Analysis
-
max time kernel
20s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240603-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system -
submitted
09-06-2024 02:12
Static task
static1
Behavioral task
behavioral1
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-20240603-en
Behavioral task
behavioral3
Sample
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Resource
android-x64-arm64-20240603-en
General
-
Target
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
-
Size
2.0MB
-
MD5
71f6cdb3d8eebe1c8e7e26896238e571
-
SHA1
019134386a6d900d61285e5e986249928a9504b6
-
SHA256
e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
-
SHA512
740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
-
SSDEEP
49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/pl.spyone.agent2/databases/database.dbFilesize
76KB
MD50379f2b646309bcd59a19760005dd257
SHA19185b00c3401321841b1c7edd10624a13c2dd47f
SHA25662c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f
SHA512387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
512B
MD540b54f23119c2638a1b8824641f60213
SHA1a8f6c8711f651890eeadcf8389d2f0fa72100b27
SHA2562a82add04a8af901684005afc7c81621472241db5e49b5bfd11efb0c7c0a6050
SHA512d8c9238f946253514ddc006d74955bf65cbc239880a5e547e79a79fc0187bad5eebfb16616527429ddfc96a2f82206fa98b9917b8a4002505c4431b213277adf
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD5d8d7b0cc67fbb8262038acecb1b392d5
SHA180385676594ca419f4aff5558e824d4b8fa950b3
SHA256f54cbf2c1324bccef3b4be2056901f653e0d3c2a603bab16e9c2ca888978bd9b
SHA512e02b1203a11e5ae38619925f06fd9500d303850245d915995ac1005be7366337366d27b96651c3538ba56242826fd658cbdf85ee18a23d73afc6f27811802ca6
-
/data/user/0/pl.spyone.agent2/databases/database.db-journalFilesize
8KB
MD525264201cc09405c9bf50052afa2a8e4
SHA1562b270e62c9ae7b3103393fb8e06bb09454b57d
SHA25690bd33f5a3f386facf93813d0efc6b6f2952d76a37b78f7d4467556d072c8a9c
SHA512d218e45ebae966d74c726281bbc9e1ba92405862eca4c1ec518486dfb00d354691bc681c5b6072519d2360c64f8e179553985b89311fcb690f54aa8513660238