Analysis

  • max time kernel
    140s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    07-06-2024 19:13

General

  • Target

    VirusShare_67bde6039310b4bb9ccd9fcf2a721a45.apk

  • Size

    309KB

  • MD5

    67bde6039310b4bb9ccd9fcf2a721a45

  • SHA1

    9617b0a883060e01b26b9d36c5b919fb83943a8d

  • SHA256

    4d3de2103f740345aa2041691fde0878d7d32e9e4985adf6b030d2e679560118

  • SHA512

    9552f40ef744632c929efed8e0c5fe1492574f22e38323d280cb050034ddce335abeb21603e340ba1022716846026ba68469f4ef05dac53758f78a2b3a150752

  • SSDEEP

    6144:MWq/9kwR2UyYng86goLWBvtRatTCcNgvTldW0PBRmX/UCqBqyAN/RW:E/9NkY16gEA6DEw0PWvUtQNo

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.android
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5179
  • com.android:remote
    1⤵
      PID:5481

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads