Analysis
-
max time kernel
51s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
30-06-2024 22:07
General
-
Target
085b40b80334103b43485c7eb332a9797ae368caf1e7f16b8d3f74890548899b.apk
-
Size
2.5MB
-
MD5
f71ecf27948f90856d92b98f4a203bab
-
SHA1
6db801df53abaff5a3349136566c6d3287f94be9
-
SHA256
085b40b80334103b43485c7eb332a9797ae368caf1e7f16b8d3f74890548899b
-
SHA512
e38286ab41ad24ba2107f806253c54e102b991853edacf7918008103293fb51ed555bd9952de2db46431f42b6207b09bb0c9d5a6aa9f5d42e0ac338d88789a57
-
SSDEEP
49152:fInTj2owxZMrHyVgWgCZ2ZrlZOHqLhAmhuICQVq/ptqlw1idFSEe:Ak2Ty8CZ2ZrlIHKeUnC1tqlwUFe
Score
7/10
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
ir.amirkhedam.zedbazi1⤵
- Obtains sensitive information copied to the device clipboard
- Makes use of the framework's foreground persistence service
- Checks CPU information
- Checks memory information