afd3227c4fb790a2033f99857417061be8eb1c3c1db0cc2910f252ed0959a3cc

Analysis

max time kernel
299s
max time network
303s
platform
android-9_x86
resource
android-x86-arm-20240910-en
resource tags

arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
submitted
21/02/2025, 06:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

11.3MB
MD5

596d77b3f736d77e31b622180d4c701f
SHA1

4c61f2273734cb7a080fe4f089440068da49d080
SHA256

8ae7b0080fbdc2caf4bedabdc09579441ba25dd0b28750a31864581ca9c2a418
SHA512

35bf77693479a8c9e2a32af1282b8fa3d05d6843ec5032f9751396f5db6e25c54f68214dfa2f5fee29910f869a0c80a0e05016d49a5534abf69816a7149d2cbe
SSDEEP

196608:z0DintMBhkRaD35nD//fi9uLKpicmIOhgYWWmDzFk5kr+lMrLAY8zYccBoB1Vqmt:jtMBK8D35T/UppicaJiFgPMr0zP1V3t

Score

6^/10

defense_evasion persistence

Malware Config

Signatures

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

defense_evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.disprzs.hdfclife

Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs

defense_evasion

User Evasion

T1628.002

description	ioc	Process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	com.disprzs.hdfclife

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.disprzs.hdfclife

com.disprzs.hdfclife
1⤵
- Makes use of the framework's foreground persistence service
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4396

com.disprzs.hdfclife:my_process
1⤵
PID:4469

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a3876cc5658eef258f8e011c4fece029

SHA1
118d8c3ca898218afa473f185545222232c8a874

SHA256
82fad096f94128b39a9034a4eb7fab5746e319d22eecbe4d7be4746548f4e89b

SHA512
8b2f6424bcff9302f51636902476b974dff44e1e9171d919b7555ffe8b816e298cc3b7e304af763de4b4f1710e2e75637e31a7ce55732db9d6c370a0de16c355

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8cb6f2c946c8ade31fd8ae0567377c22

SHA1
0cafaa500915e4e8508090869354db541218c0c4

SHA256
1df2e2ca2a0557496f8550330f7cd4c26c5ac8696cfe161c089b578c728046c5

SHA512
b8167d9c91d5a3384c3f7bd199b0cac5feda18530cedf940983e10c3b70c0863b85714b60aa7831bb0401fccd6359f0a6615ae0b6b4cfe42f32715e3695d6abc

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8f62c368bc4a238f0d2443b4085d96a1

SHA1
405a66c0a597c428260cd9f3ad05a204e8a1593d

SHA256
1dc7d7349523200a0ed6be17a6440e5e74026628ef9a9edb05cbb2daa4034644

SHA512
b620fd63d2ef5f40ff44cd324a243ddc7f8f2b4a0306b0f2a48c85a807e536104a64842b8663dea3b253bd5b25226df28c222ad07849b73362ffb04540179dff

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cf11cfe38bc52a7829048770b2c993f6

SHA1
40a7010244b4c379e35574df327e2c0fabae3679

SHA256
537d8689d04723420ac3077125fc00f72f315850e385ccc7bc812f43b2565f75

SHA512
60528a88cc1c4a5bb0d7a6a2187fe1b2934fc86244c1943913b03f17bc51dac7039dad5948640cc70dd42b29bf06149a7afb5a55b5c78cc98d763f39a3def90e

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2e77dcd05acdceec366d93275dad30c0

SHA1
fd29150b74de0601589856de9ee17308efcccf98

SHA256
953910f1400f96563ca455fb89060ece3f0d4423ed3d1c2b2960463df3b5566c

SHA512
da742e8589de919ef58ff99ad179fa79a00c1e922fb46382cf3989f14741df0f28969c72c81964cf22f915033ba468ffdf5dc3ac678215a8785433241dbb6436

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d557ad94fa8924b1a2818ddf9d57a633

SHA1
a1a2ff3788436098e9fe980d84600c1fe1676ba2

SHA256
fc5dac0348d87bf08c33bf5557604cd8df6d4de57f37cf7e8c5f4adf5763de1e

SHA512
9962f9ca7d082c47ca68ad797b7479fee2988c9c1428f73edef573d84251f67d2598ddcfd5c0c6c75c50639fb51290322156f5bca3a78d408939749eea8191cd

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
0e26109006adbe2d505c903d9cdb7b14

SHA1
eb8f3d86a98ffee91895610fd420f40d358039a5

SHA256
914d9c18eeb4588ed1ad66ff2655b37f6050fe01e73513734183e5868fb1a951

SHA512
13c010c5ba1dde606542992ad06fc828b1bebcc4bf86423ce91633e36f6b3ce5c34819279b2cdd6a645a1dd6b94932b51a7db4afefe3094036c04a73b6887703

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e6e68ff5a62857273b01ea174a0c4140

SHA1
ceeb01df308317423386d7b30615fe6688c0546e

SHA256
85067b70c044718c9831373d2fa48cc4961e4c3db44dd60438107a301307f1fc

SHA512
3248a185905b14884427d3d5e764efaa551299a9e09be30c890edd3dbdd064c345f6deabb2304911a0dd2662c5a543029dd3f765a9166c608ec1fd6fa0a3153a

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
705569bb0eb90d8c2c09ab87a6d9dd77

SHA1
eeebf9544fef8e0d43a3f0a3399a05e55c0e0c47

SHA256
0a528a2474990d74f4fc16e359a35ec9d29b7b641c41d60ed211609c1f41d7de

SHA512
74e927c7430f0c2cb3a088175d32f9bc28d3c6951c03d0dfd9e73a04ca3c4dbd1b912ab5d7f83ee98dd83f6d68daa1b72b83486eef033b3437972b6528f5bff9

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
84201adb0b3030f17e357568fe840a2d

SHA1
498d55bea38b30a9b2f11e67e8db6e1f02e96c1a

SHA256
30e6f2414fe63abd583d86463cb7ffb5cdf99c1749d8da52f10305669a581e64

SHA512
37421fed2957526e7ed14b064a4a07d9c3fb4d7a41ada593f4791c26ffee19be5eb96abe0601a07ff0baab0bb348792b7c932ba55959fe8be6860a1dbed5ac70

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
fa8bda53d215ea688618046d2611be8c

SHA1
e43a8026bae99a436af5073202bbded3250991b0

SHA256
3d92d502203aec7c2e4bd018c2c934be8d04fde5090054f728c078bf84c37b3a

SHA512
b1d3fdac170dc9a7a44f3779f23fbc3f425ae760b1f3cc6c26cd3dc204464eb5cd1912f837ba53639ffbef19ba79174512e5beccbb73069d10074215ce75880c

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
36ee0f1b7b2ff2b2a9565a2115fd7d02

SHA1
b5162c5e464bb52a9d32fc2065e14bdbd3bb1c50

SHA256
17dadc0a5a8bcbcfcbe051c0b1e5f0651a1ea3a0f459f7a72f0bbac7f1b74919

SHA512
3e644371b98ef41fcfcb0dd14cd4b209969a1346bf56c82266b80776a36e44d08379ee33516356f910af33086f64811800de148c70e70433098da8fcadd06343

Download Submit
/data/data/com.disprzs.hdfclife/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
7dbf2e5433ff7b40a8e5b3c3f18bbad1

SHA1
358b6d21a615814f82dd92c44695b6503a901f44

SHA256
e8cf116620f67b1faca873ca06c6cf7d99dac5ccfa863f94c5ed89fca2757e00

SHA512
52b32e57cc94e2cf6fa21ac45291b2b22dddc6d1e9fcfc0be207df3d109d335f78b18cb6d3d6073d0c8ddc86571367042159ab69fdd7137795a7f8ed7581ec5c

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation3394249118927886836tmp

Filesize
90B

MD5
40a33be66dfd9120a1bc15c610fbb285

SHA1
ea6a0bc20ae9e9efbf957726609ce7ddcb5194ff

SHA256
b8e42b5a9cdfd16b1ec30c57c8779b3fac0235a7eb6ce95c1340156ecbbc1afc

SHA512
4b2f0466668fc2034f11a7b9b2b0228e99614c34d5ca6d1c90f72008282ad68fe2d98e3e92469054f17e209cb30c17859fa9d93072f79e2e209bd26f76f6d90c

Download Submit
/data/data/com.disprzs.hdfclife/files/PersistedInstallation7549996987779722708tmp

Filesize
569B

MD5
77ae77aada403483ae7d6b64a8616685

SHA1
bd015b7c1f2ddee029e71bbed51f77a83ae03956

SHA256
182ef97f78dea9759fb2e216ed37c56985cc968e0664ae94f769096da570553f

SHA512
07ba2b0dc94e6e88138d5fe0ecf0d7290bae16b04826dc10168692e271c0cd0c79ee7b8bca2bc3424914b9250e80d03b91f95477e9f8278b31915fe1e286af52

Download Submit
/data/data/com.disprzs.hdfclife/files/profileInstalled

Filesize
24B

MD5
dc04eccb364d28c197fae8e27eadd83e

SHA1
f96a2479026c7ea5e37fb48f3b345a240a25e30a

SHA256
41705237e8b77039e53e4b14ba861cb6ad96d131ba59392bbc5c7aaddd2d978e

SHA512
841b85b57327fb665db244e38ac4aed2d01cb3d12d67a7d5ec0675c4bc65fe5ce258b13ed1c7f1ae6b82854ffeda9094043656112afae60c81dff826a74d7766

Download Submit
/data/data/com.disprzs.hdfclife/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
cf3d0489813305a9d93b34dfef30a54a

SHA1
d68843983b5ec5253fd8bdf9904c67c4fad7ef3e

SHA256
91b0ec5e2b7ab9bdcc36b7a688cd8d5aec3de707366ff1083cf06157a9bd7d4b

SHA512
e49483d3f3b4a23ca77637db14e8ac151f5585e454087e3b50a739439ac59ccaaa1c1cf3a661171875a74a476abb9f7da7fce16841b56aa5eaed9efb8a65e60a

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
f35898cf8d3cec0321d443caac03b852

SHA1
367d0fba79d06c5a21be56b692cbb9559d5036b0

SHA256
cc6d760c72229ca9a9a5e8eb0e5f16eeb11e860490c4f109d4a1ae3ee1af24d7

SHA512
a39a137f3f055fdb1cadd53cec3951248fd3ac55f9072651a8e04ad814e4d1fc7d8dffd2163fbeb735cfc440f3db92bb143a8327a8c9a5afa418e61566a650d3

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
cb889cd762fe200e02a3c5a44f211991

SHA1
e3a244b53e5b6725ede8558128150bc8d262f36f

SHA256
95edae1fc63421e4038c55716d14225fcdfc29809e118641d3cf1d53c748e915

SHA512
5384250e424990eda48e2b708f31937a5f558c29affc8e2958ad76d2c1186fc33d2822e933639a98d24e2c2984750494a3415304dd7421551991fb52087f421b

Download Submit
/data/data/com.disprzs.hdfclife/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
e6c0f17c2cddce316a76b704ee5b8b66

SHA1
8b950145c608c76f3c87f456dad2b425f8885eb8

SHA256
fc2c0648cebfd5cc2da820d640389573117851c1715b31b1bfafe178962e7dc6

SHA512
da29678c88121246fd65581f2a5ccdff060e7a5d1706aeaec0c4d840be3591bd246efe582027e6ede37ad775e97c8f3813de97a44210c71951aed4a25db8edb6

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
2KB

MD5
25d28d40a79e59e9c62d34f20fe6846c

SHA1
a0cbf4dd440a0e0b43c70be3dbea02f38ee3bcaf

SHA256
d0d2f4966488f6452931e7c209eded824879e20e118450120ff3d66b28f33d19

SHA512
ab19c08213489e817fe3ed0dede8cc9436403a30a45381bcad0525018dfaef39cf96354bb0436f44d2e53eb0e4dbc2bac567562c099e751bf069c78ebba74299

Download Submit
/data/misc/profiles/cur/0/com.disprzs.hdfclife/primary.prof

Filesize
10KB

MD5
9ae129ba84764d3452774b009b9f92d5

SHA1
26c518b7a5ddd78b17f69a44f7c4d499873ac451

SHA256
706a9a9f08493e46a9b50094e5cab670f931ddaba03146919d3061b8513ff7ef

SHA512
e81fd7b6cfe1b278263a2045c00cef01e49bca3b1f5811495b2d268b23edff922ffcb48fde737c38d3982146ede297cac78ea4ddfa715706ed92201ee3540e36

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads