Analysis
-
max time kernel
179s -
max time network
132s -
platform
android_x64 -
resource
android-33-x64-arm64-20240514-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system -
submitted
22-05-2024 12:17
Static task
static1
Behavioral task
behavioral1
Sample
app-latest.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
app-latest.apk
Resource
android-33-x64-arm64-20240514-en
General
-
Target
app-latest.apk
-
Size
14.8MB
-
MD5
75c16621d2bcaca97593cc4454e09406
-
SHA1
fb2253a77798c09b71b1b844ac0b2283d1d92a93
-
SHA256
04286e88aae34bf527339f138feba556b8933e4ae70bb6db9fa986f4509c4507
-
SHA512
e71ca5863a4d168d93fa27ba491105e3ee13da2e086a06c565645c29486565768e3c839e1ea8a33cbab4a3ff09ef6c8c0a0c2ec2401abd39445b86065eec6e61
-
SSDEEP
393216:wE9J4s2G9whFE0SEG8Ku4WBI9oV0MIbMZkEwF5wev4vt:wwl9whYeKCIemMIb9JE6m
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
com.boulderamp.app.controllerdescription ioc process File opened for read /proc/cpuinfo com.boulderamp.app.controller -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
com.boulderamp.app.controllerdescription ioc process File opened for read /proc/meminfo com.boulderamp.app.controller -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.boulderamp.app.controllerdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.boulderamp.app.controller -
Checks the presence of a debugger
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.boulderamp.app.controller/databases/_ionicstorageFilesize
12KB
MD5755a1037f17af850dad3b8bf51492ad1
SHA12ab81ccf10cf61b2a135e243332fd3ed8df5a210
SHA2560f6d5410edea5bf0502683e34006e01d58805fd9d7a66dd0c67a6e75ce3314f1
SHA51276f4cdfcd745391d0116cde48968aa7d71d54335dfa396fa49b2f416c81ffe6348baa91b0c4ad9b34efbbc0e7bf657cbe1c7ce5e6fc0bffef774ec72300f44a2
-
/data/user/0/com.boulderamp.app.controller/databases/_ionicstorage-journalFilesize
512B
MD5ec2556651dfa0126b6c6aaee9a01090c
SHA125997827259fee2975808467edeaac22e7f7570b
SHA256f081d0016a55ff417359ba43a510841e45b38e9cbf66600d67e80359ead28ee4
SHA5124f87f9b976fabd66aa4b4aff28d7a26168248fd299c1ec6c36c2f800e7c6f7bd1e901b7589c04d3aa41db1b4169de5a00281c13857e9880367db3f45038ddf7f