Analysis

  • max time kernel
    7s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    07-07-2024 00:06

General

  • Target

    revanced-manager-v1.20.1.apk

  • Size

    42.3MB

  • MD5

    aae9b55c6f2592233518bb5a173e8505

  • SHA1

    9185a83dae0fc8a0ba79f89f3c84fe8a038f93af

  • SHA256

    6ddb76f6180ca8bc0a11d5b343ac9ad8f137a351f20c080e989ca4310973d319

  • SHA512

    923a57d4cdf2e7d48539307abbd12f982d61f393a1d058ceef0f6109301d21fedf0fe73c667f8add37fb35da570ac35c6b911360d9bf0389aa0bbbd53103ff46

  • SSDEEP

    786432:rYnZDjrdwh4ztPNHGnh6LelhugqQKmDCa8EITOuWSYBJUUqh20JZkIUE09g:IZPBi2anh6uKmDLmixXq5U9g

Score
7/10

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Checks the application is allowed to request package installs through the package installer 1 TTPs 1 IoCs

    Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).

  • Requests allowing to install additional applications from unknown sources. 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs

Processes

  • app.revanced.manager.flutter
    1⤵
    • Loads dropped Dex/Jar
    • Checks the application is allowed to request package installs through the package installer
    • Requests allowing to install additional applications from unknown sources.
    • Checks CPU information
    PID:4486

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/128b43e1bf15899d8cfeeb2dc5395afcd374f9f8.temp

    Filesize

    1KB

    MD5

    0a1000f03055fc8f6ac0d66cc6c340b4

    SHA1

    eddf6f91bc40edfc660630fd438c590148e597e9

    SHA256

    0468b16de5ac7d2cbc9af73846a9c66a385a7f7c46bf978ca71621dbf2cb42dd

    SHA512

    c8e4c0ba6fd5e285516c52347544d220fe11926542a023c339c0ce51b9e3a671e211be665f90b374cbe78a6971663b7c27bbf850c784c15e76711b4254a84b23

  • /data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/16db3dbc6e0931d5b29149581808cb6401ad41a9.temp

    Filesize

    1KB

    MD5

    c7508f3107811f8d9c5b693ca87c29a0

    SHA1

    ca242bc7a58e1de2f2541c4da86d2e549700684f

    SHA256

    624d8103ff836de3f9c13d669a056a002d1e05d7fbb986b4ce66532d3c09bc4b

    SHA512

    648777295462d80097581ca57402efeac6f87016c3612be1548d407be8992b03118dd5a4fdc4597e64c908c1e4690f01de2a342f2606259351569032ce7b3483

  • /data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/676ee892fd18de7e134fd3acbbc8071b71631d61.temp

    Filesize

    1KB

    MD5

    475e0dcfd72f7418ad020aef04ee5974

    SHA1

    f477efeccc012b74e65ab6a85bb37c474dee12aa

    SHA256

    c3d45aca96fa941e39ef1a7dd810c1ae3f202b272d2fafae5ed3e5ea93ff3a8f

    SHA512

    1bb1ff9241b4a191d416d380b868c6921d64f8498e236e0862addf28e1e8cb6a68f45b3f6f11d5192507ab34d2df7a582d403fb72f0fea16ececab3ba5381443

  • /data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/7b39a766bda0d5dc51d4f5bec77beb90a6675b8b.temp

    Filesize

    776B

    MD5

    10d8bc5780a03823438b28792890d30a

    SHA1

    13ba0a3ec26030f54798e7fee49383b16c4c1d8e

    SHA256

    3a9d5e4d865ff2f35fdeac9b8658903a7a2e7c03ad971266c2a69fb69b27f5c5

    SHA512

    c8081580eb7956993e45c42f6a4f4920a7b51901ab3d5fd746436b0db3c2c0d5e7c6587d96b78ce5fc2d1267db0ff9e6e4238efa9df4ceb57752e111c4539067

  • /data/data/app.revanced.manager.flutter/code_cache/flutter_engine/e76c956498841e1ab458577d3892003e553e4f3c/skia/e2621f417ff57ccab752a59bd8c938ade1bb9b4c/87144fe56e578d5f4af2b3007a0319c145f30d7e.temp

    Filesize

    1KB

    MD5

    fbce9a9ede6ab098733dc8dfe0371f96

    SHA1

    5b6882ca9d03d9e60cfb800aa468fe0ef3639e3a

    SHA256

    e3ad52e426bc4c4e5b10fb858f4e2a67ca48f23f6d53e0251250c9b385a6f09f

    SHA512

    ce65a3fe0a65505828bec2167e660385b4a04ae0edf28eed6e6942fcc38ad6f02db7cc8942ce40ea99ed3f9db52e23b8cdad4bcdeb8d40ddee3f0c4394f561e2

  • /data/data/app.revanced.manager.flutter/files/Inter_regular_ecdb53099b1a68cd24c6900ea5beeafec81bd3c8cb9d0f3c51b9986583ba3982.ttf

    Filesize

    296KB

    MD5

    a1c48d34ae1d9cf297b1e522e4ece60b

    SHA1

    c49e93c97e4e2e62212f0daedccd0af23758aec8

    SHA256

    ecdb53099b1a68cd24c6900ea5beeafec81bd3c8cb9d0f3c51b9986583ba3982

    SHA512

    ddcea27faf740bc48df8e95bab0b5d41ea75fdd2c874a71b19a8ad21c7a8e75fce44e8b015b50153d386eb7f1e785d2d0e0ae4cf77b6f42ded20ce5dbb67b164

  • /data/data/app.revanced.manager.flutter/files/Roboto_500_ec3a64e46e2ee5f546845582e1d5409107780cef55bc43b052ee962f9807aee6.ttf

    Filesize

    80KB

    MD5

    c45c12e87b17604ec916e4d2e3baa402

    SHA1

    caba8535c63d825745070f176523143636767340

    SHA256

    ec3a64e46e2ee5f546845582e1d5409107780cef55bc43b052ee962f9807aee6

    SHA512

    5d7755bf118e8437fa70ab57a3d4d36c448fbd8f07d94931b3bf08fe040d4315869ad2ab2712afa8452f207823288344a1a8498aceb533efec47f12b9e73beeb

  • /data/data/app.revanced.manager.flutter/files/Roboto_regular_d1d7c5f4500eeb1a09e051781906c3642015a3f6c9b69046b905c8bf34c6ad60.ttf

    Filesize

    79KB

    MD5

    e20d2de553c537cb16367bf2b7f3735a

    SHA1

    56607504db21a6a703feaba6ff2bb3532c484293

    SHA256

    d1d7c5f4500eeb1a09e051781906c3642015a3f6c9b69046b905c8bf34c6ad60

    SHA512

    84ec60aca69a38af8df6100002e42359df7277379003ebaae56420238bf774a9669c1b7146b79fd145e30cbff064e22955b1c3528f30804fc4ade7f933e5dc93

  • /system_ext/framework/androidx.window.sidecar.jar

    Filesize

    12KB

    MD5

    bdf3529e80318eb14e53a5bf3720c10d

    SHA1

    25c9ace4b1af6e80ebb2572345972c56505969ba

    SHA256

    bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

    SHA512

    48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b