0dfb898292c16c395943a38ac8c5eb7b4e9f7d72781cb901df295ccc279717f9

Analysis

max time kernel
10s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240611.1-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
submitted
14-06-2024 16:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eblagh.apk
Size

2.7MB
MD5

d790728ab443c2f8cbcc75436d015667
SHA1

f5e7c9f2f978cfaccdc83af40496644496e7199d
SHA256

0dfb898292c16c395943a38ac8c5eb7b4e9f7d72781cb901df295ccc279717f9
SHA512

43c5eefd1eca0e29e3ab48066f0f3ffff19985e0fd23897205302479f2a2084f5eabbeff07faaf6164bc67ef69c75cf698a5bc0e3b491ecfbf2f75e3a82f9366
SSDEEP

49152:w/mbwyKDDDDIDDDIdRnNOA+Wj765PNGtCkJ97xxZPk66gEYiNXZ5qI8ZM/xXgqEN:ejyO9n+WK5FGI09Tt6fYQ/8wXpEsQ

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.general

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.general

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.general

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.general

com.general
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4650

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.general/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
04dd0378aad30b37d6b873533b328b6f

SHA1
62f0b9b7dd13da00b3613226e6efa019e4456197

SHA256
2b33ff8ac7d683c89b2c4f1ce76abee442c021f7f95f0619d28f8812848ff50e

SHA512
0ddb578537d5ca819eabef0123f48f000d59295dc63c437b356663fd5cb2a29a76445c4ece4d6f93239d5fe663cc7d9ae526d229232991f35fb3b533cb25e5c2

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e9435053865ebeb34ae2fd64db97b359

SHA1
ef4819897f5bc9ee0fc1947d49645c69f38eef74

SHA256
5ef5c42b1ce38567349dd1266fa57a4cfbf204b6d6b8f6fb2c27c5056f3ccade

SHA512
2f51e215fdb607c4fdbfcb04a02346ca7024bab171d6eb0bb0511c10b30d00671eb151c87de024da254d5bd7b5cf2e5e9c3ad55266c5a128e6d681303b55c937

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
aa4695e4e007b8e942f7dd878123deb3

SHA1
4bfd4c7def4859ba240dc6f143979d7fa6f57f4b

SHA256
3b15011d748ebe430ab16bfe447ed9bf1ba46ab8e15282f5c0f750a05f1602db

SHA512
e2051f51320d5fd54003d43646bd9544279b2322010e20c68350859a080665d58e87d34d9d6cab4acba3c9dd6ac1ff8365c5b3e05293d85c379a2a7fe442294b

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b052c1c6176410f68abe98be5bf92263

SHA1
41ad7c39bdeeaf1f47856a6b78b5be89c43886b0

SHA256
0fa31f918be3ed5d4b1d33067f4820775f01c9edac96a5b72f392d38be25d700

SHA512
dcb82fdbbb75f71a883bcdadedb0453ed3dbf28a0aecb82e8289b0c3b160ac5f357fdb2296aa5530141e83c7fc07b5061499bda78d7f5deb738ef2c295da9d7f

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d73ea2f8e304ae366cf98cd45a422801

SHA1
5c51a8065cdc863df307697255809e3001f34894

SHA256
79e6923e5980a7dfeb9904a3f6def192693417a45e60968885e9463c74127366

SHA512
6258060e9193555a0909f48bbf119f47511792b4731cfac397eba43d1106909b3f5e5b40231de3286e193d86d20899d555bb4b44ac4952475ff38d7eaa4bdad1

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3b1ef0e5ca13fce34fba23c1f268eadf

SHA1
c75376807c2fad45b779326ab8413a154b7c6a9d

SHA256
380856868d3bd59ef2b7020c7b1a62098495eb5065edeb6758ec2871d296a008

SHA512
15dacea61ac966fcfb995113dd766ffe380ea1721b01935c5504c1af5b328e07c51efaab1a4f0c622b2506f8195c1585e3584d7132a8bc0d027990a016730d53

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
368eff8ee8e42d227b9a361f6d389d46

SHA1
7fe5ebb3c3cc38ce2eec12ed04bbb0de44553a30

SHA256
b9582eee17768a346469380219beb882b3cd32e9ef138e2cb9510ce5cb53ae02

SHA512
1884f88b677631d21afba61da4fed69628059ccaf53f0c73f0d94d52cb699d06eca602ca6ed56f44ea85d8950315ea2693de89833d7fb205cb965f4797c22f5f

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
cbcc4643288ace1ea76d465cf85b3c39

SHA1
1ab455eafa186dc12610b8d7c730aa7c03ccd89f

SHA256
3ff4789386cfe7b5524041b46cb7522a4a892639383baaaa7ab46be481a1806c

SHA512
e376915da6a248fe3de8bae76be50c269c9f6ab021672f966899eb530f8ddacf85a53a8b4e9261ffd8b6d3319ba947de2a953c4711780f67c90aad71f34e1431

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8e5362178eb5d9f9f0dcbd8dc3be2ce3

SHA1
41e081ed215c072eefbcfc8961f317f460e7781d

SHA256
b88b06ab4768e1f50c0eaaf855fa1d4c773aa007166579e6572fadbcda4a22d5

SHA512
a499b6215b51081c8cb0b4fcf07cb997c6c7679b9651bfdc30e8e31b07648d50e69c267c480190ec4cbd6ec2b7435e74e4dff804e6d8cd07b4b06a009cf6ddfd

Download Submit
/data/data/com.general/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
90329ec93e5c35567faf20a79cd3b2c6

SHA1
6d08d18182d464751ceae9009fd6c218076840b7

SHA256
4913c7d8c3b6e2b77780f9b0648da8bc8d45b0d6bc061b24071412a1f38097e0

SHA512
1f4398ed52c63053c12d0e76e8c2305f58e7eed75d346bfb1372e121dd83f7afff68e9a16a3592377d3a8d0f5b67a86e815ed53cb774e264bf560a0d8ec57043

Download Submit
/data/data/com.general/files/PersistedInstallation405325915434644075tmp

Filesize
90B

MD5
a16b5ef8205fbbcde88f0f3ba6d697eb

SHA1
85c345b9cb32caf361067d71b199e2172b0205ec

SHA256
30d816f361c5b23f67e02c958ab2fe011679662864c336590115bcd8857625b8

SHA512
488b8de4a264441b28ff6994b3e7d2a950e83c30a7656d09e5c685bf5f608d24a2dc26da8c1937ad66f381daf65b9e14c29685bec6133d70fd908707a99abe6f

Download Submit
/data/data/com.general/files/PersistedInstallation8303798736132369170tmp

Filesize
567B

MD5
b5ff32cee75e2bc2290d2aa62ff76b55

SHA1
a191c43248b765b605767c3e5d2634f8a3bf8683

SHA256
385add086ddeee86de67c82a4f46817c849e8a98bca536af323218656c0d81e0

SHA512
e6e64504b0aaef7ade937af4e12ed2d287b537efb2a1fc254a144259164258f9e331da65b3ccb951228f4138b86890b23e3dfd95decc4084e47871d0982aaa01

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads