554c520f4e5bf0165e57916826e7e

    SHA1

    96c6898ed36605e60450d7b9eca25fc9bc4797b0

    SHA256

    b7c1abe13e26ec7a8d0aa50226e1a80e832c376a6b73434385b63676b481664d

    SHA512

    8cd57d0853ad952a4873b6e8e57b955f111fe9be3c44968666a2a034a2d2931636ae05ac2be180225455ec23e8bea3a764a0d09fc8c3bb0229e312e470630568

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    16KB

    MD5

    6f73f168e8048f0d96addcbe9d7093d7

    SHA1

    a51e8497facc377868572ac97f418c581c06ebbf

    SHA256

    40f7fc9a7bc4debfc1416260ceb42579f1c64374b42c796437a1421bcdf84777

    SHA512

    d3ef2ca3f6739dbea5970eb8720ca9d56acf72421a826d3c680856d6848815c42fbef86ccd740e9543cb84ea34cbd108b534a4af15f7b4eba0cd9ee53ee8d59f

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    512B

    MD5

    1ef5f3016a3bf55a47c7cdef4124dda3

    SHA1

    2b73255500fc1247bb8c684877daee1b29774172

    SHA256

    692c934a90986e814c5546af2d050d18f019568d86cff5ed4d084fcd0763e372

    SHA512

    c202cd289770d5a18506e25531a1083ee008bed12f036da352ba45ef905c9379c4256ddbc352e317455e00ebdf4499781420836125ee75bffc5c298ed003c1d0

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    b2e9d8a27e2de70fc69be3b27b221fc7

    SHA1

    f6db87df943c25fd0c21aef807d0c04c6d0b5b09

    SHA256

    604576c1b48ff1bd7294bc66928e6e29760f9c8b8ba0497ffc1280064acc8e2a

    SHA512

    ec86ca7805b4c2e04a2a3a4f2a207f134ba2d705a44ff2943a1eb7077f3f2373fa8be91bc9a9e09cbce1955cc2ef5a2901194156b3fdd61d174a18db741a20eb

  • /data/data/com.vanced.manager/databases/com.google.android.datatransport.events-journal

    Filesize

    8KB

    MD5

    4f35d11fa7a42469f5a95bff20241ddd

    SHA1

    745df60fa812aab9cebd7b6ecb9adccb1740c6a6

    SHA256

    1144c7f7efc15c590db189b9717be81dca10fac6ee15d143339bd89e1a4c5f8a

    SHA512

    c3e23fe2bbf575ff426ed0164adce37c2d7debe4d53dcb145f46fb2e4d6a046ee20c68901460640a7509a34c69c67d1332048889fb7d0cf0c5f846bbc61b1364

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    d9cf75fdd1c2292d986f6c3d5d60f2c8

    SHA1

    07ecb1d3a26d952ae5fecf54f36699ab498510b1

    SHA256

    2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

    SHA512

    442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    49bf5ec196154ee96a7485e755009910

    SHA1

    c87b0afba32e43bb70a8701aa7993515c1f793b0

    SHA256

    d4d38d7319af9a955bac84f7ee4a3030803575b205bdc24a35715d5bf7cc321d

    SHA512

    05a1c91ae51216f822c2f29dbbd6454c4bc427bc021dad637b2fc03a5868a09f079f7bdf56fde4cbf7364c7e59bd47c2c38266aea53138da24c07a7b96153584

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    994d6a357c929fa00724de3787e1c13b

    SHA1

    df59d0c0f2392a0d6b3c233f69479aa15a248a1b

    SHA256

    79b3829a973fd743516bcd5969016c655c8b63ba14fd1f7be6440c9e57dbe99d

    SHA512

    3741d8491c8fd96baa6f5a6ee9ceab7a2eed665ff52018c7fb3f70fab6bc9aaa863222f4f20416aa9d40300d9afb3278ccb928d45ed1828405b71ce0728d2e7c

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    9f33e88661c1e0a5f8dcb987175bcf4d

    SHA1

    74cccb9224cb9c984ef980fd4f501d551fd52743

    SHA256

    e45fee1843b3fa185feed8255aef111617cc8807d608413716647acf7358104b

    SHA512

    b8ad527156aafabc443f062f72fe919814b3c871093915bd9c10c360d010c1d7f6a9e5dc5d28187acc533e67fc2b39450749f0f8bf25a26dc0f618fcebb444cc

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    0a8d44713463d3979f2ed7b63ff3fde6

    SHA1

    e612fc867d882d3352a97bb30beb541d5e65a484

    SHA256

    4ac2ff1d70cd0126f2e9726c2d026605b3dd09b51bc799ee51c5c9efcd928980

    SHA512

    174b6f470b9dff7082ce861a850e7f6819fc9e3131b030f25e7f84344de2e5e69c446425cdda1b6df88ab3189b2cfe5ebe4ace83a584e66cfe84cc740f29d6b5

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db

    Filesize

    16KB

    MD5

    bb4bb9007ab7e9463b2a4474e22eb5da

    SHA1

    70b19344ab36414c50e5638d2f2e1c6409b93ebf

    SHA256

    819c28064dd81fcbe76a08c692eac1912d453a17945f2ee717079d9fcda47994

    SHA512

    0ef1ab9627c522843e077ca56ddf45a722f1c5856e8965b5aff6bcf7300092ce0b230b6a3a803c7e465ddda04be33002a324dcc21368f0f3157ed33dc8b8f371

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    512B

    MD5

    461312456d6dfcb2511c0a35f72da07b

    SHA1

    7386a8807cd7704594c44f2d7165d57486b09216

    SHA256

    cc7415b35380bf6a59673e7e3f448fa5a6f90f67a1896f4a5a1784720abff239

    SHA512

    227cd7ae66943fb57c63cf0c9b36d68656f0a2746a37399ce9b52896e414e5c0df21c0c66eacc73abdef9ebab35070d80112f8b7c19ce608498f28d33f885e9e

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    616bf7e6dda63c288d1977963da22670

    SHA1

    4a566d3b5d0522b33410f47f2837a27ff6f1ee06

    SHA256

    5aee48fbf3172d8a00a46498dc968233ad63e3a3e2d0f8373a6db58267b5c493

    SHA512

    55ba4a367ba7ce3f17b3c82235b96f955cb3241e1f85af50289f2c25f5aeac03cdf7cb3ba663652fd170e035b05b3b5f2e0ea573e450b4ca33072acafe0da708

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    4KB

    MD5

    1a9f223c96fa728146fe60fe2a74300a

    SHA1

    3f221989b32b16d49d22cbc6e657fdac317b5d6f

    SHA256

    0d7ed09ee388743a003ed55452558a3c511ef2798c3309e1edb62a756b099446

    SHA512

    3111873af733daceb1ac574e4b14082d97cad1db954a4cba904648b0c255a505491107d3f8d51a1b1592fecd4251238f3ca5a9c60ff632426e082e6987064d36

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    8154fe7e19934fc17d676f5c88b93c9f

    SHA1

    4e9f8c740b7adeec59b3bc6e01a135441adfec9d

    SHA256

    f1c6352340c22c700f22cdbbe75e369439437802099eb3cf3c97bd3358d0b06f

    SHA512

    8d95f10c00afed18b25144a7b7aec2ed9c864af647f2cd7cd042918681ba8b99daa64d1929e406c91da039303dff875afdf9b8bb570a5feddfe7dcc47d116a4b

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    1538d7b2374238fbb860f41c9cd83d89

    SHA1

    1e88984121f9b488452107977fb7486c238fb879

    SHA256

    4e355be406ae5a38bd9b87dcc316052f1c7187bde3b7ccd0e671dc5d030c066b

    SHA512

    fc70a1d966486c7b986950565507577ccdf022bb7e9f668721bade60685176ff537155ba23ed4d3c7d39f820bbaa8b286e20e730b57e08fb0de99cf3248d7594

  • /data/data/com.vanced.manager/databases/google_app_measurement_local.db-journal

    Filesize

    8KB

    MD5

    74e8f4f75d7e308a20e5897651da890e

    SHA1

    4474dfc468778bfa056035dfd8ae1477d9fe0513

    SHA256

    b7894f18ff8e0b7c30c993b2f56d640e359e5466cb978c6d59212e4112f9a43e

    SHA512

    415f267441dc4b26e1f20bc1ad827630b246afbaa14072689506302907e6980fe5630d36e70525d14c25fe151263a8b38427acc14c11fcef2cc1de16ef8619c0

  • /data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

    Filesize

    716B

    MD5

    7ab16072cc1a439ed481f75bf4c162c5

    SHA1

    25ecedc126abb49fd0bf02b395a684ae178a6f14

    SHA256

    4fc2dcd9ca92c0249d0e925bedf85b32dde3614259020ab0fa612121fd1b254e

    SHA512

    56ee937c0c19dfe3a3591519875472eb17c8691655a91b63fa5448ca6f1fa1eed53829fe2392efee4f305fa4694b4932bf73eb0999303322665b29349939993f

  • /data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD0013A00011217AA7BA853C208.temp

    Filesize

    198B

    MD5

    0ec890dd5deaf5ff2ec70e171c846b95

    SHA1

    46f452046e60409e21b3e8c08621030eca5ea849

    SHA256

    41110f1fb41b8a712f60fa1ddae686fc5ac15e1d4cae391470a604ce1176e9ae

    SHA512

    0c4edaaf659276803cfd2ca1602a53e579b52afda90d41de8d23746caa0f0cf5b255017d206bf69b3af74cf1016779179b3bce9c583b53263f9d43cd0f459437

  • /data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-66587AD0013A00011217AA7BA853C208.temp.tmp

    Filesize

    16B

    MD5

    c33583fae4e0b61cde1c5b9227963237

    SHA1

    fe2ebe4d27469af1460f7e852031a04208ef629b

    SHA256

    35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

    SHA512

    fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

  • /data/data/com.vanced.manager/files/.com.google.firebase.crashlytics/report-persistence/sessions/66587AD0013A00011217AA7BA853C208/report

    Filesize

    764B

    MD5

    8370e5ae4fe0a9e7d303450ac7fab891

    SHA1

    e1ebf747dab5807283d0867a9c0d52a3a9ef6368

    SHA256

    978e9507b61970ff49fbb48227ac871a32881b180aa3d23791ff6d55f9dadd9f

    SHA512

    956ef810ccf45354e59dbd7642848cd28d9074a5ca1343b4ff3e43c2c3aa324aea6c49bfc310768723867db2d36d3154b07e7db9ae20fcb78b712b3b30d783a1

  • /data/data/com.vanced.manager/files/PersistedInstallation3752459395823504788tmp

    Filesize

    568B

    MD5

    d720eb439ecc8ad45d9178f1d3940cb2

    SHA1

    5edcc506e10d72c3dff2aa6978e11e9392ecae09

    SHA256

    601244c140afb3c43b1fa4bcbbec0f62032eddf5043983733026e452b11be5e3

    SHA512

    b731128f1484fa59ef7525ef4c620082bef0ca0eadade2b67e23c79553f29d9a3694b217cb15ae8fb218e39822eed8f0d08a4703bf3db405012cf91ea8501eeb

  • /data/data/com.vanced.manager/files/PersistedInstallation5132203845045762620tmp

    Filesize

    90B

    MD5

    5fdf9b2b90a688421113f81915f6f6ce

    SHA1

    8063fd8a895ff85ae84fc77f1d00244eda4b1235

    SHA256

    6b488aca51d9e113ed19b2ac1e4244b9e99cf59b5c7998e82c18839094d0a0a5

    SHA512

    a8f1da5f56cff651289578c9f045a85ac7ea797bff51abdd6d96da6640de7855f926b0066ca8080e750fbdd5a874c89e0dab711cbed3db34f66e1bf6da742cf4

  • /data/data/com.vanced.manager/no_backup/androidx.work.workdb

    Filesize

    4KB

    MD5

    7e858c4054eb00fcddc653a04e5cd1c6

    SHA1

    2e056bf31a8d78df136f02a62afeeca77f4faccf

    SHA256

    9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

    SHA512

    d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

  • /data/data/com.vanced.manager/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    f4b53595e598390d7d653031d02cdf9e

    SHA1

    88a3de75b7edc6931d066b84dacc9cd67e5ac5e7

    SHA256

    c961019b7c9533053959b1e15e00a6b8e073713b001861fef4f01ad48787db2f

    SHA512

    43bd8c01700f78dfd488902ce2078e7834afdb1de8b3adfaabd74f8c8bc747678d84e4d79799938a2bfbe5492ec5e1efd5ad27c7803785220f51ceb9082cdd2c

  • /data/data/com.vanced.manager/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    1570f57bcc15ade32b45104532684508

    SHA1

    66651a6662839b515be14aa5c3a022e50e0526ef

    SHA256

    23c3e2f340ecb8ce84eb200f28062adb389151700b094e33a31c399cd80c37a3

    SHA512

    c628fc11ad01aad966c5e38f44c25620cc2d11f91a8d3bc794004221a4a93a95df956af6870c0fe148383313a9819d32888aa8a0a1be6418ad65d512d3bfc2b5

  • /data/data/com.vanced.manager/no_backup/androidx.work.workdb-wal

    Filesize

    108KB

    MD5

    7028596e55a7b31ceb1b846cc865ede9

    SHA1

    81826abc27557b7d83a8d73be5a614976475cb4c

    SHA256

    a02cf5380c1d28854b53122510e1bccd86a1becbebf565308e88576a1f2a505f

    SHA512

    969b91383fd7fe704ae5b373816f7c1749d39726cc568d66193c8deac0cbea5ac78493311dca436d7f02f4644a7a0b29b3e0e6477d1239077f30bc2f9668e799