Overview

overview

10

Static

static

6

07ea0a73b6...88.apk

android-9-x86

10

07ea0a73b6...88.apk

android-10-x64

10

07ea0a73b6...88.apk

android-11-x64

10

Analysis

  • max time kernel
    25s
  • max time network
    35s
  • platform
    android_x64
  • resource
    android-x64-20240514-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
  • submitted
    28-05-2024 07:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07ea0a73b6d33249f26a5393d30dca8977a1775439253d1b98cf4c157f402f88.apk

  • Size

    9.4MB

  • MD5

    efb8696f788a650219f1233fcf6be79b

  • SHA1

    72000a7faad1c40d56e49e9c36c2692e31b3ef59

  • SHA256

    07ea0a73b6d33249f26a5393d30dca8977a1775439253d1b98cf4c157f402f88

  • SHA512

    a8a04b77546084b5bb63f5f9e443a24123a4a8c425201dc98c0d37f2c723e122d077c7c50e157ee26ced69a00baf943167ffa67588f48b7aade652485db70fa2

  • SSDEEP

    196608:DP5lb3ljyXEpy8bDRUYTnHb4Jao3GEi/+dM2WR2VCUHufTrkI1LL3aNbAGR90R:DP5lDEXE4ADRUYTHKPaHrf1H3gAG7M

Score
10/10
smseyecollectioncredential_accessdiscoveryevasionimpactinfostealerpersistencespywaretrojan

Malware Config

Signatures

  • Android SMSeye payload 1 IoCs
  • SMSeye

    SMSeye is an open source Android spyware that targets Android SMS.

    trojaninfostealerspywaresmseye
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • boost.com
    1⤵
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:5099

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/boost.com/app_ded/TWQzR7JpMmicNO9qnoYAJGQR1ojiVb7J.dex
    Filesize

    11.1MB

    MD5

    b1116567fe537e82e5c08a3fbd98db8b

    SHA1

    3bacff4f8edd43921427e3217ae2041489fe1331

    SHA256

    de4605d3af30b44ba2bf50bfc6947524f59a1588a0cc142facc18a03bfe06e58

    SHA512

    92dc102db13d704d799cac1b22155cdc9cdb0db0405c285ffb9fcc3dafcaa9ff3aef592eef82d75a37cf43d018fae174509e60cb78ef37476835e8c4dab63f96

    Download Submit

  • /data/data/boost.com/app_ded/lyICSj4DfWvNTmdPVCOESqHgjTKuJ7A6.dex
    Filesize

    4.7MB

    MD5

    a0388eba4cb186208efb2cffd902b58c

    SHA1

    4c965330b4f8539626103e0662cecf3d17edbbd8

    SHA256

    25c22ddd7f10ab970d667c53ec0422eee324c1daa08e9f2553c5d0c17d3ce1df

    SHA512

    a0644699b37e6f3cad73e20a9bf7a8c3a9474aad0ad277236e71394129f414db0ff7e13cdd93f38c063105e8dedf2e5679d8298a4d364345fa96979f0c604f66

    Download Submit