a4a20711f31ce58f76e4d304620c5d44d54631e5934d7d28574b4cc4254c61c0

Analysis

max time kernel
4s
max time network
146s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
19/08/2024, 00:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

youtube-music-revanced_v7.03.52-patches_v4.13.3.apk
Size

40.7MB
MD5

dba57de8c62c6da8dea8aeeb14d367f3
SHA1

c5eac61ac858db2e12ecfbf8255aae65e2ed14de
SHA256

a4a20711f31ce58f76e4d304620c5d44d54631e5934d7d28574b4cc4254c61c0
SHA512

24fd35dac31854f735aa94abfd263a757dd752d6aafb7e7b64dc5ef220d43e1d1f3ae817bc1c030128adb1e5435ed437d968a5f9b495b2b7134ebd0fa38bda25
SSDEEP

786432:KgQGPkA17L8waMgCqMxb1cTWSf84+TfPm0z:K8kUtqikEfPdz

Score

7^/10

discovery evasion

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.sidecar.jar	4429	app.revanced.android.apps.youtube.music
/system_ext/framework/androidx.window.sidecar.jar	4429	app.revanced.android.apps.youtube.music

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	app.revanced.android.apps.youtube.music

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.revanced.android.apps.youtube.music

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	app.revanced.android.apps.youtube.music

app.revanced.android.apps.youtube.music
1⤵
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Acquires the wake lock
- Queries information about active data network
PID:4429

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Credential Access

Discovery

Process Discovery

T1424

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.revanced.android.apps.youtube.music/cache/volleyCache/journal.tmp

Filesize
65B

MD5
23b7f6511324656bf907e95684ef16a0

SHA1
011bd68c4865b041d9201d98154d6a41fb4550e4

SHA256
d4b3d6a5e46581d77e192368a054a75f28e3475a3520405be84829abb6c8d6d6

SHA512
2b642b6aabfe964b4ecb9f46b168ab0727064242b6a952e1256abfc7287b9285141c9c460fdfa60c0d678c783603b55664a679e9ee6a86b2ef7f7d06b5afd698

Download Submit
/data/data/app.revanced.android.apps.youtube.music/databases/identity.db

Filesize
12KB

MD5
171aedf968e17a2744d2585715606cb9

SHA1
bbeddeb3b89fcf809619c35b4a318a80e7d5b029

SHA256
d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e

SHA512
78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

Download Submit
/data/data/app.revanced.android.apps.youtube.music/databases/identity.db-journal

Filesize
8KB

MD5
23a51bf1be0e1dc4446bc21ba4e99238

SHA1
653ec64b0efe97400948e3ea6451a1d002e9c99b

SHA256
45c977fb553a18e6b813c04a39367ef0fe8092b56d634d391f2c27d7a93c5896

SHA512
14d30130ee5aea8568d4235701bb8d07d7ebc7eaec45e40bf65395139bb7a7007224c891a5c78b10c41872196cc2faf74fe0b65dc498fd417c7beaaac3f17868

Download Submit
/data/data/app.revanced.android.apps.youtube.music/databases/identity.db-journal

Filesize
512B

MD5
f4351de5ec4ecf6b7761e5a1d91b501f

SHA1
633ae7726a259253a4bfedf6e110002966506f8a

SHA256
69f6f83977770c6bb59d68b7d3d6c4314171f060369aecf3f20abdf907cd77db

SHA512
2cd7ae7d83cbcb6a96a26e36a3205a4002c37798f6471eb98ff8bd0c8eaba1a6de93cd1a4aa2059c2ec124c9714e522c050ec2df974cee7a45cf73437e4bc652

Download Submit
/data/data/app.revanced.android.apps.youtube.music/databases/identity.db-journal

Filesize
8KB

MD5
ef8d6e0b0fb9834d6101379a27cd736f

SHA1
deaa41e564a9ebda663810e874526b812785db39

SHA256
28be5ff58fb535da1dd4d1c961fc2c1164a0bbe6e48de7083260d5dc95e6cd29

SHA512
1786e9600b33c9de43b111c853e8dad8439a21d419e8de267d9dd0234be9ecc720dfafad8c52d3cd0fbca02f9cda59ebe47e9dca8bd98c247299706a3341adea

Download Submit
/data/data/app.revanced.android.apps.youtube.music/files/103795117

Filesize
8B

MD5
f9c675b5b26a45458c01396a3c2e0212

SHA1
0914b6fcd560f269ee7a783b0eac23d7b92fd1ae

SHA256
e754a0d21b1ed655798d3e88bb66c501b6a4c6f1b7708b752edea6d25cd258a2

SHA512
2fddffc2a94db67acc164b7fbfae2c6c3bb7cf456eb1aa56d4f8e57802c382e4d3f9b2dad3b4192827099628487b41685fcd28cacc8de907f11bd23f5ef790cb

Download Submit
/data/data/app.revanced.android.apps.youtube.music/files/net/shared/delayed_event.pb.tmp

Filesize
2B

MD5
a004f5605a9a75880611e5e713c694cd

SHA1
5072d54b7f4780c9e6a49beb3f852c191091d49c

SHA256
f8bf02b74055ba2b2386a34bca9a3c1e96435781363d7fd461fdb98d201b005f

SHA512
c1fd50d94960a5098a734899770ec5aca63d1c6208032d9046acd14aae7123befdd048366af0cd0f40520e4eabd323e6d1e55f8a8aaa3bccc476239a83effc5f

Download Submit
/data/data/app.revanced.android.apps.youtube.music/files/tiktok/103243289

Filesize
4B

MD5
48c872d906b965fd79aa44a6e41b0740

SHA1
cc4237a88c116436f0d8f5685854b4841dd673c7

SHA256
dbdb06f4c0546690012dd0150563472b162ef489a4aa725e0947ca137cc2dde4

SHA512
09b7e9d0b91c05462de848517105fe37d0e03182a72b3d60078d263d73601d1ee094bb5174420baabec19ec96ce34e35cb5887e7e69087e74690db9bb6606c68

Download Submit
/data/data/app.revanced.android.apps.youtube.music/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/app.revanced.android.apps.youtube.music/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
53c634f227248b7d02f765b09a376bdc

SHA1
07d040e69c08f29c82f85c7cce76c4278b1d77dd

SHA256
522d6f386f6b82ab64df6b673c81ca576631c87d239af8b8b26fc035f6c693af

SHA512
e7790b56b42d9aa2b4d896a966d9588dcef1f8ea076e59a0b24cf7dd7696ac11ac54cefe9de37f7e2732f48281cebbbd1823e61af5eaab0de78fdddfbfbb184b

Download Submit
/data/data/app.revanced.android.apps.youtube.music/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
9138293a744a6b04cc0cc52faa201671

SHA1
e27d81aa73e081e8b8eab346931f84181f62f458

SHA256
45d42b7483ea2790acf56e922a382f2bfc9b61d8ba2248affd98e23fd1cb6391

SHA512
2937463a3c7556c2cdead8f673a79e5315d9993a364d07bd98676a93349184ce0dccfc0d24ee2abd63536b85f6b70ac7723533985c9f7adb2c279ab8dd49f03a

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
12KB

MD5
bdf3529e80318eb14e53a5bf3720c10d

SHA1
25c9ace4b1af6e80ebb2572345972c56505969ba

SHA256
bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b

SHA512
48b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b

Download Submit