Resubmissions

09-06-2024 15:45

240609-s7g1hacg63 7

09-06-2024 15:29

240609-sxcysscf37 7

Analysis

  • max time kernel
    320s
  • max time network
    1164s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240603-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240603-enlocale:en-usos:android-11-x64system
  • submitted
    09-06-2024 15:45

General

  • Target

    Hamster Cоmbot Bывод.apk

  • Size

    7.4MB

  • MD5

    43cd0d0837b2cf2371e93e4340614562

  • SHA1

    db8cd87819a91f311f22a78e1e4099486768099d

  • SHA256

    608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06

  • SHA512

    7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9

  • SSDEEP

    196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.example.application
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4465

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    94026b66129c9c3583478d7b9c72de11

    SHA1

    80e90e5a8006ae27af5b866bcee700e28a6c8817

    SHA256

    3248a5a10201772ca3a90c17cac1c3972c658459dd653a25cf3bb4422d4a5adc

    SHA512

    521c0b66840b98dae42603b1720ec83694c59f2346fc0c100bac1d43ad81d36bc8257ad8a19e0f912a7da363159e7992bae952632325318764242cc21713f94c

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    5KB

    MD5

    b6d3ca5f8b1bea3f243673abdcbc25f4

    SHA1

    917a67c3b5fd9814adc01e81c59ed08c70db70ac

    SHA256

    1eadd2d3de1286832ab2ff6ee7eaba4fc116b53981008593219e9afe543cc9df

    SHA512

    03bbd5bff2f967445e1f62da8570063f2aae822c3f0bfc67a42d7d0afc893ba5394e3d5d525dcd7c4569fe0f0e9a904b0fe5044c138a2427c46879bd7ae6a4e7