52770b424a389e606b326221af03dbe770eac840d4f291f32df3deb6a4fc47db

Analysis

max time kernel
159s
max time network
149s
platform
android_x64
resource
android-x64-arm64-20240221-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
submitted
22-04-2024 22:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

1.9MB
MD5

946f4da12572cc7370be6ed6778f3854
SHA1

7f6f21471c160eda9af5dbb796a99b410b9bbee6
SHA256

52770b424a389e606b326221af03dbe770eac840d4f291f32df3deb6a4fc47db
SHA512

df753a7f17fb40b51de7e568857e68819c717c905982a17ade6e7d21a8453942daf6fd793c908adea318ebbdbe294198eb4150274bac6427106fd60d8998c807
SSDEEP

49152:k/EZL9zHbY+B0TXud1WB79IKrPWI5RAeuTvKC03T1dy15ltJv:yOL9DbY++Y1k75PFAeavl81dCJ

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	Madsal_remote.com

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Madsal_remote.com

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	Madsal_remote.com

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Madsal_remote.com

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Madsal_remote.com

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Madsal_remote.com
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4639

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Madsal_remote.com/cache/1

Filesize
72B

MD5
3552ce81ee85bd2688b08ea0c8114319

SHA1
f10c395d901c1536f435d7e637cd80157e6adc05

SHA256
2c1b96a99df9fb5129405e5c735fc70bdf45d1f8d8d15c7bcc4d5bcff6802405

SHA512
7a13f17e62f82adff81011168110d7cb3092a2e45d2e3181ebdd00b9922306a3ca354f476a74a1c016ca5151716c753054e817b260035f2e31ed743d7fb43362

Download Submit
/data/data/Madsal_remote.com/cache/2

Filesize
16B

MD5
6a6663ca50638a0e14cddc3487ad0e23

SHA1
471387fc0a32aaa18bca39bac77f8dc2c97a97cb

SHA256
19bbfea39e6141139a50c6539688e28af96cafe3f7e296d07d08c4324dd16d92

SHA512
a69e6151d046d80698efb237d5df9e91f7cbd0e74df8d393f4ecb57ad365ed5d9ea633e19a28c1d6fdbe81bbfd7596848f589e630608406f922a424a2a9b49af

Download Submit
/data/data/Madsal_remote.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8bc5f047ffb95919d0d26ce320f2c3ad

SHA1
2e281b974ed2a00bcea6eb322ae5c37a48a1ddd4

SHA256
3aeb8fe0bd72213e3e72c2778ce23c3d7939618c02fb4e463d1a68519c3899b5

SHA512
c92d69a52c41b0bac0d9bbe3d1a2d021a6b88dba2175559a3685f94582a6a4ffcc5f04fb133f79cf1a82aa363f4db8ad54b8db5c756ed22f2aa715992e5c6a96

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
faa096a87232b6e4de661f7a650ce1cf

SHA1
d3c0b5432108ffc2489eb397fd414a5cd5b995ab

SHA256
81b5e6035e379a31db1b6dc8fb6ad2a767a20fb6a112347b6edfee09a4f5f6cb

SHA512
8978124d5b7322c1f9f4153e9fbcc92b63d1968cce78fd5360bdbccf355947d380c71a3fc4eef9c58e74ae301f9d705533cff6259ead227af67b918142955f70

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
78a77b966b04a099c23a56a742504d47

SHA1
e05b73760b0ada1d4f22e8f844288b5e934f43ac

SHA256
607592984c603553717aee6794fff63b10f7846640fdaef5da4fa1a8dc44f081

SHA512
efe6a15d05aecfc4b83e3b10826689536ea15014bc3f1dc43d102b39f1a1c13280f194c49e6192b9075d1845194a66c31d5391eadcc963aeccd0b30c1391655d

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3daece4b9f0bcf00d1a652545f9b0d2d

SHA1
e0d3d9e35b8ad94c87c7c9a4e2548c158cc4e2e0

SHA256
8dc57a75d124bca48df9c4b8e22dfba58b299fe35217a8d0ea1cb81c021bbec2

SHA512
c1f68408b5d25b4ca2d9cb28e09e1937ef5da2fdca811d4b2ccf16730da3d9d2dab8d465330ca372e5d3bb2861af0d6101e42f7ccaf7f87685129c364d7f59f8

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d6824615c7f88a47d2608e7cea8a322a

SHA1
faf42042be640bff629eb4166c5fd5b636312cd4

SHA256
50118884041fffcaeb0564eeafba15f32d81ee6b32c2575179243a03c42a60a6

SHA512
987b0a188767fe52a2892f495d29d844d97bc52fca8b8197d9c38cbfae730e43c14aa5de54c85ec1c7380e2a9278fb8c3eb2c4c5a1a8b70cb1a45d9964524802

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
93eb21fd43977a6bbdca22f09af493e6

SHA1
1418e93ca2a7ea7b4bb0062cdc28695e4ff11fba

SHA256
715dacf7f6bdf5c578e7c23f6f9201da0f7c2c99c801552808c9681c8e5a151c

SHA512
7e605fbb630cb09a4b537258887388b87f2848faef64a73ef2ccae055df53b0f84b57c08e24079a009fc8210be91a5ee9d88b4b3e0b753c1bf8f44aeb0a434d8

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e45392ac545b4b7712e8af880dbede15

SHA1
c98e57585f2ed538daa3872da2f6e06208ec9c37

SHA256
05c9b943ccb1203351df6b213f9fe7ae12aa3bce965302d6330a9e30b1681d1f

SHA512
4ec6567a4a48f094a3a8b2ba7105565b78ae47b5cff2e3309f0af4361ae884959e10b6b7cdfd1829172ad146141a26d6b163a0b468543bc70780eb0a1f9e6342

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
80529940e5ca1cbda7a120e41c0d18d6

SHA1
26cae8580b3ad6f0c1324e9b4510d5cbc4e1da8a

SHA256
7edfad6f1873c01a8945ee74fd142b35a3830a362e201f0689bc10fa7f3a2afa

SHA512
d5bf40099cb3b0fec03d9267da75ef08904141efd8e71018d76a3291698da5d86d3695d94d7d6813f24986b10f196f8da1ca27fc82afc272036c3001134109db

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
1c2a3b53369f5ad0d653faee6fd589fd

SHA1
c2e242beca0cab9908227139bf8064169fc55eae

SHA256
6c06eae2bfb1a394659736abe31dc6c86039ea85edc510c947a26b3874c6286e

SHA512
2b57e79a6338aaa890e059883bbc527e2840a570acb7b7ff7aff91d187f19bfc2318249d2f40aae7368e37e20c70b832210d239c4eb7317e0a494b2a392013be

Download Submit
/data/data/Madsal_remote.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
695e1ef7dad2d0a8cbf1dd5ba6593420

SHA1
647dc71f1d2137c9d04af294834501c20db273ae

SHA256
5039a2f3826c3ec7dd59a099c8cfb4be2b5c58df45043341341da0e28ed0a4da

SHA512
b171f61d156377b6b4011fe048637a309972ec1e34ebcad4ffd5817e8dbb6edc278155fe296c1e47d34c80a912b985785df4f4aaa8f62b56569d13b1e0990315

Download Submit
/data/data/Madsal_remote.com/files/PersistedInstallation4449202369539571696tmp

Filesize
566B

MD5
f4d0b88589ed52ef5a32d408595c9679

SHA1
a16db704474d300f242aa11cb30040eefdd6f06d

SHA256
0efa8d03f4482f7842bc729ea4edfb3be54bdda76e5410e0915ef5e71ae8d702

SHA512
b647110b2c706b5afb3e94def5464f47cd004ef1aa7da453fd9f4829a0e5769b27fa04b7feecaddbfb95568f5a9a0b3879482a6f8882dec8f410db8a1296d2af

Download Submit
/data/data/Madsal_remote.com/files/PersistedInstallation5583259349295652642tmp

Filesize
90B

MD5
7a7e61eabcdedfca106407faa751ef71

SHA1
7fe86c418d819983979d62792bcda8f2ce78ce11

SHA256
a0c1c9a16c8ef3fdcdcdd765d0f2b85b50403a28ed79eb16b6540feccd7170b1

SHA512
bd1386a462d667b0728d576138dbbcd38008ebe314c5572a0d1ade0262053282939943f44ac1cb9e994d637a226812e4148f0527db422090edc39662078a02c6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads