Analysis
-
max time kernel
3s -
max time network
187s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
29-06-2024 22:09
Static task
static1
Behavioral task
behavioral1
Sample
2fef86e499d46768ee47b4561827c6dea3aa3893b7b900a0b7e4cdb0852a8210.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
2fef86e499d46768ee47b4561827c6dea3aa3893b7b900a0b7e4cdb0852a8210.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
2fef86e499d46768ee47b4561827c6dea3aa3893b7b900a0b7e4cdb0852a8210.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
2fef86e499d46768ee47b4561827c6dea3aa3893b7b900a0b7e4cdb0852a8210.apk
-
Size
1.8MB
-
MD5
46a3c3d079d00edea2d16a1c5bc5774e
-
SHA1
c335bcea6dc518bcd012be87e6d689a364dd7336
-
SHA256
2fef86e499d46768ee47b4561827c6dea3aa3893b7b900a0b7e4cdb0852a8210
-
SHA512
d79f4798e53b65c51988c39231e3414790726ab96fa897d60a83e25d4a9cc880fe0babc7c1245e1584bf19345d9bbb78595b8337e1468da566d8dd680ddce318
-
SSDEEP
24576:574POwUtdragKC/LfTODwDG3GgcwRMRrYgWFAd2ofreoPpvWkO+6:tSOFHrpxgcG3Ggc2gWqd2ofreCW9
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
jr.js.jtdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone jr.js.jt -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
jr.js.jtdescription ioc process Framework service call android.app.IActivityManager.registerReceiver jr.js.jt -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
jr.js.jtdescription ioc process Framework API call javax.crypto.Cipher.doFinal jr.js.jt -
Checks memory information 2 TTPs 1 IoCs