Analysis
-
max time kernel
27s -
max time network
156s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
01-07-2024 22:00
Static task
static1
Behavioral task
behavioral1
Sample
a1233cdb6a0e6a6296c50e0eff23668b9258a315eabfffbe655ab7e5fb915528.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
a1233cdb6a0e6a6296c50e0eff23668b9258a315eabfffbe655ab7e5fb915528.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
a1233cdb6a0e6a6296c50e0eff23668b9258a315eabfffbe655ab7e5fb915528.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
a1233cdb6a0e6a6296c50e0eff23668b9258a315eabfffbe655ab7e5fb915528.apk
-
Size
1.8MB
-
MD5
f46ca721230ac3f1d41829435b3a7d71
-
SHA1
1a7ebdcca76ed15c704b31844f8077c2887747a0
-
SHA256
a1233cdb6a0e6a6296c50e0eff23668b9258a315eabfffbe655ab7e5fb915528
-
SHA512
8f6da29ce6d14743618393e0760b7b7e979dbda1f36a09442bb9008d38a6582c7a7c890ddfa7ca7dd0b395f0e248e966e6a4ba4c686a05e15e75040892c86a30
-
SSDEEP
49152:jv880rdjLbAf6cZk59QOthbnH16oWgSHNb:z4rdkfRkJwoaNb
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
pkmast.pk.yonosbipannel_newdescription ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone pkmast.pk.yonosbipannel_new -
Checks the presence of a debugger
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
pkmast.pk.yonosbipannel_newdescription ioc process Framework service call android.app.IActivityManager.registerReceiver pkmast.pk.yonosbipannel_new -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalledFilesize
24B
MD5e3af74c4564e59f930b645a362faa952
SHA1faf68884a1853b3c426604f29beb49b223e5621b
SHA25667169ba90848ff1e485b9856df58ce299ff85cb6115986b46354176cefde1fe1
SHA512dd3b2ab7abb95f00654b94db87e2cd4354871169e12f006bc1896e047e86d846b5c7d72fcfafbbe04f76718bfbefe51678118be57cf93ff57403a8f5b63d3a9c
-
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5faa20aed53f86a6f1dd8849bb90a2fcf
SHA1fd18a15ed96aa1293ee9a786347ddef97404df2f
SHA256587e2b6bd8f47e9f9604caf076bfde9c7db9059dec49b663c6f2fa4d7bb2817a
SHA51277c46e2414a3e080930ed60a5648c53d017cf24f68c553391a5f8474ddb96cb3fbdafd5e4aedf782e41a0813cace1cfe09c7c49218b234d9e0d50db8b62a12cb
-
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.profFilesize
1KB
MD58fc50e2e9a8973a5472b571679193472
SHA15c41be786750f4dc09ba628412c5cf0181fe5daf
SHA25691d99eae9c72a8fd611cf2c5397131f7b6f7d9ef970ea88627430f0328699c94
SHA51262c0631e26ccbde92ece58143075bdfa99553204390fa8a0511a46557f1f2e74e82a354150057b6558cca629883ed5d94af706381054636b1a17a3f143e7d783