Resubmissions

09-06-2024 15:45

240609-s7g1hacg63 7

09-06-2024 15:29

240609-sxcysscf37 7

Analysis

  • max time kernel
    280s
  • max time network
    1165s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240603-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240603-enlocale:en-usos:android-13-x64system
  • submitted
    09-06-2024 15:45

General

  • Target

    Hamster Cоmbot Bывод.apk

  • Size

    7.4MB

  • MD5

    43cd0d0837b2cf2371e93e4340614562

  • SHA1

    db8cd87819a91f311f22a78e1e4099486768099d

  • SHA256

    608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06

  • SHA512

    7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9

  • SSDEEP

    196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.example.application
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks memory information
    PID:4253

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.application/files/profileInstalled
    Filesize

    24B

    MD5

    2da75e4ed882beaea540d8d5df029a79

    SHA1

    6418bfe21f86c7967901d7234415fb54b7936968

    SHA256

    61603d2f6d8ded1f66bf90eb0cc22cce980fdf456b319eb8498efef59896d0ae

    SHA512

    850fd426bec5bc4a97881c45623721310fc81ca15725741f9c03112fa2f77f86cd841eb6f811135d72497817142049297323df53db26871b2c44df7cca494c2f

  • /data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    b9c20643eb7461e73831329c81ce05fe

    SHA1

    09d27c7fa559b7338c42e1eb0c78d914a0582609

    SHA256

    e3e9c4ff6b53cccecdef54166086417b3774103c323e0258b06287eabd1cc189

    SHA512

    f80d1c62743411feafcad9a591712b6df16366c51682c356ff02404354463dab4680de9f37d0f45ff97fdcafc773d927a6f342aee4c66a99bb34e88ffd798905

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    5KB

    MD5

    86800d48a00de0a211011e9356cd7371

    SHA1

    aaba899af40fc1aba33cbdf52d4f8e2a0b9dcd71

    SHA256

    4c3f5ad9ca5623b2ab5f655be042f18fb156101295381757fa76d524143a25f5

    SHA512

    71c6ecf46af762b87f05c5b2253711b641f62c0381623364d98181171566b7c879eec22884af047f1d4563de2a7ca78d7a073d1ab5625bb8c171f4941b26edd7

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    2KB

    MD5

    edf8c9b5173cb9dc90c78f7dcd981979

    SHA1

    0a82e6a4b93866f3bc64d5be7f23151a6795b3ef

    SHA256

    fe844d4ffecf8f271643a213b251e8223df4f902dc707ec08ec145b5f058598d

    SHA512

    5dab3257d3ebd286bfaaaa9b827e971e6e30dd9bc1f7a82e8c89511b9005dc238b2553c7c48cf4c68fa125f0dbd4bc34aab3bf7bf00c9df34798acbcf0148b8c