29e028d52b0a5b8e7b3d627028828cdf2e0b4ccae1dfaaeb3884cc7babbe17ce

Analysis

max time kernel
177s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
29-05-2024 21:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Flash-Browser.apk
Size

1.0MB
MD5

8b183c787aa69873965d24d67abeeb9a
SHA1

b80d5ed35d5cf7df5ebdf9169ec71dbb7a411a1b
SHA256

b4617f5735eec873ee271a8642c5fc29f293d2d6efc3f8504f808c5e1176816d
SHA512

d81b3cf096e6a89b700193389da1a792990207e1ed92f9aae54a340598c54b13db3ade1b315c342789e73e3697f5e02b40a436377ff4d4ec3823314f5c59ca1f
SSDEEP

24576:/SG9qt2Cfu0iusUs2RGLEJTZNrzljfUJLkHOO9t6J:/SGVCfKa+EJNNpyC6

Score

8^/10

banker collection credential_access discovery evasion impact

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.tech.browser

description ioc process

File opened for read /proc/cpuinfo com.tech.browser
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

com.tech.browser

description ioc process

File opened for read /proc/meminfo com.tech.browser
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.tech.browser

ioc pid process

/data/user/0/com.tech.browser/app_ttmp/t.jar 4542 com.tech.browser
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.tech.browser

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.tech.browser
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.tech.browser

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.tech.browser
Reads the content of the browser bookmarks. 1 TTPs 1 IoCs
collection

T1533

Processes:

com.tech.browser

description ioc process

URI accessed for read content://browser/bookmarks com.tech.browser
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.tech.browser

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.tech.browser
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.tech.browser

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.tech.browser

description	ioc	process
File opened for read	/proc/cpuinfo	com.tech.browser

description	ioc	process
File opened for read	/proc/meminfo	com.tech.browser

ioc	pid	process
/data/user/0/com.tech.browser/app_ttmp/t.jar	4542	com.tech.browser

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.tech.browser

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tech.browser

description	ioc	process
URI accessed for read	content://browser/bookmarks	com.tech.browser

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tech.browser

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.tech.browser

com.tech.browser
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Reads the content of the browser bookmarks.
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4542

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.tech.browser/app_ttmp/oat/t.jar.cur.prof
Filesize
383B

MD5
92ea5335471570f9840db56701b8d753

SHA1
b72f55de96a75f57c07dd6946648a574b2bd2255

SHA256
2bf94a3422c2b9b1c7ab98a994aadb51a2dae260e4b05f7639ab99728655dcc3

SHA512
02a8172e7fee8a4d4ff6eb34226197279a903139c41e2d2ccb04d4660265676b95dcd7f6b2a10653d64a9ec31cbbd8e473cb747a815fcfa0e675667ef60c1ca8

Download Submit
/data/user/0/com.tech.browser/app_ttmp/t.jar
Filesize
172KB

MD5
39f7c5d4a7962708aa7d98bf2fadfc27

SHA1
cb348f750596b2e54705eb7d20b9fb2cc9d8807f

SHA256
e303dc3a3e31e4d525840e20486b6a99821e330b75c11e61c0f78d56f5dd9558

SHA512
55267b2721b056f9dab24c9f29df40db648cc3bd2eef0f4464da5545e6540f3f18cd8cdd9b7e7c77fe7a4fe37a08eb1bde482edbdd7eb364dd840f7f83740caa

Download Submit
/data/user/0/com.tech.browser/app_ttmp/t.jar
Filesize
172KB

MD5
cf9c7fb39d30b43019bfac428a3269ab

SHA1
912d7b2f83d9d0eae24d5b4cf1a5033cd2b8a283

SHA256
9031644073855d5bc7ad4ac8f211b472c7b52b8a5b743e85b40d1864f95a09af

SHA512
2450ac53f0f2ecec5d32ce0fb90ce4ed051d25319965d6758d90e0ede8cc813d445911e7511f140510d3ed19390a1effb9c1758861a95cecde8760abe127590f

Download Submit
/data/user/0/com.tech.browser/app_ttmp/t.jar
Filesize
363KB

MD5
71f79ba9526f0b6a04ff423212d75238

SHA1
ff505b3673f566a812ae925acc84157a1b6f34d7

SHA256
ab9672e93263e2459e8381f5216b8d8ce928c7bff5fd74cca8ae6f32977e557f

SHA512
b8df08dabb951a4881c0bb7cba6b80b76eeef9776fff51730daa8672f0afb6fa514b9c8bb8981b93db698698a83b77391e16aa612b55cf1150d6c18881aa2253

Download Submit
/data/user/0/com.tech.browser/databases/com.tech.browserb
Filesize
64KB

MD5
d1de8167e98b09a03b4fa676cd46d7ea

SHA1
278771897e4ac647b0fe8a3be3806cd99ca13fdc

SHA256
bcbe163d697cb8b70e44efae0e38d091d22a61b8273a83e6f91aa2e99fb61bc6

SHA512
36556cd7f6a7bc20f59e4090a6e1982cbc39dd23fb26ca2fcf03d8dc43927808e84fa63a8f3fa568cdf3333b317dbfbde87e55ac33582acf2fa465f3b76cb0b7

Download Submit
/data/user/0/com.tech.browser/databases/com.tech.browserb-journal
Filesize
512B

MD5
51af79444b10d57e28aeea82dc992c40

SHA1
d4693db46838330833b177ac1239a1b4013480b5

SHA256
83ddf13edabb046dbf2e345cfd2430788bd5e5091ebdba555d5cd07a82639e2b

SHA512
32d029f2428d5f34c5c6d0055860af7357d4adb3b99fb2a54c5c8af60deb5c4692b10c3f2db263a96a5457ba9ae6ed424b575a69934542b5539b777daca9dc58

Download Submit
/data/user/0/com.tech.browser/databases/com.tech.browserb-journal
Filesize
8KB

MD5
4bd8dd2f94af502f6b4cee196c541673

SHA1
4617b7f66551929df6424d53d9b3971c427028b8

SHA256
0e2a7e85cdba8d0c7345b91730b71ac68c6f3335b27916b04c038ecbbaaa0273

SHA512
f454a4ae539318fc1ca003abe9b25529d5e72f38e6a44e55f0902285569f7c4d69362b4bc10ec416108438a34d73ba8547bad32f47d6aff41faa3473f683652f

Download Submit
/data/user/0/com.tech.browser/databases/com.tech.browserb-journal
Filesize
8KB

MD5
150d98c3f9f7b042045e0536bd53ddee

SHA1
ea7dc38004664f7417daad8933c94f44fc8c24c6

SHA256
05f5ca5e2ee7e96129c272d8490fe0e48e7680abc000f0629b9ba19b6bd787e9

SHA512
08193f22f05d001ebb67f2233ce91c07a0b3db1ee2167b62b6ef0e1d439a8037ca0f463c5f60cbf33d5c7c74da4e1948003862dec477969ba2dcef0e9a2ece31

Download Submit
/data/user/0/com.tech.browser/databases/com.tech.browserb-journal
Filesize
12KB

MD5
ee55865531f2c05658e7c1efc413487f

SHA1
b46ed518246a1411cbf3189de658b09967a13929

SHA256
f28c73624f4a2156bf17ea76f737bc4850f5f947c0ab639911a6e2dc72ca9fd0

SHA512
991d9d9a713e15b86823f0fba9f1a4a1c96f982682d78e4824306322abec80df387ea82a80c8f70c0ffffb2367d0158ba6c921d20c000f64c3e97f5beb18d44d

Download Submit
/data/user/0/com.tech.browser/databases/historyManager
Filesize
16KB

MD5
76726ffe7f1d2686abc927b5486788e7

SHA1
f54f6f775f9fc436caa812fd852365f2646b7f44

SHA256
517bfa1aca2ebbddfc9b0649efa848b462beac21a390c321d4ee9ce58202b450

SHA512
6fb6d68cad02c32c861f1194d9bae0ec7098043533482b910c85f9f123d4fedbe8b984efd16c5f3030608099f68885b543dc4c5293966412921d04991ecc9103

Download Submit
/data/user/0/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
184c2f057b6e166d379459469d2f7885

SHA1
a4551688459e206dadbba78972563958a59e7a42

SHA256
c4408646dbb1b00d25165f5568acda13b30c19d7f34c172c78ea339fa4af203c

SHA512
19c6af35ed24129740ade25917c8fcbd163779d4316db4bb56fffa33a8295e6aff93aae4f195c6fca8eed24b87753b8de2a101a1800b1f724572917472453087

Download Submit
/data/user/0/com.tech.browser/databases/historyManager-journal
Filesize
512B

MD5
d2d458ef3efd5cb1cd894f0c187b8470

SHA1
1599dc85bf707fadb17b6e15d9794aa95f142a82

SHA256
c43c9203cb69f7e027edd294607da8af2a660883d6c6bfeb31742db639687935

SHA512
d6a5d5ff4ec48d2f8fe5877e17d03300cc09e01bc6f85ef0e69a7fa7583db99f6fd0e50a1a9c183c341e65881dbddcba5dfbac3448c6ced36e5649dfbcb2461d

Download Submit
/data/user/0/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
b2b60a1a70e3a0c9d208cc4559d167af

SHA1
3d0c730ba941b847789e7a96d77a6d97a6f168f1

SHA256
77617b1800613e40ebb0b43dfe10a554d109714dd7f3a561840793751ce69cda

SHA512
a8498ace8a383ae4c29e32a777411f1144e841d12a6b1ea0ed4b2e4ed5e5c863f34c43d48f45a111ee4c8c4a8eaa39b031d0ea08077d01196cb254c387a0ea2a

Download Submit
/data/user/0/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
566355921dbf3e047df9b0afdf3aa8b5

SHA1
ce46f39b7b382d844e76ac08b92978e5138edb73

SHA256
56b0c619c5133c35a03c354c5fd2eda6cc6682153b91cdcc4f482cb581232743

SHA512
127d079678a03eb7571940a204cb9a2472c0cc3b741e47cff30003e27a2624eeab625a38a9983ee483e41f0751f17d7cb4fbed3344e329342bf2b1a26975bc55

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads