654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc

Analysis

max time kernel
10s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
16-05-2024 12:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

صیانت.apk
Size

2.8MB
MD5

beccc97980716f98f9edd058018bc90f
SHA1

a0f0da9b1306f2a1ce64246161467b2694190ec6
SHA256

654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc
SHA512

461e298e37e57c075dd2dd43c3dda5f223c6b62d5a910215ed7701318e2db9940c79f0a5234297b3abc712eaa7ce35e9a034663de92edd1ec7bd64197ce226c5
SSDEEP

49152:4/QsZrOCIQVl2KGQx472EXF0/BgrUIwGoKUOPNUzgwcLAB3nxNd3JFaWY:m26lZS72EXF0/8VwxKjPWzMLAhxP3Haf

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.mycarroll.app

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.mycarroll.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mycarroll.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mycarroll.app

com.mycarroll.app
1⤵
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4604

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.mycarroll.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bbee4ccdb764da53ab56cfc8066f31c1

SHA1
5440758d1be1e080b108ba4dc94d2a4de5b99984

SHA256
b53418cc1f0c701c3b1dc5113e6c905a3afeb7c3795246647e4c2b6a279a39b0

SHA512
a483d792caef45a95c266b482ef1a0c8864d21733dab51629265e0eadec6548203eda2219cdf72b2b533526ddda6d3166a03aa822f00458b80579d0ae9ce961d

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f63d73ead4515747167753bd56c05182

SHA1
128dccaba5c9bb76174a724c2c488385918f10ef

SHA256
98de6f956c1b35c10b0eba91283d4a610efe9ec35258e640b93cbfa5eb39d955

SHA512
ddaccaab06c30d7deb0875817fc9fa59c75590c0ccd62cdca8af0f4b728f4d198ebbac2990f169a1b71c7494067b3a79b0d835988d877604cf5d80a9b918ce48

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3f41370353c49937683a3b5193790ba2

SHA1
deaab7f17e47dac33604e188886db0afaad39736

SHA256
41d57c0a89dd5beb4f145245644e8445e7dee69c364a0b7fbfc67e0d48f52e53

SHA512
3daa5817ba377c8e67b8cb3417932729763cfb0939bf1fc29cfa720c5cf5496bc655baa490b3543a265b16a4eff3680f766f6c4cf47beb7037034d25595af98d

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d5a3299015922cefa5f988092e1bc659

SHA1
ec776fb503d3a80d7e7ee210df13948d1352697b

SHA256
b1df1eb99bb1af9d665c0cd4b09d2c0261da8dedc6a0035f441ba50f64bc29fb

SHA512
63475ae0a13c0f3a50a0649c8482305145ad6eb9146f641f9a731e5b358ccb6cbe120f93b94fac36b93bdf694b931ab438bb7b79686a35c990fd3b689e4264b0

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dde5e39395ac43130407263aef4a3770

SHA1
758006cdd0c340ba1e63a3d0c49d515ea8119307

SHA256
9569b5482befe8dd54ff175752078ed325455f6f99d20ad8960fba34bdbbabf6

SHA512
7ed60e6e87961f67f637e07fae3b59e5136b5655b41c4767cec8fd092799a01f1a88ca4219db5163d9b7302545599969c72a9ff524c55187b7694d11290dd51d

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
576a9b5f83e3c2b9ef4a60b1c131f086

SHA1
07cff1cce881a5dab200f856947e96e517083038

SHA256
f0fc04463066f3de0cb46555e761967e5651395f460bc20c50ea079daa87c449

SHA512
b5f063fe4db2d433b8ac6424d7d444efa351c6d3b794a31a8034b919660b036ecc6dcde4ed5a2e46b4ebdb5a79fb19a66c07fadbd2fc5962339156e1849b04aa

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cb6cc55aed44817cafbee5a800ae4d71

SHA1
6a7db752b9ac1859e0355d31d40b91fa462da228

SHA256
e6feafccd0b705fb0c2abef17315d88e34300246edbe15b00f5e15a04e7662f5

SHA512
9654245a82aad5466c0afb92084db8d7576dbf9d5768bff7756e838ba3ed6e4c5966737c5fc0c5bf63983dab7ad844f3e486d9affa9b2ba7f654936b274d7ba6

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
73fd3a61e0fc25585aa9595a7adce8bf

SHA1
05b6b9a286fad8159e469ecc7fb96e3b1cbb95b2

SHA256
491406ad424d4394779cbaef3dfa7796423ce0cddd2f005bcc5a05adfd38b991

SHA512
94d901d6d60438db0f9e66d6e634e57549d82ec8ff55134817883b36af261c5708ae561a034442bb1e1f17457bdb3b51096d868082e35b1dcdfd22eb962abbd9

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d4e5ab6368336f814526df7435f10d82

SHA1
daa1eaa60136057e75419f5d632343679924bd08

SHA256
7da6b18c2eb0a2ea4e8203f23f2378e28026b4d54b183d9d24d9602e79999671

SHA512
ddc6f933bcab8dd4580c63cd1818372aa280d81db350098ea21bbcdfe32c015ee9cd94a2021c41afe826fac0fff1b70d20ea7441d6f57489a62fe7e38cddf16f

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
1250e3e9e5617a88b38a7957e727733d

SHA1
6fcca64261a9422a88bfbc741a8482fa36dcdfa7

SHA256
be3be644cc0fff93206d33086aad8af687eaa84a028ba31c5df069b36d31a7f8

SHA512
2879b527c4914f6ebcecedc1f1f8f3cae37016949d317a7a0dc5d0621c3a558e768e078be5836b91628660eb063416f2235a345b6c2b84cf2d67a693268a241a

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
334d532a2c068662b39ec7c5a606c4dd

SHA1
76e030a63ee5a69bbcdc66f329d93247a546fc1d

SHA256
638086328b54ad10c184de1275cad183e9d19b565a3aa11c7ea2ca673302a252

SHA512
ae57fd59e1361a0187d5e8e3eb802b8c26c7797d681995527c98629e26b5e45459badee151f9e4b08f04211b7473cd3d6765820f28b4347b4c3b78e161eaf1c6

Download Submit
/data/user/0/com.mycarroll.app/files/PersistedInstallation292614924513956238tmp

Filesize
569B

MD5
269ac57564f581e43820042d826db560

SHA1
d6ea2f16607c95d8c608bead1befd0a0e7f3facd

SHA256
e1f9ff1d5d9896514442b20f946da48bd28208a32bec779d224a15ba861de92f

SHA512
4dcab36d2944c23a7c03962c2da4d7d34d552169f079f10a1b7ee88626e7c1a07523f94fec23f93d09212cf3e4f735ea115765984d0be26ceaa1995e1d521ca0

Download Submit
/data/user/0/com.mycarroll.app/files/PersistedInstallation7885890677646805878tmp

Filesize
90B

MD5
418f6915066eae3a327dde3316caaa16

SHA1
16d654715f2ff832e11ed14ab1684071db28cbc7

SHA256
68388da80a7a347a7b8182e5a307bcb6f76e959558e60c9b5f353cc57f9c1faa

SHA512
06bc4fdf184209687a2210eab7f636fe2b12da309fc3cc2236d7f1f893bb257bc768c3c40bb744510515b3e47def81b2c33c0086caeb45df5d89556782805c2d

Download Submit
/data/user/0/com.mycarroll.app/files/port.txt

Filesize
3B

MD5
4f030a02e1a1b7c16733403b65164e5b

SHA1
d463a841c6ddd212bedfb1e68c7639426e354f0f

SHA256
46fde00bfa275b287932e1a651e072c36a0a43c50d41f922f5ed72e9b3734441

SHA512
902d226fbdbad3178c7f9390c0762620cd31595e7f582b926a552edf5d3bdaf379ca4cc53f6263b5a8fc305a3dd2c805280ebb1d9ba79213d67b87d3c13e416b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads