Analysis
-
max time kernel
36s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
01-07-2024 22:02
General
-
Target
ed3e471b206d5dcd3fe448b1bebe733710d558c55dcec5f86e65ea11e32145ea.apk
-
Size
2.5MB
-
MD5
b0a15127578501c3c255b53adcf3c3ed
-
SHA1
62da8270d6243bb1e7c33afd9826ba87af60c18e
-
SHA256
ed3e471b206d5dcd3fe448b1bebe733710d558c55dcec5f86e65ea11e32145ea
-
SHA512
0f1d68ed400046418e002180cbc429fb2517a2ba330d3f32b92301c35ed9a3d5de583c352b7bdbe33d82ea30b459e52d9d806da3786cb1b13288e3a4aec99977
-
SSDEEP
49152:lFqiS2tmYT+/dqZgWgCZ2ZrlZOYqLuAthujKtGx/rPplwPQc2XI:08KlqwCZ2ZrlIYKFPoKwPplwNp
Score
7/10
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
ir.amirkhedam.zedbazi1⤵
- Obtains sensitive information copied to the device clipboard
- Makes use of the framework's foreground persistence service
- Checks CPU information
- Checks memory information