Analysis
-
max time kernel
142s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
30-06-2024 02:29
Static task
static1
Behavioral task
behavioral1
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
-
Size
2.0MB
-
MD5
71f6cdb3d8eebe1c8e7e26896238e571
-
SHA1
019134386a6d900d61285e5e986249928a9504b6
-
SHA256
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
-
SHA512
740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
-
SSDEEP
49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/pl.spyone.agent2/databases/database.dbFilesize
76KB
MD50379f2b646309bcd59a19760005dd257
SHA19185b00c3401321841b1c7edd10624a13c2dd47f
SHA25662c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f
SHA512387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
512B
MD50a52ef7681179289df5dff8a7ce2f491
SHA1d3110b428cba1ba193b5d46d166ecace168e80c4
SHA25608d03caee24a3cc194ce62359a30b6dbba6ad2600874234710dbb57e30a19ba9
SHA512dc5c44410daa4516cdbd8763dc306565e97c1c5390de58467b2229c3f3c0ae01a4ad3a013216059f8c579d0e4c0f55d0ec286d0ed3f4a8645c7de1576ee6cf00
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD58239bca55cf264f4b5dc95ae9def18bc
SHA1cc8f99d2dcf35af75290def06b5db66e4abc3467
SHA25615113fa43b9267d3708d14d20f95eebc1be3e544ad51ae3d8bf2f02f65713430
SHA5123a07c5462cf2fb5892203181937244390a1a6dfc256f04d93c7dc58951bf94f8370c8e4440a11f8c16280270160c5679b79ee4d10c5c1d7a0b5845c1aa0f2e63
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD5432e911a3cc582ab429aa3d9e6553c2b
SHA11d02dd7ef24df38aaae6c7b54258fd75f73469b5
SHA2565933e3ddd34dabe8089cd842a086e5b6c6b66a7e049e792838ee38d4c74ae521
SHA5128d2be6bbda53baecc2dfd716c7fdbd6945e00d3c3f9aef25f78446a882ce93c4589523988597a36a3642d80f013000d9753e174e04a137dd2e21e1e2923773f7