Analysis
-
max time kernel
25s -
max time network
149s -
platform
android_x64 -
resource
android-x64-20240611.1-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system -
submitted
14-06-2024 22:36
Static task
static1
Behavioral task
behavioral1
Sample
4c1ec1816a1f85d5547bc9b5076367aa056a85fac35bc4d76198589054a1841b.apk
Resource
android-x86-arm-20240611.1-en
Behavioral task
behavioral2
Sample
4c1ec1816a1f85d5547bc9b5076367aa056a85fac35bc4d76198589054a1841b.apk
Resource
android-x64-20240611.1-en
Behavioral task
behavioral3
Sample
4c1ec1816a1f85d5547bc9b5076367aa056a85fac35bc4d76198589054a1841b.apk
Resource
android-x64-arm64-20240611.1-en
General
-
Target
4c1ec1816a1f85d5547bc9b5076367aa056a85fac35bc4d76198589054a1841b.apk
-
Size
4.2MB
-
MD5
ab39084391bd609f828ce0d7ce8190d8
-
SHA1
dade8873caf6e2375cd29a6509feca2f9b52ca60
-
SHA256
4c1ec1816a1f85d5547bc9b5076367aa056a85fac35bc4d76198589054a1841b
-
SHA512
2cfd2134397b8bc580db80cbc4b8b62aeb46954b014fe15bbd16ba39ee2009f532d235cf30d302f35803b6b361925cc8a7cd0a41a71fa59da24a601d9833a212
-
SSDEEP
98304:ovQXFcsmuUOlejypRFOyPkey90ylWChHuPke4Ipo/KrvAl:oomsVUCXkeByNuPkZ
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
Processes:
com.insta.sbisms2description ioc process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.insta.sbisms2 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.insta.sbisms2description ioc process Framework service call android.app.IActivityManager.registerReceiver com.insta.sbisms2 -
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.insta.sbisms2/files/profileInstalledFilesize
24B
MD539acbea1ce9a6d6b71d8f16d1a09d679
SHA19dd5e3830d6df4138c943dfbce18cb1ea69a2dd6
SHA2567a9f5ec91dc77b203eff8781eba073854af06aa33ec23302feecde0b255caa5b
SHA51291642073839f8411dacf729884bc96d156a793b74847007e75527d9233a5da559730a91277b462ed4445a6c040c48b641ea2a46f5c48b1480b0d16646661624a
-
/data/data/com.insta.sbisms2/files/profileinstaller_profileWrittenFor_lastUpdateTime.datFilesize
8B
MD5f6bee617242afa2ec1d62a4e5b62798c
SHA1928a9654dee201e5bd1fa72f960133485cfea242
SHA256b5d22f180062410ad7ada444952c9f2f37e8134c29ee653b49823aeb2b5a80d0
SHA512f5229cefa9970321ffd8ee152eb454cca43c771e98af7d7acc08e72c7eb2abd14e85a8c3250a1f97c4587836f85cedffd798c34b34298867111ab9f38d4fc273
-
/data/misc/profiles/cur/0/com.insta.sbisms2/primary.profFilesize
1KB
MD5df932af2bdcc14de18f553739228602d
SHA15c56b6e028ad7927e61b8f61cd1be7106a72fbfe
SHA2562de6d71fb21f8fbfbb4acb5fa2a6dc5773a874a7d0ca2e1fb11694df00a639c4
SHA5125d468d82a180d0a12af1c5d711201559cc1969ed4486885b5c0448c1f8cdc43b43e44324f70e95dd1aafa87d1af8c56c20b45d8378fc9af8718282919f1831f2