Overview

overview

7

Static

static

1

09d4a5a09a...5c.apk

android-9-x86

6

09d4a5a09a...5c.apk

android-10-x64

7

09d4a5a09a...5c.apk

android-11-x64

7

Analysis

  • max time kernel
    156s
  • max time network
    188s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    12-06-2024 14:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09d4a5a09adb12d0153535d046d96849d4d83c8551b0be818626505e206e4a5c.apk

  • Size

    4.8MB

  • MD5

    e95e1f342ea8a16136a6ba8b5c461cfd

  • SHA1

    2d7f51101fec9ecc3d84313088a6fdb7702fa02a

  • SHA256

    09d4a5a09adb12d0153535d046d96849d4d83c8551b0be818626505e206e4a5c

  • SHA512

    a88cc1361d5740f0caf81638d5de4bdf2c211e5f5b37817385f3c6e20c464e954b4f4a89a008024094a64814d53d428ba7598098a2e5d0636dd0de3666cf6bfe

  • SSDEEP

    98304:lk5QKPD6MteM/0KBSj57a4PQ+vqJBBEypgZGRqnzK1YFqaPo/KrMJ:CP6L1GWqXB5pgARqnzK8p+

Score
7/10
collectioncredential_accessdiscoveryexecutionimpactpersistence

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.hadifetrati.notebook
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:5197

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/1qr8dl8wps1jpzi951vok34zi.0.tmp
    Filesize

    29KB

    MD5

    5aaaec90a9729e4f660795be2fd48620

    SHA1

    5297e2b0cb795ba6e6c23ec90384bea31b3ab045

    SHA256

    a36b1c41a44eee1682fe431661ea0ed622582637d5f49609c8ac7f8bf48c66a6

    SHA512

    4c91460ccacd7670cce042841968c1b49252d6fa54dea3f9c385ab160c30c1c2f51badda29abc9465134b8f53c6543c5196ac73efd2aac1da314f5bea553011a

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/2iluxnebe51hekcjg8v1g5fq4.0.tmp
    Filesize

    27KB

    MD5

    8efefa3227e4d782a80d5f9da22a0058

    SHA1

    934293af173c80e3ca62e717d619acb57005a517

    SHA256

    fd9db8d1519624107a19b6a69985d592c5cb178706f1ea62bd13719400618fe2

    SHA512

    e9e2f3ca150c6b1cf7573cafe7d5866057094fe28a1eabfcfe2e86df7885a4ddcafde12dce53224c4e263fe2047d68dc626be45bda2f837756a3a8b2c606667b

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/2mpzv0ywwt0br3layyg7kosn0.0.tmp
    Filesize

    79KB

    MD5

    b4ba18af5e4803b5406d04d682f9eb51

    SHA1

    d6877e0b6c25047129e54c4629d9814b5b6845a3

    SHA256

    4a23b0af124d823f1d9877a51fa42fa8fc959810dc9c7efd23ca9e610f0a45d5

    SHA512

    fbef24e61151fe8c19339306a06752b4d6bfec9b7f50cee518c419ba277591af24a17d87a0e5b4d8e65936d63f14fd598e0fefe53b73c4f59c80e1895d4a9cb3

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/2uhrrdkqo8jjq7ppyhxsxfdm.0.tmp
    Filesize

    163KB

    MD5

    9c9d3dd3fb276bee23da93f639ae46ed

    SHA1

    cfaba0922e79567ed03dbb2f7b4c6c497d27d8d0

    SHA256

    b857723004b2357dd3152b526403cfb2b91fafe2957a283975c1358f28cc02a8

    SHA512

    b94c2329f973208de3002542a21fca629643caecbb6b83d100c69a2554a1a371e35ffa4a555e595bd44d3c472dbffa5c4c86049c3f54ed5f5c81ccdaf4a2f82f

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/368xkuacxmfeo3v0oesx88paw.0.tmp
    Filesize

    140KB

    MD5

    54914bafb1b97d16e353be49c81d8392

    SHA1

    fb33d0b5d200a61d37ac22c44e2fba6fbf53a8ad

    SHA256

    233142bf36cd7676c6e18856eac6861081c42f83cb4f7c865791d9c67b0636ba

    SHA512

    d7d495e3bdf675c5136d6bfd37f78cb75c847f770fe6a1b44876aa2ff425ee3a16774acf308ce992edcaf61a8ec2baa9251bfdedec0a5b4165562a30a3c7d5c3

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/4hi9t08341wkp6zscnhairpuc.0.tmp
    Filesize

    48KB

    MD5

    d6345ae86733f4ab79546cb0042c4c38

    SHA1

    9eb418ec4e87e666afcd42782e64328aaa762b72

    SHA256

    b1eea634f7e4a5a915f4316968b3a9e028211959c38c5f789aa7699f25424b56

    SHA512

    531a1a3364f0173230b8fac9a7c474a4c444e26b0462aa943bdde1cbc519b1ef4c1f6aab190d788ad779bc0b34b44418316340b63d833655c00838a808d0fbae

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/4im4mehi8oql8ccqtzqzuowhp.0.tmp
    Filesize

    5KB

    MD5

    bd00afba56e1517c53505a42fabb198e

    SHA1

    2b5a85dd2767bf33b2a57129226d00c48508d83c

    SHA256

    0b8ba338ce3b657a75d98d659fce4bea3e578a1af4eb845da33b9fc25ff357a3

    SHA512

    3eb6f611f33ff2ef5f632ca79f0595089c2ada3620f12ea38ed3ecb307ded38562eb953d0774115ad84004260f903d62c909e55f9c60a5c913ba8cdf2316abfc

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/5pbo4a7hddcsyz1wak1oojwhr.0.tmp
    Filesize

    61KB

    MD5

    4a3e4671e240fa87f955b86c32818358

    SHA1

    09c94521f832b980c3196436ef5b5bb9a0f5291f

    SHA256

    3ac0f177e2a226d398c51f1052c330b0af38e2c925579ab5a59b2438861d9324

    SHA512

    2b5a0f56a9eb7c3340a0080617179eb83d9880158120c23f44d38f72a7718725954b3fbe4c66f99aa74d8cc1f506390d20352af4e57a59d27b17ea35a46377b2

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/5s1oib9dxsbip0phnnqxsx10i.0.tmp
    Filesize

    3.4MB

    MD5

    68cc7e7ff81d72b65082da5d0d9b4718

    SHA1

    6c2ffd9d0b3505ad7efc9ef22bc0bbbcced4ab55

    SHA256

    11bde99d5cedb1d5aa1425ba3807f8cee8c60f16c6f607027553d167a11eb6df

    SHA512

    848155ff51abaadb475d7900e8e8494906c02ff85e21f8113f1a48c9002616c07077a8b3a7272d6eada0d5ec7ba2dca7cd021190eb0802c3a13e41d9ae69c68a

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/journal
    Filesize

    786B

    MD5

    a34339b75f4f6b7dc52236707c4b3086

    SHA1

    7fc2f5d160a431a5c7bbaf55af2254d94721f85f

    SHA256

    1f2efd96644a84276264dd7ba22cdf959a1ebd8484894e11d8c3d12247cd0a67

    SHA512

    b5305b8106dff18dd43f69ea3051fa05d56369b80b49bae34be2e79b7f0debd5a37c4ce3818e777d730decaddfd317a7fadb27b97ee974dc473fcead7afcba40

    Download Submit
  • /data/data/com.hadifetrati.notebook/cache/adivery-cache/journal.tmp
    Filesize

    31B

    MD5

    8c92de9ce46d41a22f3b20f77404cc1d

    SHA1

    8671a6dca00edb72be47363a7071be65cf270373

    SHA256

    68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

    SHA512

    30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

    Download Submit
  • /data/data/com.hadifetrati.notebook/databases/ADIVERY_RESPONSE_LOGS.DB
    Filesize

    20KB

    MD5

    6cbd101d9bd7e6912efd40db4d7cadf2

    SHA1

    806296677bf0c7fb943b6280394cf2c4c19afe90

    SHA256

    6bca2118bf418147d3dc0c9e4d83249422a0036ade1245ff3fd897956f0f87e5

    SHA512

    c16cc2b56e1d4b19dc1eb5e051fda8a8e444980b7f8a6bd83150e1242cf7a3a085ef27177f57f72b42836bb3da0f5deca0a1506de7e93753a675c22bcc7b6fb3

    Download Submit
  • /data/data/com.hadifetrati.notebook/databases/ADIVERY_RESPONSE_LOGS.DB-journal
    Filesize

    512B

    MD5

    f27159658d0a0fa99419939f9fd7bb2a

    SHA1

    103cdee9443cefe7f634c33228e5c11e2a746710

    SHA256

    c055b9552c56ac5968edf4f5e69ca990877e4e6e9a85d52848020b979df2afce

    SHA512

    116404e70c6623dba0cd38e6f68fea8132548153a25af1a9c4163899e4bd1fead9258f469aac31e8b5ce93130a521d704d704f7aca11a597d7a63ec8fa07d403

    Download Submit
  • /data/data/com.hadifetrati.notebook/databases/ADIVERY_RESPONSE_LOGS.DB-journal
    Filesize

    8KB

    MD5

    b587c5dbf66dcf68058a6a611994071b

    SHA1

    90e509d0bd91866489a10aa892bd98a48b2323a5

    SHA256

    1183a06e1cdfb8ecffb2edaf8f8374c556078e92c221b793b43c1dba57a6b71e

    SHA512

    2da1669b22fbff1bfe7aa505f1235883372d886371c7c316714e5c7a4b60144161f64e3a7847abc226355fbdfa3f5ae723e555bcf3536deed65d8f116167fefc

    Download Submit
  • /data/data/com.hadifetrati.notebook/databases/ADIVERY_RESPONSE_LOGS.DB-journal
    Filesize

    8KB

    MD5

    ef7d10abbe971d8e062e5cfae5948441

    SHA1

    2147c030eb270d5c36b0dc97d4bed5afb492b8c1

    SHA256

    e4ffe55285af109cb3bfce758216f0ad02d0ebbbec9a2a264778a3dc899a2fcd

    SHA512

    811568b5474cec8465917ebfc7cc211c9de9a31f0455416fafb242f83fc39b1dfe61d7dd80b36fb1be9abd7b2d71637889cc8399edfa3461949b05a609043ded

    Download Submit
  • /data/data/com.hadifetrati.notebook/files/profileInstalled
    Filesize

    24B

    MD5

    82cd761956cb22df519bcf6e89fb9720

    SHA1

    70d8284f6455c51190dad142f63d92b4fb49af84

    SHA256

    f4c8a171f556700aedaeae752c2066f96047ad63c7d09ef378fb65fc0f664f14

    SHA512

    afa28af2eb57c26f5228898a161ecefaf366d94f5f453facd2abbdcdd305f63ca8f9fda0b83fa445914ce47077856e9cea45b38d28f1e5ad67d553d0f7a6c0c8

    Download Submit
  • /data/data/com.hadifetrati.notebook/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    d664731a655d45ae11b8ac66898d917b

    SHA1

    8dc009fa757c810af0cefd202cd3c752fdc57f49

    SHA256

    b79bfbe82195cc14d7227abc03d5dee58bbb4fca362331ad3b928c98f3ff52aa

    SHA512

    e29f98192f2e5a5ca7b25bdf596922d8d83b27e430ec776df27a4f293d7e1db2ca0328989f065db7558f22b06e31ef88b681d58e46b653b5fe8ca98108cc374c

    Download Submit
  • /data/misc/profiles/cur/0/com.hadifetrati.notebook/primary.prof
    Filesize

    1KB

    MD5

    b74110fef75f6bd788b075005de35e9d

    SHA1

    a80e76ca6f3e770dd1671fdc25c15ee755632300

    SHA256

    49d617b2ebf59a9dc83afe76ffb69cc54f115d5e0e4bc3cd6742cab5975f0b46

    SHA512

    6f1e6a39fb607f1c7d4710552cc8bf8f194bd0823f4e6cb50542ce294a5292ad265b91e9d856a8d824869063f19c18815847243ce9ece31aaf1f48405434106d

    Download Submit