Analysis
-
max time kernel
49s -
max time network
131s -
platform
android_x64 -
resource
android-x64-20240514-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system -
submitted
02-06-2024 02:05
Static task
static1
Behavioral task
behavioral1
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-arm64-20240514-en
General
-
Target
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
-
Size
2.0MB
-
MD5
71f6cdb3d8eebe1c8e7e26896238e571
-
SHA1
019134386a6d900d61285e5e986249928a9504b6
-
SHA256
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
-
SHA512
740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
-
SSDEEP
49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE
Malware Config
Signatures
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
Processes:
pl.spyone.agent2description ioc process File opened for read /proc/cpuinfo pl.spyone.agent2 -
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
Processes:
pl.spyone.agent2description ioc process File opened for read /proc/meminfo pl.spyone.agent2 -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
pl.spyone.agent2description ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener pl.spyone.agent2 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
pl.spyone.agent2description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone pl.spyone.agent2 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
pl.spyone.agent2description ioc process Framework service call android.app.IActivityManager.registerReceiver pl.spyone.agent2
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
76KB
MD5dd46d6cae176055d8617ceb3d40f1d96
SHA1b7a971b5f755f7fd5f9041bb1a0ffb1a74d9dd57
SHA256c4d2fc19a3c54c2d2cadde804546ce6f62f960865b829ea240026e1ea2706e96
SHA51254d353f7e746aa3935848cc2f694cd6cfbd1c59b6f56e276b76fad0f0a4c8ea09cd4835be8a8ccd615a7714d3e212a091d93a2b3b835f4ea767c8ba5950a5516
-
Filesize
512B
MD591a9fdb54efad1650fffc23a4f45b356
SHA1a5a74358a283cdbe8e744794915d938ad8ed54d0
SHA25603a9f9d2fc4b1cf236e4c5b337df6032a9a2e4253991a6ff3a8a5c0e19582cf9
SHA512409fe143f1a59dcfad3f8c59ee88758c1de5364ca7e66ee734237b3b4772f2b4c22557d828c940ee9c73e8a41763d097cd9f86de4633f4af11b12f29318ab107
-
Filesize
8KB
MD552257fca3dcfc6d7b484bd594b8f962c
SHA1ac2c3fc4bacadd17a0587ddb225eb5d42c489f4b
SHA256d7391543b13f1342bf61ca3a1d55e725bf300c233c40079fad66e4a12b48ad8f
SHA5128e47a547685d86037b219cc994005acd7a02707e617d88e613a9c96a669921a75a58100871df932abbc02f42d7c769a5a722b7ca2b090f3b2344a2d5e252abd2
-
Filesize
8KB
MD5aeecc86da0eb3c8a482f8ec7b181e8ee
SHA15528d26a2cf929507281d1664f9ea2b455972f54
SHA256280a0d62463bb2dc22c23d71d92db666d1bbd6475275ed3c6afb929c580fc223
SHA512adb650a4ab8210bdd56c4cbecca9e6c77442b8c1d0175da3d951aa128c81cde45a8ef8bdc3a4c3de093085e1a24b45a792156e31f7ab1cbc9760518901ec1519