Analysis
-
max time kernel
119s -
max time network
172s -
platform
android_x64 -
resource
android-33-x64-arm64-20240603-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240603-enlocale:en-usos:android-13-x64system -
submitted
09-06-2024 15:29
Static task
static1
Behavioral task
behavioral1
Sample
Hamster Cоmbot Bывод.apk
Resource
android-x86-arm-20240603-en
Behavioral task
behavioral2
Sample
Hamster Cоmbot Bывод.apk
Resource
android-33-x64-arm64-20240603-en
General
-
Target
Hamster Cоmbot Bывод.apk
-
Size
7.4MB
-
MD5
43cd0d0837b2cf2371e93e4340614562
-
SHA1
db8cd87819a91f311f22a78e1e4099486768099d
-
SHA256
608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06
-
SHA512
7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9
-
SSDEEP
196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
Processes:
com.example.applicationdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.example.application -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.example.application/files/profileInstalledFilesize
24B
MD514c7bba7909c882fc73bab481d02d220
SHA14751ac93ae38a4a718d3be25c9b0162f55e5aa1a
SHA256ab44bf3f73682497062f25d0f4d6e79563d31680c06280ec95a8f45a52b7d1cc
SHA5127dbc9a40901cf10133768668dd8487bf823959a532b2d7060de778094919c112c0bedbea32482b9bb10dceea36aa6806e8d58fee845ac2a4418c616b74b2a023
-
/data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5a0dcbfb8f6965904989a4b8369783e88
SHA13035406fe88153dfb24cc091820e1b0fd5d6a1a2
SHA256913f7fb68fb2d4b3d2920f74631411670035fdf1b80df179f8431f8430e6dce5
SHA512aafcdd4f9c7d20a6d0cf781b148a662d5394bf603b99c5722a9e64d5333f7f2e0f4923a56d917533328c7357cb1ab5781e499f114392563ef6475a8804876d49
-
/data/misc/profiles/cur/0/com.example.application/primary.profFilesize
5KB
MD586800d48a00de0a211011e9356cd7371
SHA1aaba899af40fc1aba33cbdf52d4f8e2a0b9dcd71
SHA2564c3f5ad9ca5623b2ab5f655be042f18fb156101295381757fa76d524143a25f5
SHA51271c6ecf46af762b87f05c5b2253711b641f62c0381623364d98181171566b7c879eec22884af047f1d4563de2a7ca78d7a073d1ab5625bb8c171f4941b26edd7
-
/data/misc/profiles/cur/0/com.example.application/primary.profFilesize
2KB
MD542e679fc47033f62126cf2e4262b4029
SHA1e03a5447b7a0c90b0704f57692b83b78f5c535b1
SHA25670a25dc684aa6f80410c543eff7cb76aae57dd7a76419a05a4f95e003690aeee
SHA5128f050d1785ae93a84510abd790156a9c676429078c423646012eafb9f8aed1c2346a13475d56ac504327e3be60e9320bd668cf0c8fec745073bd892e3bfa890d