Analysis
-
max time kernel
122s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240514-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system -
submitted
24-05-2024 02:15
Static task
static1
Behavioral task
behavioral1
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
-
Size
2.0MB
-
MD5
71f6cdb3d8eebe1c8e7e26896238e571
-
SHA1
019134386a6d900d61285e5e986249928a9504b6
-
SHA256
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
-
SHA512
740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
-
SSDEEP
49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/pl.spyone.agent2/databases/database.dbFilesize
76KB
MD50379f2b646309bcd59a19760005dd257
SHA19185b00c3401321841b1c7edd10624a13c2dd47f
SHA25662c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f
SHA512387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
512B
MD53ae844b76c3399572d0979e1e7b8d0b6
SHA1cedd438b99fddd0e5507b441956e299f17b06d88
SHA256f81fd43b636d00661fa90f4e193537e7badccb940bc28d1eda29b25dc3b6554e
SHA512a704378c8d48a55c993f739747eeafdd928689fda9125c2684cffb0f53b17421b6150f7cb2b12f13b94702c8b1a2171590f6eaf8bd59d418547591c80f73df90
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD5dd2ddd07b13d42a22d1b864d12716430
SHA1a05c4394e271144976c7dc38b018ef1a4ad85c91
SHA2564479be0d639e74ef9f6ca18969c12c270b9353afabdda5aac5be257c6ebce29d
SHA512e9989bd5da4adda60191d2794cc7d57fcdc2c4cba38687c202dd39a5596f47179f34130ffd112bda98791cef76a9a784ca865b1572c0990db395201f914c50c9
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD589f589031aa1528c89a4ad86dcb50358
SHA1f6c9f9eef22a0cf06a575f15167c59c82dda590a
SHA256f03bd69e82b1ffb2031c0282903c807c2fc94859534b9aa76c9e04877c0a5fae
SHA512949eb9fdf6ff0bd66891a45d744d994ec0b88711f6aaa5cb169ec8492c919311bd7638de63bcd8b2a4eb20c545fc706cf71a22741f2427ca6919aeeff9805e10