e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
19s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
14-06-2024 02:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

pl.spyone.agent2

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener pl.spyone.agent2
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/cpuinfo pl.spyone.agent2
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

pl.spyone.agent2

description ioc process

File opened for read /proc/meminfo pl.spyone.agent2

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

description	ioc	process
File opened for read	/proc/meminfo	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4649

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db
Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
512B

MD5
e71471a276930bd34c3f4d8caa21757c

SHA1
7db784b0e3b6436d4dc7eba50e62b601f654fd47

SHA256
48d0c9d1fdd2660d35e2af400d2940783b9e236855ffc6544308b20477c65795

SHA512
4355e25a6eefe584c824f742764fd56111dd68d209e13071302862f65b40646afaa9e982872a9ea49fcb93aa2a75795f1de87c93bafab8efdec8ec8f60f3a84f

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
55e0d42ff465430eeae5890f1693ed73

SHA1
bf109a60bd65a976b2e859d1142444556d8dc837

SHA256
c71915c5dfb7058dd14a7e908fa5140988d3119542b466d522418f4db78ce330

SHA512
d25e835dbde195465472e847750d8dc87cbca4f33ef14c7eff3832e833eeb22dbf3497a998ab6aff4ad442733def7c60ba7e61339d118abec395f99cf80ff00b

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal
Filesize
8KB

MD5
531fbd7ff93509462cba7950c465f4ef

SHA1
6abc410a58e8fb2d39d96d5b054b1116284263b4

SHA256
4929cf2d40c3d5eb961afbaab2dbfabfaf57670fcf6e8d896fe260e3237d7af7

SHA512
9807036a01f09d48a3f2c7c15e964e30b06e7c63a0194c1e2ab46f3473f64330d2a925b68aeaf5053d2999d3890561237a367dddeffd2267ce84e06d2db07a76

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads