fadb7686d81a1bfb3029f33fd08de4ce26402d93b3be30a1f661befac197b811

Analysis

max time kernel
129s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
17-05-2024 05:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2.apk
Size

2.8MB
MD5

83ae44741a62282a0133cbbda73cb65f
SHA1

d2ed103e8aa54981b02eba1bd20039dcc4c3d945
SHA256

1ef0c4d0484f9c859cc0e61223d71579a817736bf741bc6001dab472a95c56b2
SHA512

f54afbfd1bbd5001dcbb0fc2ed7b52f1da61f31c7938181f5a892a5ff6dd6685bf337f9696381b6625d30fa01335d880477f5c2f1b15dfc21d424b6ddb4936fa
SSDEEP

49152:f/QOZrOHIERZDYQEhuErSdlHdEcHDiwy326P4vUpOspgDAT4cfO0teaHrpyId6J+:3/uDbEhuecHJeiWOspuEl5UasN4

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

com.mycarroll.app

description	ioc	Process
File opened for read	/proc/meminfo	com.mycarroll.app

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

com.mycarroll.app

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.mycarroll.app

Acquires the wake lock 1 IoCs

Processes:

com.mycarroll.app

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mycarroll.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

com.mycarroll.app

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mycarroll.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.mycarroll.app
1⤵
- Checks memory information
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4603

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.mycarroll.app/cache/1

Filesize
7KB

MD5
a37fdc64d7874fb2eaf8be7575d04159

SHA1
0caea3dc8e6c2b001809c1cddfd901098415fa07

SHA256
81554eed2a00801aba3c4f9c13ab332205f488f93959c01bfb96fe4b17624864

SHA512
270fad7324d0930c8ade89273ce4429aee4ae3d93ed5ac7c894ef30c8f3b4c98edca4e88abad1603ac11712177e9acea7906962a693caf33c58e68c19cb0fa33

Download Submit
/data/user/0/com.mycarroll.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
cfd55334a38dcc2730a4c168148928d5

SHA1
de8c22ff77bcc63cbd5f9cd09faf97b85eaaad3d

SHA256
34f06daef138f8ae54007fefe9dd80beaaf0b1aef70de14f91bcd489ad50e580

SHA512
bf1c2465143cc62cb85658a60612008bb219d4cd6eb184b59a787f9ab5797d2ab759341352c47890b5401c404dda49cd68cf189b00a2ae897ecc3b21064026e8

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
803b7bc63882af8df1a39f9cff55a3ad

SHA1
2e4bd8d196fa7ec792fb64719ddb2de3a1099a12

SHA256
90c051337e23cf4ef5aa0cb5bd6a89040fa1e198fff152275ef58c5fef6688df

SHA512
0f863ee6837849e144ea6cabdef9c0e7dc5b1f8945e2348fc9f5c3e17893f2f431faa75b21434d79190b77d86753b945b2194d2b5416683e93af093b60e7d07e

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6cf75574635faf148ebf4757d3b2e14f

SHA1
abf6e1b0af307e0dc1355311651b49b993a76345

SHA256
a6b6b09093ae8234e4e1a03f251b348a9142f3275d650834d77b6250575e0283

SHA512
065ee455072cccc73a9a869193fa20e759b02ef02b0f90171abc18dbed036c4b5c116ad577cfd70a3a740def435c8bb2063a23ace674da5cdcf2d517740b66ea

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f0e72664eccc44e34ba710383968590b

SHA1
0103b297e8dccb3d8f305c324af4c4e93c53ada9

SHA256
0c0b2a2c857b5dbc69a80fea3bd5e47102beec3a09f3c502312e45424a5013a1

SHA512
365c9cb709ddaf90345683087ca25d0c0b5bbf73c5d5649d5e5ea9a5c538493138f62ef69feac2a65f1f8d697375e014eb5c4d13058d6beaccae100a13bb16c1

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dde5e39395ac43130407263aef4a3770

SHA1
758006cdd0c340ba1e63a3d0c49d515ea8119307

SHA256
9569b5482befe8dd54ff175752078ed325455f6f99d20ad8960fba34bdbbabf6

SHA512
7ed60e6e87961f67f637e07fae3b59e5136b5655b41c4767cec8fd092799a01f1a88ca4219db5163d9b7302545599969c72a9ff524c55187b7694d11290dd51d

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2e565130e435ab36f2cbc86f1e538555

SHA1
5118a90eb2ad2b18c16ffbf4edd1cbd6a18168e2

SHA256
f86d73827193d03ce79eee8f6ffde4386b9f9b697f48ad7ed030d95eb8996935

SHA512
80912e1e2ecb9dd96d7e209039800509b1d2c2b58b223896ef94102dcb2bd47da9bdf5bd0b6a7840564366238c5f1e42b0d697483a195c46a4fe3aac0020c318

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b98f45ad9710f36b1541a2d4d708d7bc

SHA1
7a40fe737ba1b24d2d68122d43b383a298b7f6ee

SHA256
a27efcaa70604454f6f82df5315e723d9dfbc4886b4e34246a2bf83c94dd7c48

SHA512
3ee77f8a65b0ed2c451013c29c24be57b694b5f43f096197d7ed736289360ac8e4e7b2abdc905a681a188bdc28aab09805bf24a4a6883b776b6fbd73eaa62614

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
74407b61939bd8393f2d04b5473845d8

SHA1
d7d1dcb09755dec69425ea8d18575454037afe71

SHA256
c4978173162039cde9ff6192a045cd031959e7a91b364077c8f60d4aa1d54248

SHA512
cc716aa464ecbf54236528ccec93ff98d1a93509754a022fa2ebc4b254df17d2ae797f37e89aca3589b2772b9897fd9a7e525dd39946aab0aab20f9e5f2539a1

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ae441ebef08a90b79dfa91d503e61572

SHA1
ff6e9810a098b9f30a03182de0359fdb0603728c

SHA256
4054094bd6c349920a5e18ec4742f5fd5691fea11a76b8b94bee1b795f9b4baf

SHA512
e7d74f9c17615b54be86716eaf82123e8419a2158c7642498aaebb8c8f6ab0bbb28f5fce8f37663a57a38b84b5c51fe52d2347c54ad2362bb76c9ae05c4122d4

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
55f2c78cf2b2b7e8826aac283f2e58eb

SHA1
db069eb0544469cea48e3e918cf19f35e30830dc

SHA256
a87fb7ce172c9fd0eb53ec30ee9ee01b1946f6ddcd4f4a1cee1562b9619f259f

SHA512
9236c6835a0c85e1ad8b90da9f6f45d39f3af6ad99e470efbbcf6cfda09347736d7ea1402ca79a65eb6e451c9c1235f640cf5f8ab49dccf3a4537b528842abc1

Download Submit
/data/user/0/com.mycarroll.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1ab724ddc47efa76a1977a3ddda696b1

SHA1
34a27ad0dc87585514e17395a883db0612e8160d

SHA256
50b4b019659b82b6e571e517db536c7b08fa3fbac0aa6efd86e19259deac7005

SHA512
4d75f8a75abfbd59e453b599242576114987894ad6eabea12423cc5529ff9b273147ddb709283813c72a19ed2f253cc6f791fa0c8c5f639fdd353c4a58e7ec1a

Download Submit
/data/user/0/com.mycarroll.app/files/MessageId

Filesize
1B

MD5
c4ca4238a0b923820dcc509a6f75849b

SHA1
356a192b7913b04c54574d18c28d46e6395428ab

SHA256
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

SHA512
4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a

Download Submit
/data/user/0/com.mycarroll.app/files/PersistedInstallation4735309367189932327tmp

Filesize
90B

MD5
e75a59f805a19d73ed411d27104c989a

SHA1
f09d0db4e715fefce01df8bef25fea287e93fb5c

SHA256
97233b191ea2172ef7b27904048408a483feb3d5db8c252b825920756cecdc18

SHA512
a7a6eba0ff4cdd36286077604f0dcd272d90da1951c92897bdab9e260b82754b40440c049fd83df7f170f5c43f180583a0060703675f97db13a7f165a5d1fa5b

Download Submit
/data/user/0/com.mycarroll.app/files/PersistedInstallation5886608023417199491tmp

Filesize
570B

MD5
9b305ddcc96de635ebe77732074ec145

SHA1
b385be0a54761cec10dae7a980272fe82871b382

SHA256
01083ee0d8fa78191b49e49634a9208aeac1d4b98f8efcec7f11844691e1de13

SHA512
9f59a8560561540a6833cc9efe07dc4b0c25bceca5f1dbe66e7810d6c5730ab38b13d8ae4e9e27b0ca705a65c50ae8b0bc8dee48e4393c0886d294460c20dd6f

Download Submit
/data/user/0/com.mycarroll.app/files/port.txt

Filesize
6B

MD5
b143bb9b14c916972f31e4ce92ce9fb3

SHA1
9d365fb5be0934e134cede71eaf6c29e5170f656

SHA256
bab3ce5611fdd6dcb48e24c4a8f7d34e2f0b2eaca95418ce0c26152e8f2a844c

SHA512
89993f29ebad7daee5fe55c460082c86eab646647666d2d6113dbf8c7739bd42425857f539b1c071dba7047c590b4ae11b95b0da2f4de3ab9a95639046453ed2

Download Submit
/data/user/0/com.mycarroll.app/files/user_code

Filesize
6B

MD5
37263627a590918e3a0fcc250e5c87ba

SHA1
c849f1d96ec579cecd07d6f909344ceb404f65b2

SHA256
e27c53c0f1816964d360b2d7caae7764e80751a15ddb43d18169a139d4443dd8

SHA512
b8bd9ec7747105fac8caad7c2076c794f91da614c05f2a22363fb69207cc0c62c21859ab9c3d93c026bbbfb72d9a62e5f0c39c2fe5b87616a6c44c0e9a4831a3

Download Submit