Overview

overview

7

Static

static

6

0c2523fc04...7c.apk

android-9-x86

6

0c2523fc04...7c.apk

android-10-x64

7

0c2523fc04...7c.apk

android-11-x64

7

Analysis

  • max time kernel
    25s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    30-06-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c.apk

  • Size

    2.9MB

  • MD5

    8deef0a73ea4f56d9957af7fe7ebd125

  • SHA1

    de6a11ec18f32ed335e45634b144632228ed2fa4

  • SHA256

    0c2523fc04bf1bbaa183e2d9117d939e5ba496f7099efe9aabc90789e746287c

  • SHA512

    a91582879757a9bc10a2bd8884f4b0e5dbc46ea97749124320740f29bc67e074417889980a080ce80b4574ca5494956a8220193f9303b4a05f6a2294058c10e9

  • SSDEEP

    49152:sfF2qTze4bjhmBinGJkVVeKVuvYfTsLJgIyohOrd1C:sf4mJUI3xuveshhOrdI

Score
7/10
collectioncredential_accessdiscoveryimpactpersistence

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • kyc.pk.rblbanknew
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:4923

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/kyc.pk.rblbanknew/files/profileInstalled
    Filesize

    24B

    MD5

    87c157ceb660e9c0232a6d7718b22780

    SHA1

    cd11be88c8b6a99ca82f60961abc7338df67bcc7

    SHA256

    5c59811d5151a65531197714f7d5e4111e9bca3ad46a8cd06f30f75b7cb8f1b5

    SHA512

    3108b4b0cac2abb013159e8fde8eac461983513f53922c33e7ff3c1a990e3d262ff116b69c68141b98f5c7b810bff00b41a4234ead65659ffa24a2a04a150272

    Download Submit
  • /data/data/kyc.pk.rblbanknew/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    7119cad25c3899e8598a09ba3f282c6f

    SHA1

    5dcf49448b940a71072ce6ef1cf1a672ff748c49

    SHA256

    4cad6888aed5f7c5e91db729d8700d301829f701410109c6e3e62b9bde3245dd

    SHA512

    d1268767440251706a8a07067bb24ce97b1f7a188882d8359180c67edae163b765dbb2fe7127bf1accc8164fb8cde788e2f1a5813a71861360d037137f852e12

    Download Submit
  • /data/misc/profiles/cur/0/kyc.pk.rblbanknew/primary.prof
    Filesize

    1KB

    MD5

    95c454793016ea827b29e8ed872754b0

    SHA1

    e3ab798ca4f0aa27882fab5c3e60bdc12ee3908b

    SHA256

    a8be3be88e3a8cc1fe96b780ca1c0d0dc7db7f43374b9d003358e8afc68fba09

    SHA512

    f08dadc474e29f425a4a9388c70b2394dcacb0631c2f737fc7f886dbc940cddaf30f0f50d78c493cd64389f22e1390ea0dcd6dffde5fe535dcd4e717e4522b6f

    Download Submit