Resubmissions

15-06-2024 08:24

240615-kapp3steqc 7

15-06-2024 08:16

240615-j6he7stdnc 7

Analysis

  • max time kernel
    92s
  • max time network
    130s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240611.1-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240611.1-enlocale:en-usos:android-11-x64system
  • submitted
    15-06-2024 08:16

General

  • Target

    unionbank statement.apk

  • Size

    3.1MB

  • MD5

    45c4640277c56d2d89649f194db8e3b9

  • SHA1

    9978bd527dab1e32d2d3a66f1a6296ce5d8273fb

  • SHA256

    933e823fcac69434b507369868aac534cd097d8d4b2d2fb20c0f2937c9ffd5e8

  • SHA512

    cca69c63a7e8db3e256cfeeb9715ea405c14371c648cd350ffd1b7a7a08910743138577e361a4b324afc31c85c88012d29a5bf48c0089a331cbac5e1802e29f9

  • SSDEEP

    49152:PpBlLgVq2K+eYhrMqCAjlgYfEgI7ESYD1r7wxqCDNr0z8gXVhhrEs:hvL52HtYqCM+n7ESY17kMhhrN

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.smsreceiver.dhruv2
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Checks CPU information
    • Checks memory information
    PID:4421

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.smsreceiver.dhruv2/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    dfdda2bf8581af0c8fd5948116d7f415

    SHA1

    3900e07676c596663a743f5d1d0b33bd011619e5

    SHA256

    be6fb89910d62ab5c89255794d8a5cb6cc288e462b7d905c27917b0e34b19f3f

    SHA512

    10ce3a4e4d46470934e766405cffbb3e9123c04c7c9d02a35fa43aef58fee8a69f748e7bbfeec6b9e7ce319d335ce57c5ae942b4c6c680e9d64816d8c17346e3

  • /data/misc/profiles/cur/0/com.smsreceiver.dhruv2/primary.prof
    Filesize

    1KB

    MD5

    a5012cad2232c9f963f1d90cde29c739

    SHA1

    499ba125fb441ca3a90399d5f3b8311583df7c09

    SHA256

    1c49f2e969073c0fc77852512b0b1642aea26260e421c9bf1ffc93134ff06202

    SHA512

    664ca07f4425e5cafc9b49d2a7c407c35fc349539ba620b080a3ee0635b92c839dd981da2d2d65403e25f59556b71e33b85a9607f86942b1d93d1e9490abccb2

  • /data/misc/profiles/cur/0/com.smsreceiver.dhruv2/primary.prof
    Filesize

    2KB

    MD5

    6d09383e748e19fb9f21380270786b8a

    SHA1

    88d603779efb7e60651b66ec3b9df4d6e1398ccb

    SHA256

    d1fa49224c984c4af7d0ee1140d384f3c74edde9710159e7844a43228b32de25

    SHA512

    05feac80f7e1c43c22893f49aaf934985297a8881e11a29cbc48e6339efe4e33b6657b9dd850dc08d5aa502ea16305a33aa9dc17030c39f3578e207d89be8f89