e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
19s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
27/05/2024, 02:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pl.spyone.agent2

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Checks CPU information
- Checks memory information
- Obtains sensitive information copied to the device clipboard
PID:4584

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db

Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
512B

MD5
6242786f7d4704bbe83742061d3a3d5a

SHA1
712d7d53a065b72fd7f64400f0177cf4e29b9454

SHA256
5352045b289e7a4bb61637171d2a79c463afd09b698ea6519ea87faa71e6b738

SHA512
c6df0c95c36e8507bedb2e49e0beb04a2ff8d3d470cd6438446715f2351c396f8bc5c7ff3bb09e13b6894e3c19593eb699cdbd731e7f27b163c2d42b774c375f

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
8KB

MD5
71a3d9534757395f5691ee3654eb847a

SHA1
0dc7de96a4fbf9ed9cbf6b065b5ce6b654490d1e

SHA256
98bef70bd24892eb4df3805229bc5d133d2a85fe75ba45048033d40ec3bcc846

SHA512
8bc5e5df1bca3fdea17782e502a6e1152e9deffada0abba76e3387deae8798ed188399cf78d8dd1e7c50c2ee794ff1fce70b3ba0700d05fbc9e5ef9dab910b31

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
8KB

MD5
2beaa4394dc3d0ac8c17fd1735b434e3

SHA1
4e6e37a79fbb721a2f97f51596b7a78cdfa653cc

SHA256
7edb5baab45a74e15bdfe4d569c8a72d16ef21d5f7e57c035179a01d579ed94b

SHA512
7e31306d7cafc423181adec4f670a720df55b778590e0d1d5c09d332497f5f169d44d079bc26fbe54f22a12293475ac5f88ed4b254d5a15efe35170a167e56ab

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads