Resubmissions

15-06-2024 08:24

240615-kapp3steqc 7

15-06-2024 08:16

240615-j6he7stdnc 7

Analysis

  • max time kernel
    48s
  • max time network
    149s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    15-06-2024 08:24

General

  • Target

    unionbank statement.apk

  • Size

    3.1MB

  • MD5

    45c4640277c56d2d89649f194db8e3b9

  • SHA1

    9978bd527dab1e32d2d3a66f1a6296ce5d8273fb

  • SHA256

    933e823fcac69434b507369868aac534cd097d8d4b2d2fb20c0f2937c9ffd5e8

  • SHA512

    cca69c63a7e8db3e256cfeeb9715ea405c14371c648cd350ffd1b7a7a08910743138577e361a4b324afc31c85c88012d29a5bf48c0089a331cbac5e1802e29f9

  • SSDEEP

    49152:PpBlLgVq2K+eYhrMqCAjlgYfEgI7ESYD1r7wxqCDNr0z8gXVhhrEs:hvL52HtYqCM+n7ESY17kMhhrN

Malware Config

Signatures

  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.smsreceiver.dhruv2
    1⤵
    • Obtains sensitive information copied to the device clipboard
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5118

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.smsreceiver.dhruv2/files/profileInstalled
    Filesize

    24B

    MD5

    e802c755af9c63ab7e387a1c0ff334bb

    SHA1

    61fba6aae44723a3a607470b995e8b186d03e904

    SHA256

    229536c9461445cd2edc997efb3440807c66b1adf9784e80883d6a697c962dec

    SHA512

    8a1470b7d418c4826d6f1e6d7e40ecc1c110f2da128c6ff75c7f63332571881c590d60de5ef4d8301dc885530095a2ffdf59f9e396ef383feb11015c24f98fab

  • /data/data/com.smsreceiver.dhruv2/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
    Filesize

    8B

    MD5

    3d7c92e8726e900db680b5d44c0ea017

    SHA1

    1d2df87fb47a10d906584dcb66725784b652c33d

    SHA256

    4db0d0b5507badc62c077135631a936c03e64430732cb7001c0c1c896180160d

    SHA512

    3e4b66c555c6c69f21ee9aeb92bc3377e3fbfd11e0c3ab04f3214c86adc23b3ce0527aa957984e38bfede5df07f73c0957fc9c1972a483e2745c8f9c4a227501

  • /data/misc/profiles/cur/0/com.smsreceiver.dhruv2/primary.prof
    Filesize

    1KB

    MD5

    a5012cad2232c9f963f1d90cde29c739

    SHA1

    499ba125fb441ca3a90399d5f3b8311583df7c09

    SHA256

    1c49f2e969073c0fc77852512b0b1642aea26260e421c9bf1ffc93134ff06202

    SHA512

    664ca07f4425e5cafc9b49d2a7c407c35fc349539ba620b080a3ee0635b92c839dd981da2d2d65403e25f59556b71e33b85a9607f86942b1d93d1e9490abccb2