Analysis
-
max time kernel
7s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
07-07-2024 00:06
Static task
static1
Behavioral task
behavioral1
Sample
revanced-manager-v1.20.1.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
revanced-manager-v1.20.1.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
revanced-manager-v1.20.1.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
revanced-manager-v1.20.1.apk
Resource
android-x86-arm-20240624-en
General
-
Target
revanced-manager-v1.20.1.apk
-
Size
42.3MB
-
MD5
aae9b55c6f2592233518bb5a173e8505
-
SHA1
9185a83dae0fc8a0ba79f89f3c84fe8a038f93af
-
SHA256
6ddb76f6180ca8bc0a11d5b343ac9ad8f137a351f20c080e989ca4310973d319
-
SHA512
923a57d4cdf2e7d48539307abbd12f982d61f393a1d058ceef0f6109301d21fedf0fe73c667f8add37fb35da570ac35c6b911360d9bf0389aa0bbbd53103ff46
-
SSDEEP
786432:rYnZDjrdwh4ztPNHGnh6LelhugqQKmDCa8EITOuWSYBJUUqh20JZkIUE09g:IZPBi2anh6uKmDLmixXq5U9g
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /system_ext/framework/androidx.window.sidecar.jar 4486 app.revanced.manager.flutter /system_ext/framework/androidx.window.sidecar.jar 4486 app.revanced.manager.flutter -
Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs
Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).
description ioc Process Framework service call android.content.pm.IPackageManager.canRequestPackageInstalls app.revanced.manager.flutter -
Requests allowing to install additional applications from unknown sources. 1 TTPs 1 IoCs
description ioc Process Intent action android.settings.MANAGE_UNKNOWN_APP_SOURCES app.revanced.manager.flutter -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo app.revanced.manager.flutter
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/128b43e1bf15899d8cfeeb2dc5395afcd374f9f8.temp
Filesize1KB
MD50a1000f03055fc8f6ac0d66cc6c340b4
SHA1eddf6f91bc40edfc660630fd438c590148e597e9
SHA2560468b16de5ac7d2cbc9af73846a9c66a385a7f7c46bf978ca71621dbf2cb42dd
SHA512c8e4c0ba6fd5e285516c52347544d220fe11926542a023c339c0ce51b9e3a671e211be665f90b374cbe78a6971663b7c27bbf850c784c15e76711b4254a84b23
-
/data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/16db3dbc6e0931d5b29149581808cb6401ad41a9.temp
Filesize1KB
MD5c7508f3107811f8d9c5b693ca87c29a0
SHA1ca242bc7a58e1de2f2541c4da86d2e549700684f
SHA256624d8103ff836de3f9c13d669a056a002d1e05d7fbb986b4ce66532d3c09bc4b
SHA512648777295462d80097581ca57402efeac6f87016c3612be1548d407be8992b03118dd5a4fdc4597e64c908c1e4690f01de2a342f2606259351569032ce7b3483
-
/data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/676ee892fd18de7e134fd3acbbc8071b71631d61.temp
Filesize1KB
MD5475e0dcfd72f7418ad020aef04ee5974
SHA1f477efeccc012b74e65ab6a85bb37c474dee12aa
SHA256c3d45aca96fa941e39ef1a7dd810c1ae3f202b272d2fafae5ed3e5ea93ff3a8f
SHA5121bb1ff9241b4a191d416d380b868c6921d64f8498e236e0862addf28e1e8cb6a68f45b3f6f11d5192507ab34d2df7a582d403fb72f0fea16ececab3ba5381443
-
/data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/7b39a766bda0d5dc51d4f5bec77beb90a6675b8b.temp
Filesize776B
MD510d8bc5780a03823438b28792890d30a
SHA113ba0a3ec26030f54798e7fee49383b16c4c1d8e
SHA2563a9d5e4d865ff2f35fdeac9b8658903a7a2e7c03ad971266c2a69fb69b27f5c5
SHA512c8081580eb7956993e45c42f6a4f4920a7b51901ab3d5fd746436b0db3c2c0d5e7c6587d96b78ce5fc2d1267db0ff9e6e4238efa9df4ceb57752e111c4539067
-
/data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/87144fe56e578d5f4af2b3007a0319c145f30d7e.temp
Filesize1KB
MD5fbce9a9ede6ab098733dc8dfe0371f96
SHA15b6882ca9d03d9e60cfb800aa468fe0ef3639e3a
SHA256e3ad52e426bc4c4e5b10fb858f4e2a67ca48f23f6d53e0251250c9b385a6f09f
SHA512ce65a3fe0a65505828bec2167e660385b4a04ae0edf28eed6e6942fcc38ad6f02db7cc8942ce40ea99ed3f9db52e23b8cdad4bcdeb8d40ddee3f0c4394f561e2
-
/data/data/app.revanced.manager.flutter/files/Inter_regular_ecdb53099b1a68cd24c6900ea5beeafec81bd3c8cb9d0f3c51b9986583ba3982.ttf
Filesize296KB
MD5a1c48d34ae1d9cf297b1e522e4ece60b
SHA1c49e93c97e4e2e62212f0daedccd0af23758aec8
SHA256ecdb53099b1a68cd24c6900ea5beeafec81bd3c8cb9d0f3c51b9986583ba3982
SHA512ddcea27faf740bc48df8e95bab0b5d41ea75fdd2c874a71b19a8ad21c7a8e75fce44e8b015b50153d386eb7f1e785d2d0e0ae4cf77b6f42ded20ce5dbb67b164
-
/data/data/app.revanced.manager.flutter/files/Roboto_500_ec3a64e46e2ee5f546845582e1d5409107780cef55bc43b052ee962f9807aee6.ttf
Filesize80KB
MD5c45c12e87b17604ec916e4d2e3baa402
SHA1caba8535c63d825745070f176523143636767340
SHA256ec3a64e46e2ee5f546845582e1d5409107780cef55bc43b052ee962f9807aee6
SHA5125d7755bf118e8437fa70ab57a3d4d36c448fbd8f07d94931b3bf08fe040d4315869ad2ab2712afa8452f207823288344a1a8498aceb533efec47f12b9e73beeb
-
/data/data/app.revanced.manager.flutter/files/Roboto_regular_d1d7c5f4500eeb1a09e051781906c3642015a3f6c9b69046b905c8bf34c6ad60.ttf
Filesize79KB
MD5e20d2de553c537cb16367bf2b7f3735a
SHA156607504db21a6a703feaba6ff2bb3532c484293
SHA256d1d7c5f4500eeb1a09e051781906c3642015a3f6c9b69046b905c8bf34c6ad60
SHA51284ec60aca69a38af8df6100002e42359df7277379003ebaae56420238bf774a9669c1b7146b79fd145e30cbff064e22955b1c3528f30804fc4ade7f933e5dc93
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b