Analysis
-
max time kernel
20s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
01-07-2024 02:18
Static task
static1
Behavioral task
behavioral1
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
-
Size
2.0MB
-
MD5
71f6cdb3d8eebe1c8e7e26896238e571
-
SHA1
019134386a6d900d61285e5e986249928a9504b6
-
SHA256
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
-
SHA512
740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
-
SSDEEP
49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/pl.spyone.agent2/databases/database.dbFilesize
76KB
MD50379f2b646309bcd59a19760005dd257
SHA19185b00c3401321841b1c7edd10624a13c2dd47f
SHA25662c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f
SHA512387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
512B
MD5249859d957932c89da47e0ee88b602d3
SHA14957e0e30dcd25050febe2533da10b79242c94fa
SHA256b6fe7de764e68ca9e34d74480aa1086a75a8b6db900b8db8395c4f725a5890f7
SHA512a37733cb206281670ae462dc3d04725fb8b601290bc5233aabfa118e37f3a922d08b9de61d8c1a250c03e7a9ffcb665b4a9f7c29740805a6ce67c7f169e5081f
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD598f7d0c8cb3b81115d127fc541069c3f
SHA172c78b1e9a3de8489d01ecd6c920d714cbdc52db
SHA256e1086d516628c2a43a1663578d14fd9566b2d9430e64b5200f28cfa78eccd8b0
SHA512814b4632784c7b5207c566cbfbf2190452deb05e0c3ce678c9c19c7baf32892ba74f19d1a2506f39538f770c7d7a8bb7afb63a7d8a74aec23d6881ec539ec6bc
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD5330dcee0df1c9ef2fd58cc9ee9cb5fdd
SHA1ebf845f72c9eb7322ec2298793cf471ac2faf42e
SHA2560bb604a6571c0e09ce53412bd4b8c3ad304249506527b17bbe16ed7c94dd1c1c
SHA5128bb3abcae4ceb1250bcde7c427c10df57c9790f97b1014d07a6a6ae6e65667395592017cf26b56132a835cd5386a2c66a56f814e68c63130c67ec2734a508ba4