Overview

overview

7

Static

static

6

dab0c77957...a9.apk

android-9-x86

7

dab0c77957...a9.apk

android-10-x64

7

dab0c77957...a9.apk

android-11-x64

7

Analysis

  • max time kernel
    175s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    24-05-2024 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dab0c77957c0341a749a4aeb030364982f230ad08a5c77c94d2bd95f5ed596a9.apk

  • Size

    2.0MB

  • MD5

    7d0279c6e4ec3727984ac68a13b23bd7

  • SHA1

    7b49ea135149bfd6d3870a882e344de195e7e6f0

  • SHA256

    dab0c77957c0341a749a4aeb030364982f230ad08a5c77c94d2bd95f5ed596a9

  • SHA512

    aadfa7a053d6c51f3c807561ccaa155f01dae9bc6caf8c2b11a896b45b9291ddd695ba5bf1007937d13f35417c249bda4e94a40871f1c8a5919f0df34dc32163

  • SSDEEP

    49152:I/gGuqURokkd7DHuugOq8PQNgnNnfOpLv4tmZUV:ugGuJRo/lDOugOq8INgnxU8tXV

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Acquires the wake lock 1 IoCs
  • Checks if the internet connection is available 1 TTPs 1 IoCs
    discovery

Processes

  • com.app.brainballbash
    1⤵
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Acquires the wake lock
    • Checks if the internet connection is available
    PID:5203

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.app.brainballbash/files/6bb633ad.dex
    Filesize

    260KB

    MD5

    4db59803f5603153b5f4ec2a70d89d1b

    SHA1

    c6bb3c849811bc920dee9baa62693e11b0e0a855

    SHA256

    4d7efdf6cc9e14eeefb1ca952b70d9200660ef85b5639aa7dc2ca5e397cadefc

    SHA512

    90b094faaf7ac41ae27433f2c23bf49daf0a0e7ee40cee1048efe57e4b8609d249e908ec1fbcbbe823671dcb12857c63a7abd672d0746518969884f7b6cc5476

    Download Submit
  • /data/data/com.app.brainballbash/files/BGEaUZrY
    Filesize

    471B

    MD5

    98051ba8d25727a50183278473ccb163

    SHA1

    a4518d5428cdc0486bb63174be23b1e4c61f9695

    SHA256

    55df4f1b7a9cc604c4ec11c750a421fc6f721a380ef5bcdff4651fd827485809

    SHA512

    a3f5297db4d521c9bad2d14fac46a743962e056a98c3b280508f33530a1aaa0d86df61fb39090beefdac392b2b45ec0db74560adfa723c74a2d7d2db8be4e67d

    Download Submit
  • /data/data/com.app.brainballbash/files/BGEaUZrY
    Filesize

    657B

    MD5

    6fc04f2004c40261931c4d2c1148a278

    SHA1

    dc1612de469c51043c30d3d1d2e8ddb213bb77cb

    SHA256

    e8b365d236805ef1f5ba91862c32a66ecd75ed939a48ea7eea09e504524bdd82

    SHA512

    32ad7b24f9d4ced58f07f5cebe59e1f0ff4f51a64a3bbef671e1029ca6fb020f41eb008cc687b545c89d91df3c5fe4b96841c73d1f4c71642beeb3bd7453d1d5

    Download Submit
  • /data/data/com.app.brainballbash/files/TrPJFdsN
    Filesize

    336B

    MD5

    dbd6ad0c72ee75ac04307d88f119b70a

    SHA1

    55d444c40cd36d96d43b2cbd06ac0c3c2c710462

    SHA256

    c7b05c1fc13ab8b6eda213eb96abab525e7c4d5bd0acb2b3bd7e8f3e5d2c292e

    SHA512

    26bd247874c4835da177f9542808e21ea7c3e2b6e392b9b080aeee842e45b9563a0d570a0e693e9e7615bf5a0cb38f2d1bc76776d2ffa9695e91a95e99b367f4

    Download Submit
  • /data/data/com.app.brainballbash/files/TrPJFdsN
    Filesize

    336B

    MD5

    a754b30a2d9cb397e61beed93455439e

    SHA1

    4b59a0928eb5de5e888354b1036ef404a14c13f8

    SHA256

    225f539720511b5c26017bc40c57187b522a182169f67f6f2a1a2a0639131890

    SHA512

    87f5a894882b3160e23fd41adad628a38361b434e3319a41d1a91c803504c0cebbe402ab3b0655d8fc8dc19fd8e4aa0e022328ba0fc1d9b45603f01a4a3c3833

    Download Submit
  • /data/data/com.app.brainballbash/files/TrPJFdsN
    Filesize

    336B

    MD5

    0d85a29c3ac3cbf6e552db42535aebd6

    SHA1

    93aefd3dd972fa2462d44fb7eeb6b6dc145b7355

    SHA256

    93407e49aad7262127cca6bb658dc6b9acf9cc6fffc84c3cb4d60a1af00d4a4f

    SHA512

    d4aaef76f268386017218635d172d3ae2dfebecbdef0ca3e1e6e10f6787a6d7c32352ce86d9b5d0e5415650fabdd4665a9edb10d03e5450ae956a3997997b96d

    Download Submit
  • /data/data/com.app.brainballbash/no_backup/com.google.InstanceId.properties
    Filesize

    2KB

    MD5

    bf49a7b84ef47e2fb4b3e628d8d551ce

    SHA1

    151a3143eae6e477dac72d130783a84a16e8b704

    SHA256

    f71b614ba08a1e69ef42d8fa796b6b18e1af50e39294c0c17066a7064ec57231

    SHA512

    6d6df1bc918a89e60709798b4208057d62d4e1644521d9b2af9cbed3a757063e0780f739f39c8dd8547b1479a8346a2636b317a11316e874bf7df310b25e3b69

    Download Submit
  • /data/user/0/com.app.brainballbash/files/6bb633ad.dex
    Filesize

    610KB

    MD5

    f98439605db570d0deab7b5635ef4b39

    SHA1

    11dd5455b51e6366f3b229bea3c34cd7baf9581d

    SHA256

    bb546a9d652cbd0d9729dc52eb090fda203d29adee15510a5230f76a92cc1439

    SHA512

    bf27b6ec13f8b0334561dcf55ea7c8b2a5e414fdf77802c11b59c60940560563298dfb03f4e3d53b4ff474ca4120b50889eec9880b28cb44c6d7190c27b87f04

    Download Submit