Analysis

  • max time kernel
    1066s
  • max time network
    1086s
  • platform
    android_x64
  • resource
    android-x64-20240603-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240603-enlocale:en-usos:android-10-x64system
  • submitted
    09-06-2024 16:35

General

  • Target

    Hamster Cоmbot Bывод.apk

  • Size

    7.4MB

  • MD5

    43cd0d0837b2cf2371e93e4340614562

  • SHA1

    db8cd87819a91f311f22a78e1e4099486768099d

  • SHA256

    608bccf44f236542d708efc9e8d81372bb1a941969f267b315772acd370d2b06

  • SHA512

    7e5356ef27b70b99a872b3c5cf8e21358971c0c85c34c7fbab6a8a20a70a5859a34dc8c651e274fd3a13bcb3af6f7adfc2269b108f11bbb25eb4257ac5f9a0f9

  • SSDEEP

    196608:xwzajoJT+62TZF8SoGwsX7LwwYwwxfn8/XezdJsy7BwHxz5:4aKfsf1oRjzqXeJSyK

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.example.application
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    • Checks CPU information
    • Checks memory information
    PID:5046

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.example.application/files/profileInstalled
    Filesize

    24B

    MD5

    6ca6d758281bdc284f4868755f2c44b1

    SHA1

    908079ff195ea0c853f0aab9354cabb045ddc1bc

    SHA256

    bb6b07373302cfa9615c49226e98609fbc314d1edc0a7e974b395420033e58b6

    SHA512

    3f9855cdebeeb4214c9852b8208bba8dd6672c24d3766fabdace1eb0a33e8a90b984301c225c1cd42815485354e6893317bb7c3de382f5cff0e1fd0b5b2bb1c0

  • /data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    b09f5a35a2afd62e2b27e8a5163dbba2

    SHA1

    a20c86b469871c12763f12b483ad811b9e32a1db

    SHA256

    7355c639542a4170bd47f18e2b4694879c130fca3293c63fe154fb5278a3ff71

    SHA512

    23ef844ebfa563e74351e5ed32f7e48db3194fe108dc92b368f20acf1063467a2c7589c51ba3b751bc2d5f5f335cbf4b1a63655f58cdbdbf4ca2697df7caec9c

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    5KB

    MD5

    b6d3ca5f8b1bea3f243673abdcbc25f4

    SHA1

    917a67c3b5fd9814adc01e81c59ed08c70db70ac

    SHA256

    1eadd2d3de1286832ab2ff6ee7eaba4fc116b53981008593219e9afe543cc9df

    SHA512

    03bbd5bff2f967445e1f62da8570063f2aae822c3f0bfc67a42d7d0afc893ba5394e3d5d525dcd7c4569fe0f0e9a904b0fe5044c138a2427c46879bd7ae6a4e7

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    2KB

    MD5

    a2ea03b37f81f8dc484f782ebc50453b

    SHA1

    5aa4f9e3c446dd39b679f92d934c872192fcccd8

    SHA256

    7063c0aa92a80e9c9043cf486fbba100eff43853e7785a5f2bf2a9208dfe4d9c

    SHA512

    118cdc597dadf43cc2367eb500ef11ef8ef2e171ab1f4a578f4666348012735f665ba15f1dceb6cb22d81a40d9103026863ce676bdd2ee89f9d46a6f4096beca

  • /data/misc/profiles/cur/0/com.example.application/primary.prof
    Filesize

    2KB

    MD5

    2ec5184c334fbf11d13ff3fb58f6434c

    SHA1

    7f09ffaf79eee6f6cee45aa958d413dbb08a1a72

    SHA256

    ab7754b1bc22cf53b69d294569aaa9048f8923311a858f9f7337144d86439bef

    SHA512

    2b7d78b4b5f5cc8aa8ea4ca69ebc86088a4289523789f2cb2851af1bc50a0841267309c6a5e2affbfe133f630e32d5b3e63df0ad689f88db334aa3710b768be6