Overview

overview

7

Static

static

6

e4d7484b88...b8.apk

android-9-x86

7

e4d7484b88...b8.apk

android-10-x64

7

e4d7484b88...b8.apk

android-11-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240514-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
  • submitted
    24-05-2024 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk

  • Size

    2.0MB

  • MD5

    71f6cdb3d8eebe1c8e7e26896238e571

  • SHA1

    019134386a6d900d61285e5e986249928a9504b6

  • SHA256

    e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

  • SHA512

    740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b

  • SSDEEP

    49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score
7/10
collectioncredential_accessdiscoveryevasionimpact

Malware Config

Signatures

  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

Processes

  • pl.spyone.agent2
    1⤵
    • Checks CPU information
    • Checks memory information
    • Obtains sensitive information copied to the device clipboard
    PID:4504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/pl.spyone.agent2/databases/database.db
    Filesize

    76KB

    MD5

    0379f2b646309bcd59a19760005dd257

    SHA1

    9185b00c3401321841b1c7edd10624a13c2dd47f

    SHA256

    62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

    SHA512

    387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

    Download Submit
  • /data/user/0/pl.spyone.agent2/databases/database.db-journal
    Filesize

    512B

    MD5

    3ae844b76c3399572d0979e1e7b8d0b6

    SHA1

    cedd438b99fddd0e5507b441956e299f17b06d88

    SHA256

    f81fd43b636d00661fa90f4e193537e7badccb940bc28d1eda29b25dc3b6554e

    SHA512

    a704378c8d48a55c993f739747eeafdd928689fda9125c2684cffb0f53b17421b6150f7cb2b12f13b94702c8b1a2171590f6eaf8bd59d418547591c80f73df90

    Download Submit
  • /data/user/0/pl.spyone.agent2/databases/database.db-journal
    Filesize

    8KB

    MD5

    dd2ddd07b13d42a22d1b864d12716430

    SHA1

    a05c4394e271144976c7dc38b018ef1a4ad85c91

    SHA256

    4479be0d639e74ef9f6ca18969c12c270b9353afabdda5aac5be257c6ebce29d

    SHA512

    e9989bd5da4adda60191d2794cc7d57fcdc2c4cba38687c202dd39a5596f47179f34130ffd112bda98791cef76a9a784ca865b1572c0990db395201f914c50c9

    Download Submit
  • /data/user/0/pl.spyone.agent2/databases/database.db-journal
    Filesize

    8KB

    MD5

    89f589031aa1528c89a4ad86dcb50358

    SHA1

    f6c9f9eef22a0cf06a575f15167c59c82dda590a

    SHA256

    f03bd69e82b1ffb2031c0282903c807c2fc94859534b9aa76c9e04877c0a5fae

    SHA512

    949eb9fdf6ff0bd66891a45d744d994ec0b88711f6aaa5cb169ec8492c919311bd7638de63bcd8b2a4eb20c545fc706cf71a22741f2427ca6919aeeff9805e10

    Download Submit