e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
142s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
30-06-2024 02:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

pl.spyone.agent2

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener pl.spyone.agent2
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/cpuinfo pl.spyone.agent2
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/meminfo pl.spyone.agent2

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/meminfo	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4509

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db
Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
512B

MD5
0a52ef7681179289df5dff8a7ce2f491

SHA1
d3110b428cba1ba193b5d46d166ecace168e80c4

SHA256
08d03caee24a3cc194ce62359a30b6dbba6ad2600874234710dbb57e30a19ba9

SHA512
dc5c44410daa4516cdbd8763dc306565e97c1c5390de58467b2229c3f3c0ae01a4ad3a013216059f8c579d0e4c0f55d0ec286d0ed3f4a8645c7de1576ee6cf00

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
8239bca55cf264f4b5dc95ae9def18bc

SHA1
cc8f99d2dcf35af75290def06b5db66e4abc3467

SHA256
15113fa43b9267d3708d14d20f95eebc1be3e544ad51ae3d8bf2f02f65713430

SHA512
3a07c5462cf2fb5892203181937244390a1a6dfc256f04d93c7dc58951bf94f8370c8e4440a11f8c16280270160c5679b79ee4d10c5c1d7a0b5845c1aa0f2e63

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
432e911a3cc582ab429aa3d9e6553c2b

SHA1
1d02dd7ef24df38aaae6c7b54258fd75f73469b5

SHA256
5933e3ddd34dabe8089cd842a086e5b6c6b66a7e049e792838ee38d4c74ae521

SHA512
8d2be6bbda53baecc2dfd716c7fdbd6945e00d3c3f9aef25f78446a882ce93c4589523988597a36a3642d80f013000d9753e174e04a137dd2e21e1e2923773f7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads