e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
130s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
22-05-2024 02:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/cpuinfo pl.spyone.agent2
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/meminfo pl.spyone.agent2
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

pl.spyone.agent2

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener pl.spyone.agent2

description	ioc	process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/meminfo	pl.spyone.agent2

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
PID:4628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db
Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
512B

MD5
8d7c16f489ff5bdd765a42075dea16fc

SHA1
b62ea715479868740e46bc05ef9a6eca7c8152d6

SHA256
5656e0eeac3ca31d68dd1c90d220df1f6a02d9ac30bf5420b8fd6e17546371bd

SHA512
b0f44aa9ea99091b4a583cca0b99ec16ab665cde7342464e93c76ba5a4e8199c5a7e753df7ec985f56c06c41af1b4cf2878e13938647362cdce8c41f416f1fa6

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
543c1be8d79ec5c940bf1af771d222b2

SHA1
a87d57edf60c023ba6d385e5a2d5b816b61a7ccd

SHA256
db21988720da7f09dc152ec42ec4b8fa716c14e0eb075545f1a3fbee7afa25b7

SHA512
71bf5964688f353b74abd93dbab5c296e3d5a5b610477200d6e40cb1e9cba45a980a88b4ea5e5c1fc2ee79492fa67ea6c747726bffd230d26827490fe07b3070

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
d0764bda8e373760301ca7d70d7e81f5

SHA1
435b07be745210c2546bfe710ad748f1d546b562

SHA256
ff74153e04fcc067af66f7617a78f10c8c42f2e023abe3ce0dacc78129abfea6

SHA512
5bc4a2bb800fecd159e124081eb7de104d9c16a135e9ea135829be1f488076f4ac20150d0d51aae8df1e0fd6d999d5ea4e02136729009b0c09a27a37fbf60326

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads