76a8d06ffe1be684e5be20aca8b45e6bdd0399b7870ff6ed17e67284a762560c

Analysis

max time kernel
145s
max time network
131s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
14-06-2024 15:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

3b101fa1cdecde692d532e283cde0965
SHA1

d5bddb3d1d78a1ccaf08008144b40380a76e4792
SHA256

76a8d06ffe1be684e5be20aca8b45e6bdd0399b7870ff6ed17e67284a762560c
SHA512

e37586d79e676ff6aa613b216d80ad3fdcc73c5b74780d818b1bf2f79c06c706d5277571f151809a16ad8ee032963995f31132a210b0da87736d99ac79fced3d
SSDEEP

49152:HU/q6xEtzSF8vds66oL6WCJnAokqjcOjNO5Y/3CHLQYB4P9X3R5oHYWF:HCq6CBtvG6D6WoOORB/3sLQzFXvS

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Mad.api

Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4628

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Mad.api/cache/2

Filesize
59B

MD5
eaf3840d8b72c1346b662652806988eb

SHA1
f7ce6ff876c1081932e785f8677e90874cf6b43e

SHA256
3316bae6fa63463d29e15817f134cc1104070ff261b2fdeb3d4371c68dca3e59

SHA512
f62c3de0d71cbf73bd4b5faa2c3a0e34d1746bb4515f5a8940a0b05b4ad5f1401bc1a0109fef5c558e355358fe7e0932da02e4834c7edbd570d8ee2580cd15c4

Download Submit
/data/data/Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b7545717399e7f857bb932d9de96359a

SHA1
87efe7af25abbe0992321efb7f7dc202beefc5ff

SHA256
e0e64acd0554cb66771f598f3f42c6992f104060da0345bd134e5f4908f6635a

SHA512
f2c7b9d07231cf8f6b9b95c7cc95e7418da69ba93a4df222c5264d5c803769008a62588704753f9ceb96036e634c72cad8956233c7a36bae34e75e161ad8becb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c3e1d8c644642fbe2a12430edc7053bb

SHA1
c3f82bd26e3866a104d2431143e48175bfe0676a

SHA256
1fcc3f36be47ee0c74a4d09e18c64353f5dddcd67bdd72564b57e3a1fb5a89c7

SHA512
ce20ae956919cb0958df1fc5a80688e4cdfb4caa512ef6c62b863a24b0e87c3743916d342f3ffa4c7908d63ac1149c405c1bc9b492116fe4cf2c68030a795bb8

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
24fd1dfdc407c6a69e7f148943e548c7

SHA1
e7c024f8580aedd254ca071ebe89e9574c93019b

SHA256
cd2d5ad6800866562fb017482e47dd97f54a5be20b5883d2323a123eec2bdc79

SHA512
f9511e45b74d43be1233bcd3179b183087c898422015b48fed78e5b16d4273ef05ffc8f9c83fa6b8548c7f47f3787e91c0146c149901ce965ad5051e1f706277

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
40d3d792daed3d08240016d09004ddba

SHA1
75e760c0082e20d46b2e569edc8d326e2e2cdae5

SHA256
5ff678a346d6d4e59740380f906ed5ff06961147b37bd158a18e9462a7cd9407

SHA512
f5ee94b0df2a6197f5b3b81d31a284221e8f42919b2f420b8ae206de958fd2eaed3e5c95d24fc3ef656afc7ef57f0ea0ea553e509d7d48c6ed0deb78b7d298c7

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
f566c915ea4225f58e57825ffe31ef23

SHA1
ebb1a18b4ed9e2c038c14f331fdb5e9cd3215396

SHA256
d58a5d47ebf384af00336b1368f55b057ec46561a53e479bd0af78929eabc322

SHA512
3e219701a81d5edd0371d98ce7ea87f0f345a1b63d9d938267f32727081d83ff0fc574f1c7f1c8c2b03eec8245f50d80e37fa8c80c6ea2cf4c7342e3cc779dcb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
fb8d5a5ed09b5a6ebba0e462e973bfd6

SHA1
92aab2c291ad2bc498c9dcb22a4b2e58ffd90629

SHA256
c12e94c9d9ebf113d4daee4578a363e2ec6e3caaae7c230dbe1e31ef18333b95

SHA512
e5b9d4323127af2b439c08b9557b17ec409f282b62185abbea0054e9c17853795c5b788e4c66f2dc2fa82462093a54d7829e94f54d98913611adc4506f65eec2

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
bb4fab97defb1c6880d36cd3058fa147

SHA1
f2b00893612d69634cfe1eaef1d5c2e44ee1bec4

SHA256
bec1e0fa683dc6e3ef36eace445f9b816066f335f1e513fad5ba5d27f8aabc7a

SHA512
c3c047667837d6548e8cf443bdad0c83f748e723a1826fc3d650593d4d0cbb64666907c796e304c9aaf63ed5b9734b9fb392a7f8f7fc82827fce07058aeaf57b

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
97748c755714e02e90860056cf5277b1

SHA1
3c359f11bb1bd3347b9d388cb62d274709deb378

SHA256
8e99b64a06e2b5b5cb60a0356f43300d33311ffe257ffbc4b96da158b2aa5e28

SHA512
8ad4d1f37233bd4ac6d987ddb55ad26eb9f93f08b23f03e1dd021c87ab4d6314a68c7d191472e069c88125a263bc6f46b3ac117b3c9cfefce7b8a6e89606a9be

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
88ca7d83e5c1b59bbc667233c0d5e388

SHA1
3da02c529cd2b5225a9acef65172beffb70d1902

SHA256
68f711ce1f1238267f79e8805ce5c6c483f45879508d35ffcc917792bacf55f4

SHA512
b812d28ceecc007549181485ea16de3ad04344f9cce4459529b4df8376f68b0a7cb01aece691474818d0168c2cd473faeab77e70f58643142a77baab34816807

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5b9e3b629b18ae60d9ba98a6a3010ec3

SHA1
a5db45ec396d1bb5f828e4cf3a8aca89edb70105

SHA256
d011ee570ef16f67f2e7679fd5c898ef105ebf76e43ad808dd1f2f1b3ba36035

SHA512
a0725b1a4c459cdd0a172aca44011cd2ff2f415be76f2d9fb5e8b737182932969e26be7b7d1f96b167fc792b20b52b297b4b86ddf30124ed7d775ed3593b9b2e

Download Submit
/data/data/Mad.api/files/PersistedInstallation3877255175307430611tmp

Filesize
570B

MD5
d70d22637a92311c9b462531a786536c

SHA1
ad6db1fd407e3900209c82daf56a9d875e413584

SHA256
da811faf4dddc8c019384f36c132592af272de03263080bcd77372bc019a9b89

SHA512
820be702ff78aa5e19bb599e9c9621fec660639104ff41d9199692a46dd55a269936ca5e74452bae9bd8341faacb179c6a8aac4edb05cffe1dfdd28e9f9457cd

Download Submit
/data/data/Mad.api/files/PersistedInstallation5637829052325796616tmp

Filesize
90B

MD5
9e89c772409eba737873b05ad27e651d

SHA1
33bfe381ea7ba89e88f73823e63dcb2ae96ce87d

SHA256
d86895cf08527f1b8309849126fb623a84c4e8d13f8b8a7cc78c970074c025b0

SHA512
bdba7f05bfbbd0f0aaab73c977f3f48df2427b3159c08519dd3601a0a8fd7e694cc9384e0e9b65d25297bfba9ac3eb324ad0f1d665f7c867bfc556598efdd993

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads