dab0c77957c0341a749a4aeb030364982f230ad08a5c77c94d2bd95f5ed596a9

Analysis

max time kernel
175s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
24-05-2024 12:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dab0c77957c0341a749a4aeb030364982f230ad08a5c77c94d2bd95f5ed596a9.apk
Size

2.0MB
MD5

7d0279c6e4ec3727984ac68a13b23bd7
SHA1

7b49ea135149bfd6d3870a882e344de195e7e6f0
SHA256

dab0c77957c0341a749a4aeb030364982f230ad08a5c77c94d2bd95f5ed596a9
SHA512

aadfa7a053d6c51f3c807561ccaa155f01dae9bc6caf8c2b11a896b45b9291ddd695ba5bf1007937d13f35417c249bda4e94a40871f1c8a5919f0df34dc32163
SSDEEP

49152:I/gGuqURokkd7DHuugOq8PQNgnNnfOpLv4tmZUV:ugGuJRo/lDOugOq8INgnxU8tXV

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.app.brainballbash

description ioc process

File opened for read /proc/meminfo com.app.brainballbash
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.app.brainballbash

ioc pid process

/data/user/0/com.app.brainballbash/files/6bb633ad.dex 4818 com.app.brainballbash
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.app.brainballbash

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.app.brainballbash
Acquires the wake lock 1 IoCs

Processes:

com.app.brainballbash

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.app.brainballbash
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.app.brainballbash

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.app.brainballbash

description	ioc	process
File opened for read	/proc/meminfo	com.app.brainballbash

ioc	pid	process
/data/user/0/com.app.brainballbash/files/6bb633ad.dex	4818	com.app.brainballbash

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.app.brainballbash

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.app.brainballbash

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.app.brainballbash

com.app.brainballbash
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Checks if the internet connection is available
PID:4818

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.app.brainballbash/files/6bb633ad.dex
Filesize
260KB

MD5
4db59803f5603153b5f4ec2a70d89d1b

SHA1
c6bb3c849811bc920dee9baa62693e11b0e0a855

SHA256
4d7efdf6cc9e14eeefb1ca952b70d9200660ef85b5639aa7dc2ca5e397cadefc

SHA512
90b094faaf7ac41ae27433f2c23bf49daf0a0e7ee40cee1048efe57e4b8609d249e908ec1fbcbbe823671dcb12857c63a7abd672d0746518969884f7b6cc5476

Download Submit
/data/user/0/com.app.brainballbash/files/6bb633ad.dex
Filesize
610KB

MD5
f98439605db570d0deab7b5635ef4b39

SHA1
11dd5455b51e6366f3b229bea3c34cd7baf9581d

SHA256
bb546a9d652cbd0d9729dc52eb090fda203d29adee15510a5230f76a92cc1439

SHA512
bf27b6ec13f8b0334561dcf55ea7c8b2a5e414fdf77802c11b59c60940560563298dfb03f4e3d53b4ff474ca4120b50889eec9880b28cb44c6d7190c27b87f04

Download Submit
/data/user/0/com.app.brainballbash/files/BGEaUZrY
Filesize
471B

MD5
247590fa682abcf5f9c4417f1e3d92cc

SHA1
b83bdbc8392e32054228e01e5cba1d002f814bc9

SHA256
1993e317af45243f452fa1cfc8d1ca42b9a6afe922d437ab7c7b35dc2935a1a8

SHA512
90edaebacc3d94421d88a3f3979a6af8dd38935b97503575c20e4466b9f102d62b9fb276001d519099d59a1015fd4982d21b544881daed632cf2b138eeff2054

Download Submit
/data/user/0/com.app.brainballbash/files/BGEaUZrY
Filesize
657B

MD5
24fd7fe6c1fccb524211450510b707ab

SHA1
4a5c7d57386d0625f494c176e93646fda17e4adf

SHA256
ce4bb48b733b422747b2d33177e5ab50a0f830b0104a0780e1eab9291e2df1fc

SHA512
03977b3c9fa7c8086c4a00f24b0be017383dd48778f34be2a12373667252ea781973104396b00cacce02cf5bafcc3d2bec406e9c7a5fb6d6cdb7d9eac54a9851

Download Submit
/data/user/0/com.app.brainballbash/files/TrPJFdsN
Filesize
336B

MD5
7da431abb432b1a6e7eafb9419eaf5da

SHA1
aa77c083229ef29933ad56a319ae7aa2e7234aec

SHA256
0043cbc9919760e6c4d2ca3851e2dc574c59ec2693afcae45e998a4d32861ac9

SHA512
9d36f78d375c77cb10ffc2cd259580dab020ba2dfa248efc08ebefc6cbc701f567602e214966a92ddec62fd034077182e047740179f944af3e77599f21a06633

Download Submit
/data/user/0/com.app.brainballbash/files/TrPJFdsN
Filesize
336B

MD5
f4f7c8023a900ccce7dee8ea50499523

SHA1
27c374b87fed89753a7a1d0e25b13360c0dd7c3a

SHA256
6ae266b223d21e528d8798946325f0aaa55d9ac3cf12d97d98db67a0f4d07a5a

SHA512
d7a08c9ba39bfbfda3774bbf9d346b85fbc0d2552f250e549a11711806b4d7f3922201705bdd5fb5ef74a395f5ab1b1f266ba2ebebe2724458952cea65ed5a9a

Download Submit
/data/user/0/com.app.brainballbash/files/TrPJFdsN
Filesize
336B

MD5
896113fa223b863f8d026fff8d8390e3

SHA1
85c5f804f791b52bbc2d2cb25802956135c0cc76

SHA256
76d3dd4295c269565d42976b48895df11a5fde330a742de33e6d589a6bab9ec8

SHA512
5fb6c62c520bd167573d0081db82015b47b451b8694e27bd2210fa4be0673a3a2d745cb670c7884e5f5d305b3f4ae4ef9ed317b1105aafd747e2d0e61f0e2d2e

Download Submit
/data/user/0/com.app.brainballbash/no_backup/com.google.InstanceId.properties
Filesize
2KB

MD5
8c11907a6e072aeaec70c6e0f80241af

SHA1
b1e0e9fd62309d12100144d6c36cc11882702a79

SHA256
c4003bb3060a906804cd0d8eb8fc5048ba2e5f32da63da6b53fdbbb237d6a0d2

SHA512
bee1196885d20c7acda521fe3c82e0353a27a14acc7989bcf972d690157be570c71093761b2e930875f447a2694b70400baaed1103e025ccfde1eed6a955a383

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads