e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
26s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
12-06-2024 02:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

pl.spyone.agent2

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener pl.spyone.agent2
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/cpuinfo pl.spyone.agent2
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/meminfo pl.spyone.agent2

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/meminfo	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4469

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db
Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
512B

MD5
cab078894fe97e9d04e910b1e39c8c04

SHA1
b28c73104065dbb6d76e97d0cdaafb8dacd10761

SHA256
dd769aae4399850615476dcf3d4bf2161725f905c7503613ed7da8dd0fdfbbbe

SHA512
6a86c1f54ba6afd319a4c6ecaf325028f456f9b2d71616a8525bc07d7fad1f420201778a76449e1b75e24279da718bb82906c482486a616e23fc906489c67b85

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
b41b9ff4da88dc558ddf80393ea608a8

SHA1
00a820d508803b49dab87663b45872de511361c0

SHA256
9cc57a8ca43e6804dd71bb20db83cbdc4a4bd822e9c2e5a56e5d0f114b4ef84a

SHA512
b61f53a8a45062142427a7c04fbcd49acad0da60767d636afd5336c4b78ecb0a34daf84214a89f4811cbe499bc9704d70fc38123caa09888e76f0228fcf4942c

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
c3312553c9cea5ffe067e234279a4b21

SHA1
01387c58e71e9880df771a13cd2d7cb6f6c0367f

SHA256
b8d282a16b853d72ba6f942f785d7d68a6cc4bcf82cc18862e4269af865dc57a

SHA512
ef9d95f1e43a7b4cee75e33a24b509a29d82ac34284bec17916eb32790c9975e4b2bf744659032c225815382d9576f18fd07d57d39bd0559e7959ab088fd8f1b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads