Analysis
-
max time kernel
75s -
max time network
143s -
platform
android_x64 -
resource
android-x64-arm64-20240611.1-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system -
submitted
12-06-2024 13:20
Static task
static1
Behavioral task
behavioral1
Sample
f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765.apk
-
Size
3.2MB
-
MD5
9f5e01cc2a0c2206b418ba95eb63fe00
-
SHA1
fcb06082ba471b6cb4817d5dab2a28f0cd63df9f
-
SHA256
f363689df11b1848a39c585c04c9e6034384a037776004a7f34fec493ae38765
-
SHA512
130830d5e7efe7918fbbae980dc3531267c2bd3c0afc8f57378a2c586de77cec7cc79d8cfd003bfb5e68b9db6d58d1d318c655cc031efcec6d6f03bd66a792a0
-
SSDEEP
98304:8Op8N9EDEcsrf+tfjktkVK2nJlhOrNHCA:dhsrGZjkqnJDA
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/yes.debug.yesbnak/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD56be169a26b777436d8d2fab1bee34d61
SHA1dcabdd4bcc5017d31b019b78aa04b507beef890a
SHA25645d125778a2b483d56205bb8cbef1fc43a12988680884eef0752306e901cf364
SHA512b6dc5e51378a990dd839f2238b83519081b7faffe0f2fc59d89b3995030fba203a1e0899ae202ac8306289870de9cc06413529ffb6177c079603b3cbe47faf44
-
/data/misc/profiles/cur/0/yes.debug.yesbnak/primary.profFilesize
1KB
MD5db5bc98d7b015767d8f585a53d714c16
SHA152f1d6ebd0ab4271bf3c80df7a02f8b43e37ee1a
SHA256ddcc9451e13adb14ea8dc278406318468cab2109b8dcb0d20c63eac98bbf97e1
SHA512cbb230a50cc4011a05b60bb28ef406c443a4554bd615acb447d167a521389c5479402316751a061ff437877c575ff2ad8ca2e2032da53dec20e41ad2250e3bd7