16a1157a52d06932ce0f7af9c8725ed8a549aa2ed28edf04650c076608b6bb29

Analysis

max time kernel
73s
max time network
79s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
21/02/2025, 06:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

11.3MB
MD5

596d77b3f736d77e31b622180d4c701f
SHA1

4c61f2273734cb7a080fe4f089440068da49d080
SHA256

8ae7b0080fbdc2caf4bedabdc09579441ba25dd0b28750a31864581ca9c2a418
SHA512

35bf77693479a8c9e2a32af1282b8fa3d05d6843ec5032f9751396f5db6e25c54f68214dfa2f5fee29910f869a0c80a0e05016d49a5534abf69816a7149d2cbe
SSDEEP

196608:z0DintMBhkRaD35nD//fi9uLKpicmIOhgYWWmDzFk5kr+lMrLAY8zYccBoB1Vqmt:jtMBK8D35T/UppicaJiFgPMr0zP1V3t

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.disprzs.hdfclife

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

defense_evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.disprzs.hdfclife

com.disprzs.hdfclife
1⤵
- Makes use of the framework's foreground persistence service
- Requests disabling of battery optimizations (often used to enable hiding in the background).
PID:4636

com.disprzs.hdfclife:my_process
1⤵
PID:4756

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3146af242882cd53a424b93907bb8b4d

SHA1
dfec7227bde7927bcc20e15afcc2ea40e68aa124

SHA256
5afb91e51a7afeff9247f57429bd04d14e9509c41e177eb7aaf9399afd0eb7cd

SHA512
c154a385f82a419cb50d6048223e1a864e90d248a0df65dfed8ebe25c4c7a6bad2be3c3abce0f350027878b7130945783ac39fa25f395e154f76cf9e895073a9

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d5297d30e25996b8a3b5d904e17fe345

SHA1
973007d43c4ae4ea78f79510101a4092cef35509

SHA256
1dad840476bd226fdf8e78f96e06c761ac6456ed8dfac2cfba2e93212a48e5d9

SHA512
3dca4b8c405de461041a1b25c7644f9d7a8d4ff8cae1514ebc9965b623e5a03d1bc6d65af2ba36f389ea846be7c5c21bb5bd2a84601dd1398a2fa4cd4bbd1f5e

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fbd2c71694b40549e21b089c4e497f80

SHA1
dced9e0fd38abf0956ebbfde1a5a07a4421b8f46

SHA256
f2e4293f4edb943e2e4e9e13d0625fba18667cf964f53cb2b6c6d1f3ac279b4c

SHA512
24f9bc2c5ce3af92a7ef1cc49bc974d5dbe26720fbeae02b109d4128ec0412771d9c7ef4cbb8dbc887314bf3eea9ab14979e9ef736155d4059aa08766c598005

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
93a4abee5a1f125997835e5eaf75bfc0

SHA1
dc1a06a67df2b2db823ba06148e8ba69307b2fe2

SHA256
cbae24e31f60c7ce0489a2f9129fa26b63dd67448f03941e623eb043a50193bf

SHA512
84d6e42cecd38a801a6cd6187bb6edaf07dbdc41d1cc1a388342b2d024681b2e46e91856a39534ac9afc4f3011e36075999f0bcbfd7e155d8bbb493348c8a09e

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4ab6dcecc97c9c041b9cf98c2fef738f

SHA1
cd22b81af4cd181d6791e3178d5412649d674b0b

SHA256
f053da6f86cdb234b23b48b03acc8560faa999d850ba9775ef2baa4d6615af18

SHA512
6e809b8800d1cd306501fac6f3bb99bdacc4d2ea0c4fd9ce21a778b0f521d1dc9e614ebaae5031b1d9063e0db4e8d0a178ac068604006f2dd6c7fbad0fdf7e05

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26fc07a7d3b24967986e4300b2a680a9

SHA1
9805d74147c91ec804b6bcc5e076472aeaed37df

SHA256
e0f2a2a0e6d2c1d21a2c963f2272e30107591c85caa0936263366eec5b14b211

SHA512
c3cde1578cd59d2b49f796291421066fe809bd7b9174390b3b4d215ec13f7704e95353685b6dfaa9a6be4547606a4b4eadd7bb6cae70a2d2611b433d45cfb014

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
391fc9efc9ee0bfcd1387bbc9376ef88

SHA1
4b447f3fef535eeedc72a141a712ba79dd38aff5

SHA256
e13011043e732d1301a4d65f40e56c1b09c2b9b5ff5081b0d0f735c20d40d477

SHA512
4638f82284d32a9ef91d68fd8da11a517413b75497b0063f413fea5239834c795352c76e54708dae5f800c1203f1170dd638fdb87722e3cc559ce42d1ceb9fb3

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
99124790682a5cb5c2d8739cb638ad4e

SHA1
be17f2fe388e34643e03bc846077db919b961780

SHA256
70af4ddbe441841f56e53a1222bec713766dd3a1cb09c33f428af66db6943280

SHA512
4bb7673aad6b29eceec47ea4e869158167d162388cd9daf216f628500b5b56a9d3640d696aafc438e14f5f7d1575f4967a39eacf59a0edc14b2ebea85b74c8cf

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f2d93b1559007d3d5de8299d7fa4d31d

SHA1
a7f4d45b3af31d4e5852a30fa34c2860fcddfd64

SHA256
0773459018313a60d0be0dfded1c8213dc01c783f52472895716d2b783d0deac

SHA512
80465d98debad40433ac074474b1fba736da8a2ed5f53f03d5dcf9868cae2847787327f2b84dbc221feb01caa81cf452dea9bdc0343cdc12f37dd8a202d7ef7c

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bd6b54b5b93de61f787624d1635912c4

SHA1
b7ed649f103cae6f12d58506f23e22982a02d63a

SHA256
6f7530bffe33c7f82b69170e597ef5e4f95bf0583919d85de4e5d772e9b6cdd1

SHA512
69b287cf0323c1417c8030d19a63bbf70bd3d507955a93a7002622371cb40c045358eabc3af199b0e42db05537d72e3e60f2ce42836dbc0a93157f467c9362ff

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
afbc7efc5cb40c884ac4b52bea02853c

SHA1
ae5e8ff2f8e0b907b507e9d391b8f22b709ee3db

SHA256
dab723bf9d828434a731c288dfb21ff5347625e8d53ef89cdadc46b935582375

SHA512
f51daaa8421063c83dbaa31742b4bc16f51ee11be9ab982ce19881f9f1173f6eed99f9983b08d9723752899f4684e6d87557512e0ec5c2750e194c9102791bf1

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
0a2700c997b8026d58def57ffe08947a

SHA1
179c7ef93682a5ed4b603e2d45d77edfc2630a77

SHA256
61f59a2ba3edb7cb46882b759431ed6034325358652351b3e594f66e9ac09142

SHA512
c0337d46e4811dc5c2eebe42280eaf459ab70c7ea161f025995b77b5013498ec208d45819efbe31e3c69b1c3691f63a1d84d358648b2b1e66c19558857e6c948

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation4160240828954996676tmp

Filesize
569B

MD5
c16655b9d5a4be766e836f44f37249e2

SHA1
ebde2d71f507a0a184fa56fb2c2dde3916cdbc94

SHA256
c877f374b5e3528a06a115066d5a330e291d7261f347a7a4bdcdd843144c0535

SHA512
30aa4dfddba34ff9b205cacd7ca76f2caec941e09c824780cf3797490aba1eae2d86f76bc1d5dfa074f77d6f9808f4584a6a4e7750207459b6e0dd33bba7617b

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation7495772887603631113tmp

Filesize
90B

MD5
eb138dade3ef4bfcf637879bde877b6d

SHA1
d975930608e217ded994e8d218b69a9803348c6f

SHA256
079ef8b164745e24575720ab63caf7ed55da050c33ab967a878aef7300c85c63

SHA512
636670abba48d1c34dbc626ed8e3433de1eb09d68221cce396c683f4f18e4349556f2d87be490b08f42e17acdef575588667afe155024e7e247664d0f673f590

Download Submit
/data/data/com.disprzs.hdfclife/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
2004fd06e98a0156212d8d8cc5bfb910

SHA1
df6a5fcb64f95460434b2244dc4c9e5ac2cbb906

SHA256
38a432b7c62ed565607ca8e68c01931ba04cd1d1305ce937fd6ab1cbe8597a9c

SHA512
6dec006aabe064452edb8e7ec599693df68bd93291b91e0f3c5fd019afafbf02b285e3556b5a2707f134af596de237d529a297d7d3d28644d2442dc227eed759

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
70d122f92ece26dbef9c26bbb54b61fb

SHA1
e3830a7223c95b40558657ddce2a0f5a16858839

SHA256
a1a4964c62f9c1507ac897ce6545771e6bc23c4df456ebe753d43ca6541b2b9a

SHA512
c2e01e2bea51c04efbdfdb5ab08be19f0c345d2fdc1fcfb40c734fe59c2681f57841793549e15280560b72347e9b938591d23e765c0c9a7d03b29413b99bccf2

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
6abe438de2170205e6220bd7612aa344

SHA1
ddc27c3c88c8ee468d409a58b5575530104c77c1

SHA256
5f041011f42395d7c1b6681e07b440a4a858655808e650c633d9b8b844bea84f

SHA512
57c7b60ff75a397835aa4d44d5d8c6bfe4daf372771ad80860f1092ea1ac1535842c90dcadf99e756d34e215fd06114757e5496f1a654a9288131cc900319881

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
576b44c3f8e3c5a5366b1dd5917a96db

SHA1
3189fa5f307f793dd06ae6a06b29f2ff56a97f14

SHA256
4910795488312ffcd99296af059580f68fe5f2beb7ff17125b586d1a49a68186

SHA512
89c35d2ca4ad33f8721091d07c3ff8dd3d9e46a0e79b22d756f7b097e867c8a0707ab14c37dfd27f7a54a1eb08be29f51744cc4831693cc51abba01c9eb98b53

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
2KB

MD5
25d28d40a79e59e9c62d34f20fe6846c

SHA1
a0cbf4dd440a0e0b43c70be3dbea02f38ee3bcaf

SHA256
d0d2f4966488f6452931e7c209eded824879e20e118450120ff3d66b28f33d19

SHA512
ab19c08213489e817fe3ed0dede8cc9436403a30a45381bcad0525018dfaef39cf96354bb0436f44d2e53eb0e4dbc2bac567562c099e751bf069c78ebba74299

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
10KB

MD5
087d7bf902b9d208d8ea5792919fb32f

SHA1
1e669528acca96f89681af917d043e1a3334030b

SHA256
1189c26320aa07556749173a4e5f22dc3b78f16d950a3604b46c8c525184ebd9

SHA512
6631dec8e09bc1a35597612d5b6ea9d9c1e9e499a074da4c9542b1fa87bf018a26fc9342c6116cda02422bc8c82da97e46ae4b9c6fbf06fb7b16dbae7462c422

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads