16a1157a52d06932ce0f7af9c8725ed8a549aa2ed28edf04650c076608b6bb29

Analysis

max time kernel
149s
max time network
160s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
21/02/2025, 06:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

11.3MB
MD5

596d77b3f736d77e31b622180d4c701f
SHA1

4c61f2273734cb7a080fe4f089440068da49d080
SHA256

8ae7b0080fbdc2caf4bedabdc09579441ba25dd0b28750a31864581ca9c2a418
SHA512

35bf77693479a8c9e2a32af1282b8fa3d05d6843ec5032f9751396f5db6e25c54f68214dfa2f5fee29910f869a0c80a0e05016d49a5534abf69816a7149d2cbe
SSDEEP

196608:z0DintMBhkRaD35nD//fi9uLKpicmIOhgYWWmDzFk5kr+lMrLAY8zYccBoB1Vqmt:jtMBK8D35T/UppicaJiFgPMr0zP1V3t

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.disprzs.hdfclife

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

defense_evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.disprzs.hdfclife

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.disprzs.hdfclife

com.disprzs.hdfclife
1⤵
- Makes use of the framework's foreground persistence service
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4278

com.disprzs.hdfclife:my_process
1⤵
PID:4349

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e0536b87301400babb16a4ca5f8d6333

SHA1
e9543c3810c7ff2857bb13e5319b71e6fec7a913

SHA256
395ce9cbcb0e209627c85e2bce1156256d357b621a7da6f5cfa4796560a98d04

SHA512
5f1c48877ba1b49536b5925fdac5c71f3dd4b04f59ff99bd1baa85a31c1ab6889b1fb2ad507bbdcbaee2ab05e3c0055dc2c21125ede985539b2e8e9c702172bc

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4c4710764e3ebfa234dd098b0f058ce7

SHA1
c1e205819f721db25ff8c782702ad10a6a5b6be0

SHA256
3f5df5f413de78561335b9e13e339af85250cb885ad09fdae1a1e7e267d14556

SHA512
60a3061676dd52baedd69dc5c254192ca11bcaf7319b37dce05d2f111a097026d128a5ad6459dba506eb97b423122565996d2e9a11b881746d90848c54924a43

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5efa650e784a03ae639b8138a776caf9

SHA1
3ff48876a0b7717ec9e04f0e923d28caa0ed0f9a

SHA256
8eead0f0835fe137f472cb166901f29ed31fceaea05cee87e9906eaa6c1257fe

SHA512
3f607af343e8e324cc1cf86ed8a843398e2ee5445ebdfe9472d9f69d2652d92c256768f30d71772a5bbbcbe39c563fc3a4776a0812a23d20ae835e8b82937c4b

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8b2992a635b56102ff10ac434376a9ba

SHA1
b8bc55137880f81f0bd5e3b01f95efad6bea2196

SHA256
3dce189e13e2e50c009b1270935734b9913248521c95e11bf0e74767f8b08bfc

SHA512
09c52aa7685d6ca806323a822d3a3d5d606e6d4f6c02c78f21a230355614b74eecfa88ea75b54be6c9eb7eff8189f2385e181d7448487eb7f3f2b476d06489c6

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2e77dcd05acdceec366d93275dad30c0

SHA1
fd29150b74de0601589856de9ee17308efcccf98

SHA256
953910f1400f96563ca455fb89060ece3f0d4423ed3d1c2b2960463df3b5566c

SHA512
da742e8589de919ef58ff99ad179fa79a00c1e922fb46382cf3989f14741df0f28969c72c81964cf22f915033ba468ffdf5dc3ac678215a8785433241dbb6436

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
25f06ada8be210f2257ca29a860a2229

SHA1
f4c0a9a05cf5deff989b1e700c72fde21c786bcd

SHA256
05a5e5ff9b3bf09a1a51462fb456e77460b880e7e9894a2c22c4cc57075be0bc

SHA512
0f0cc6e2029bb9ef4dafcbfb359ee28b9e327c4bf6ec44bf83fb1784f07022bf8e42fd3e232db1dc13fc11ba8dea450630846c0d0612c5e291110c16ed090d64

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
435ff0851932c0d6f6aedb7d6bd161ae

SHA1
b7dc30d2d1a2faa7bcc71d2afc8980d91c705094

SHA256
9af6776cc538cea3bb89b681011168d168ea67f12f72a928b1e16849617da252

SHA512
7aabde297730ad1e44322655b498935f54b3a24c327fe574cda8f48dd07b72e0d3e9441ebd3cce28009a7b865f384fba6e1ded9fd5eb8e822b81dc97e19e862e

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
33a8d41e91ce5a8890bab9543549faa5

SHA1
fcda4f51da9bff6afe84df84db4bb90075035d15

SHA256
48be885381deca3bddb325614039ba347c732a7f69513d4b9c1a594ed8821839

SHA512
eefa26ec062fda572795771be38831c3b162608acbf4124b47b5bd798978919b0c227b72e9ea518b0b774d4714157911701c026787d85d056349a052d39103f8

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d19b38e5e425f6f4357df5b3325e3b85

SHA1
439de1b80c3bf711a5993e9d7f1e0fe4c6b0e08c

SHA256
1fb6af099a43f14c0f8fcc68b0bfe5abd0a33eee137becb71328affa31357630

SHA512
e6df28275f038af7354a51112204fe687d5a9a27108e1df1d0e59fd5038baf7711b415f32de9e1ddac6471a162ee2fd2ce258ee274fa25bb80d5d967dc6331a5

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
908788b647a3e02aa350e7fe4bff4675

SHA1
c7a7d26d38b89fd2ccb3d41b70366d961644b9aa

SHA256
532549191593d9d1bbaa28568df41c2be6e762d69a87627fce2e39527a7ca203

SHA512
2c4170d6df2b21a8534fb56aecefef0b2d0544cad96be6146d7c18483c3823b4996f1dac7a5ea8d624b9f8c9dff4d050044a950cb279cfbff904b4539fec3ffc

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e0f44127932a5c40a830d6112ff4d71d

SHA1
4d76200a04fffdeee6fcdd77f4bb0628ed8bd127

SHA256
f3803bf41dc57bd8204cb03255b0482522e53cd146eb50be015680bca27263cd

SHA512
c44d5f29bd8e5dcd4c31bbab678d110e2d9f35318fb342778e335d2a86bea07800cd35f54269a4b1e0f302523742715786d135a6b82f3055c7de82fdf79d0554

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
b8e4c03dd48009b7fdbcd0e887f11626

SHA1
fb65e666a44f563f31a90a5c945980353979c2f4

SHA256
eb6f5f15c96960f02ab260281818fb7ed63d98776cc26f32b690fa12e80ac658

SHA512
21f0c8f2446156f24d260d19a15ebdff161a70fe15b64413556818c873ee48d0f111c0da77cda4e8f7f35f7faa21730cbe6a2107815684bcdec180e6620e144d

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
2889649ba93b1f80f72af3b46981ce25

SHA1
13c33f52a5579f36c0d744b196ddd7ef109d36fa

SHA256
803592b9f9eff24cdb7b72aecf749466805cb0950202c0d4863fed068e9b38f7

SHA512
a638216db243452b80185407c0eab09c06274348ebd3eda3f4414193e7c5c5415755fc653def16a49bd5ec8760416d552a0514f867872e37485be8f1d6665c49

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation6509627816192464601tmp

Filesize
90B

MD5
b8790902ab6c1120922d628c193b06fb

SHA1
f5659f67332fdd586e223592f7d5acc25d4516a1

SHA256
9ea1b5940213938a1dc3fcb4519e9f363a998433f74f505e3411c105e492a99e

SHA512
2ecac373c262baee3888a04473bc076699dec6814fb3e955d0b9815e335a08c9bca82a6c358189fe04879a2bf36794427fb416ab31d9254cd9bfe3619ca5f244

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation737112087602778298tmp

Filesize
569B

MD5
e0d2f0b10809b7d0e14314f1efa5e72a

SHA1
57628ba7b65d33f25c9ab4c7eae63ece40c138e6

SHA256
ad42e67b38186e9a28aa8e38a2241fea0a2152636ef1757e464f0a470a2080f3

SHA512
ddd2577925a4b03e0e60c3e1249c845814d7a636ad12b3879138b6737d4badb33c3a0ecfa627012f76e62fa774146c27a62733aa5215ef604dff31ba39f5a85f

Download Submit
/data/data/com.disprzs.hdfclife/files/profileInstalled

Filesize
24B

MD5
ce6e292baf23dccd2cbd6c7e5bf69b89

SHA1
75aa1bc920e9463fc82c17941d8cacf2f9a4bf3c

SHA256
15747e595469b385ca6772112712ffb15140538885db06f9f8a4a03470c983b4

SHA512
866a3203a8dcde31531541da8591e53c8912bfda20355cdcc19286e2aad1fcf7909979e16ede86ed6d4258ee691afe2b3f678533e9ea34993025c972cb9ba4a8

Download Submit
/data/data/com.disprzs.hdfclife/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
0a12cf7119e7d48f4dfb7427b4f9d3ec

SHA1
415909dc90670d44ddc5160ff32269a53f9a850f

SHA256
5c8e3b6a9ff675a56141eab9804ca43d5b82976ab5747bff6f6a4e5768b038dd

SHA512
3e0161d1719bef82ec0ea2f050bda683ae40e861aebcef296e8f6b32efbdfa0c1f4aa0d80644eb9a372f146cbbdb1e9f709dbaae38f51668209a75666f1303ab

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
dc5c876453fd7d927d721ed4067ebbdc

SHA1
8567ffa41c7dfaab2583be12131a45c353a8f889

SHA256
d71caa1e0b613df4a388a6fe8ef557a09094c26cd46994676929f2539fefbc55

SHA512
f1fa40c3ed00da51e8f6abf15ab09a1442f6b0013a666cd83304a269e6ed199704cb822b2edfaf9453aff851a387f993f0514e7a2fdb8661cb433e24ca6cb3ec

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
d2e1b0c7eaf02c4abfca382306875492

SHA1
6362b9220020656587f175aa11e0c393e2d61d8c

SHA256
62972181953af9d640fcc18e7b34146cbd1f77e952c9bd107a0c968947366701

SHA512
1867056b40050e95fe8bbc379e1330fa08ed3d5a0f270a8e32aadec731879f66b9d61bfd24e31683fd6d3d483212fa1b386e772cc22ce2c96bb0c9f84b698709

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
702c8d6df333ef5f525e9c8f0cd9f72a

SHA1
42df9e24078f15adaef7338de1355f07486c695c

SHA256
6b7b434337fc5fc9bd76be4ac4ececb43f3cfd4aa2a5eadac330422bc0abf497

SHA512
1a6758417daec555d5b019f88c0b71d35f3ce6a0c71d27367f8a1666645dd41df6630ddecfff92506f3457013281b42e81ceca49214523c05c690c33a5369722

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
2KB

MD5
25d28d40a79e59e9c62d34f20fe6846c

SHA1
a0cbf4dd440a0e0b43c70be3dbea02f38ee3bcaf

SHA256
d0d2f4966488f6452931e7c209eded824879e20e118450120ff3d66b28f33d19

SHA512
ab19c08213489e817fe3ed0dede8cc9436403a30a45381bcad0525018dfaef39cf96354bb0436f44d2e53eb0e4dbc2bac567562c099e751bf069c78ebba74299

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
9KB

MD5
ee6905427cccbb67a612e119440d373d

SHA1
d09ec91389b2244026870e8089ab2edb7eb7945c

SHA256
8436bc586c6fc211be65de01ab95a9be60a362220a25906ff06963eca19c4ee9

SHA512
e8c5fb6f76d725605cbc6614418bbfb9eb2527be1b2e79d209d6bea3f0eb53e83dcf21cff62ce494437265278ca99ee6c5d4bd198ece12f8f9845c80f90238e1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads