Overview

overview

7

Static

static

6

f363689df1...65.apk

android-9-x86

6

f363689df1...65.apk

android-10-x64

7

f363689df1...65.apk

android-11-x64

7

Analysis

  • max time kernel
    48s
  • max time network
    129s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    12-06-2024 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765.apk

  • Size

    3.2MB

  • MD5

    9f5e01cc2a0c2206b418ba95eb63fe00

  • SHA1

    fcb06082ba471b6cb4817d5dab2a28f0cd63df9f

  • SHA256

    f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765

  • SHA512

    130830d5e7efe7918fbbae980dc3531267c2bd3c0afc8f57378a2c586de77cec7cc79d8cfd003bfb5e68b9db6d58d1d318c655cc031efcec6d6f03bd66a792a0

  • SSDEEP

    98304:8Op8N9EDEcsrf+tfjktkVK2nJlhOrNHCA:dhsrGZjkqnJDA

Score
7/10
collectioncredential_accessdiscoveryimpactpersistence

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • yes.debug.yesbnak
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/yes.debug.yesbnak/files/profileInstalled
    Filesize

    24B

    MD5

    28679ca55c0b5d43fcb0d380eba4cc4c

    SHA1

    90dbd73a2a0b2ecee6120cf79a62876072a1166f

    SHA256

    564f9265ec8480f2bc5b9839d696f82d6ba6a2ac86e9534560990df0938f1b38

    SHA512

    1dd994847368b98728cd256721731cccf913dc6682bfb770a651fad344c39a906190c73e98ebaa47c7130962f8266e82b352826cb1de90003a5fe992cc9e3b18

    Download Submit
  • /data/data/yes.debug.yesbnak/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    c0b049639960176d7bf8f647002bedde

    SHA1

    bb38297ed58881e81f1920c6253f6ba488da40a9

    SHA256

    f386c5ca6e11d30d8b7ee173a1239015173c08f4012eaa49815b80439ee75c11

    SHA512

    003d981c68486e90771528c8a0c695229563e46b93b4afa314c63c38225a109f30d1752944618ff8a8fce387f6f13572d9829932fb98ba931e74c50367ec5b36

    Download Submit
  • /data/misc/profiles/cur/0/yes.debug.yesbnak/primary.prof
    Filesize

    1KB

    MD5

    db5bc98d7b015767d8f585a53d714c16

    SHA1

    52f1d6ebd0ab4271bf3c80df7a02f8b43e37ee1a

    SHA256

    ddcc9451e13adb14ea8dc278406318468cab2109b8dcb0d20c63eac98bbf97e1

    SHA512

    cbb230a50cc4011a05b60bb28ef406c443a4554bd615acb447d167a521389c5479402316751a061ff437877c575ff2ad8ca2e2032da53dec20e41ad2250e3bd7

    Download Submit