Analysis
-
max time kernel
47s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
29-06-2024 22:06
Static task
static1
Behavioral task
behavioral1
Sample
3fbeeea1cb6b59144ed79537b6f20e8ebb295eecc35ed6dfa22743572c809d12.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
3fbeeea1cb6b59144ed79537b6f20e8ebb295eecc35ed6dfa22743572c809d12.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
3fbeeea1cb6b59144ed79537b6f20e8ebb295eecc35ed6dfa22743572c809d12.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
3fbeeea1cb6b59144ed79537b6f20e8ebb295eecc35ed6dfa22743572c809d12.apk
-
Size
4.5MB
-
MD5
ddbe89199458ac917f297b47b66d12af
-
SHA1
66e9b6eb444e3941a7c729b6581789b3f04790a6
-
SHA256
3fbeeea1cb6b59144ed79537b6f20e8ebb295eecc35ed6dfa22743572c809d12
-
SHA512
66d13016209ed3898e2db3dffda4fdca1e4196869b2fff1b8810b2e0f89df5e9763332edde5ba4f3afc334342d71e6ac43a4002ffdfe327e80301deb68327e11
-
SSDEEP
98304:8pi7lv9dsNQs9XfwosbeRdr07m2TUKwZ5+sPNPX1oTYr/M1p:fd9kpwosgrY2ZssVX41p
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.example.testdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.example.test -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.example.testdescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.example.test -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.example.test/files/profileInstalledFilesize
24B
MD5b286c482e56d0407c81be4533cd9011b
SHA13e6799dc4ee18ed86bfd6983f0ad53eeb2654e51
SHA256205d322a1b5acb20f85cbbc73b33be98cff5b4d51420d14406901fa4a2d00a00
SHA512cf72710054e7c9e65467cba1ee71cc6d0ce571a081c352c6940e3195f8e49b3ebaec462ec4e8968be5eee0af3ff4978ae18e88621817669c993f5e0bf0455e0e
-
/data/data/com.example.test/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5c8c5ab3fce41d931bdb0c30a31e3efb4
SHA1c0caf5245cb407308ba5acd62aa509b1319e4dbb
SHA256686ee49716e3e182b580143b567582f6d3c5069749f78e194f443e5c76783a3f
SHA512568582acebae2891212271c7ddebfe9e7242b62941839a34adc415954d369733b91b512961f569b8c3f123af5d491e1efaf40491219215112c4b263e54cc67eb
-
/data/misc/profiles/cur/0/com.example.test/primary.profFilesize
1KB
MD54ee3125c70faad60cb3ef7ddc16adb7c
SHA13c9c5394eb7cc8e7ffb36785aa6b4d1aa8b51713
SHA2569aafa0754eb79bce250741c1a7f08d7c2cd7c29b29c4359bb77c6f802a5a8d5f
SHA51276c6ccd57d185a193f97d956cb894dcb4e42f3acaa7b67fe9646966968f60d01ac38e6f3ae2e1de4c896e4f1638dfc76920b51245c750eab5bb50d867913d102
-
/data/misc/profiles/cur/0/com.example.test/primary.profFilesize
3KB
MD593e132cc90bcf8b00dcfd8a8faed6c9e
SHA1c3e5e7827f38122f887016d2e10cf29944eca8a0
SHA256315903f7633d4f4f8d4a7bfe7af8cd94492b4c9e8d7ff5104f12b5a50f0263e1
SHA512c9b23f05d993193c047ec768801d9833d777e3cd01b4ebaa407102a55e24cb00904f8cb964b7d9698bf15570168adb3580ba3561f91916d641b9ab708f18a2eb