19e20c9809cc61b1d4231cb0c3156b1a12b7ec14f9825e9fa2f8fd1eac359c08

Analysis

max time kernel
177s
max time network
151s
platform
android_x64
resource
android-x64-20240611.1-en
resource tags

androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
submitted
16-06-2024 10:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Flash-Browser.apk
Size

1.0MB
MD5

fa890c9400cfc5c3d96ecbbb46474daa
SHA1

cf0ce6fa8d5d239a3ed75ed30b7b4b21143837dc
SHA256

103a5aab1fe5ea809ad10bf9a2bcfc1bcc2542ad4cbbe894e67b536a8700f134
SHA512

50d542c1594821d01ad8ce6cde37789d34ac677c61de59ba44b9f98b46b9068ed1a1a1d36d4e6872532527af47289667f7650be6b3b4d3a7420ad3dcbabc3d91
SSDEEP

24576:H3Goet2CUaliwt73v8GLRJINNrkhocABhJLkHOOqNjc:H3GSCUq7pRJANwwnpm

Score

7^/10

banker collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
evasion

T1407

Processes:

com.tech.browser

ioc pid process

/data/user/0/com.tech.browser/app_ttmp/t.jar 5038 com.tech.browser
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

T1414

T1641.001

Processes:

com.tech.browser

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.tech.browser
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

T1418.001
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
discovery

T1424

Processes:

com.tech.browser

description ioc process

Framework service call android.app.IActivityManager.getRunningAppProcesses com.tech.browser
Reads the content of the browser bookmarks. 1 TTPs 1 IoCs
collection

T1533

Processes:

com.tech.browser

description ioc process

URI accessed for read content://browser/bookmarks com.tech.browser
Queries information about active data network 1 TTPs 1 IoCs
discovery

T1421

Processes:

com.tech.browser

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.tech.browser
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

com.tech.browser

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.tech.browser
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

T1422
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

com.tech.browser

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.tech.browser
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

com.tech.browser

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.tech.browser
Checks CPU information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.tech.browser

description ioc process

File opened for read /proc/cpuinfo com.tech.browser
Checks memory information 2 TTPs 1 IoCs

T1633.001

T1426

Processes:

com.tech.browser

description ioc process

File opened for read /proc/meminfo com.tech.browser

ioc	pid	process
/data/user/0/com.tech.browser/app_ttmp/t.jar	5038	com.tech.browser

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.tech.browser

description	ioc	process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.tech.browser

description	ioc	process
URI accessed for read	content://browser/bookmarks	com.tech.browser

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.tech.browser

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.tech.browser

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.tech.browser

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.tech.browser

description	ioc	process
File opened for read	/proc/cpuinfo	com.tech.browser

description	ioc	process
File opened for read	/proc/meminfo	com.tech.browser

com.tech.browser
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Reads the content of the browser bookmarks.
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5038

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.tech.browser/app_ttmp/oat/t.jar.cur.prof
Filesize
364B

MD5
059c45b0cf793fe1e53b391ab9dfc147

SHA1
82c60f03dae6f6ea4866d6104fb5487eee0bea59

SHA256
2c403ed9ffd05c9888a7a016d64ed64ed54ba5a5dfe339881d823d82f98e6292

SHA512
ed6a88f9240113d7274acd23c6acc4a9bca50a4ba0719eb7d189576d92994722e36950024226d2509693cae8081b7e99a9288d57c18e5edc41998c4241dd42ea

Download Submit
/data/data/com.tech.browser/app_ttmp/t.jar
Filesize
172KB

MD5
39f7c5d4a7962708aa7d98bf2fadfc27

SHA1
cb348f750596b2e54705eb7d20b9fb2cc9d8807f

SHA256
e303dc3a3e31e4d525840e20486b6a99821e330b75c11e61c0f78d56f5dd9558

SHA512
55267b2721b056f9dab24c9f29df40db648cc3bd2eef0f4464da5545e6540f3f18cd8cdd9b7e7c77fe7a4fe37a08eb1bde482edbdd7eb364dd840f7f83740caa

Download Submit
/data/data/com.tech.browser/app_ttmp/t.jar
Filesize
172KB

MD5
cf9c7fb39d30b43019bfac428a3269ab

SHA1
912d7b2f83d9d0eae24d5b4cf1a5033cd2b8a283

SHA256
9031644073855d5bc7ad4ac8f211b472c7b52b8a5b743e85b40d1864f95a09af

SHA512
2450ac53f0f2ecec5d32ce0fb90ce4ed051d25319965d6758d90e0ede8cc813d445911e7511f140510d3ed19390a1effb9c1758861a95cecde8760abe127590f

Download Submit
/data/data/com.tech.browser/databases/com.tech.browserb
Filesize
64KB

MD5
bf015973436517728975e29bc8163e11

SHA1
97679a87845a2d90194942f60a070b1cae801656

SHA256
976fb5fb2f4f4405ff69455ec01fe7f73746974a4b763edd8d6fed924a0e943f

SHA512
1ada3aed8d9336558d7d6eb88e78f5b0a94508a3afdce715ee210b1029d04623eaf28680c5c4f06dced79cbf0b9dc75a38b38eb47407a88ce08342c758ae96e4

Download Submit
/data/data/com.tech.browser/databases/com.tech.browserb-journal
Filesize
512B

MD5
085cb1def61f772ff7d8fa719fecf02d

SHA1
44d8c12b727c5a9d3ef7b59223602d49041e068b

SHA256
3c8371fdf484ecf39caf9879ae3a9d3717c9c1c44953afaf22f8e80b33735ab8

SHA512
ca60aa1bcb07f3e921ce0a6843a9ae1d07644e61be88529cf1c6a311eba920e0cf1aee0d3a7699add08bd2dba283aa3e165a6b2edbf1c457f32c345821cc0e9d

Download Submit
/data/data/com.tech.browser/databases/com.tech.browserb-journal
Filesize
8KB

MD5
6b1141f7faa7317f5139e6349e514cbc

SHA1
fd5d96437305213fd6ce9c421900f1b1c25003c7

SHA256
221440bfe0de54c6fb18c58479a3a518af1010e0e884baeb1b30cd36eb32118b

SHA512
86643e4b91dfecb300431a2fa27a66b2b5d6d41607cf6459541f02bba69799999a49d128eabf5580e3e773788b54e5ca4bf85e5c636e87afceaa741b68fe5580

Download Submit
/data/data/com.tech.browser/databases/com.tech.browserb-journal
Filesize
8KB

MD5
367fecbf42e25ca46a0688d2fc288f71

SHA1
e5df7330e64f2b74425354caf7c9eb98d07c4ea5

SHA256
cc29add1c034501b466615405fc2830d965d5f48953ff9d85207a1c8056f0eae

SHA512
0d2178bb6d101458626f22f9a0154f7e70a0ee07c02eaf0ad6ef226424605620daa0e5e51e331db882a1a8ad68ade1a43cf30604b41d36257f80d71e26e880e6

Download Submit
/data/data/com.tech.browser/databases/com.tech.browserb-journal
Filesize
12KB

MD5
657ba174afa1b194c90355f2d5b822c8

SHA1
153c84c082b4b36d2b7c2702fab39dfaee214410

SHA256
2d683f46c37bfec3ff1cd5967defa1e3906a16bb74629d12621b9d0a7d6e6fa7

SHA512
512059731491f3d29fd6160e2f3e57970d36aeb8cf57eaa8f0025de5ff9cf4b12efcfc0083372b847f34518b576c3f18eee317207f805ac2b64d2ea096156d4a

Download Submit
/data/data/com.tech.browser/databases/historyManager
Filesize
16KB

MD5
fa825da9100731f60dfdf25682ae7f2f

SHA1
7b4f3f064de4ff3fe37fb39db0bea9628bd46451

SHA256
3b54ff4c6cb875ceeb6a38037c9fc6449e8d2ef60ae0dc27af998020c89db354

SHA512
bc8315805acdb6ed1af2ccebad769f9423456607f661a425a665d8a12fc65d860bb5dc128ce238e51059d0c92847b904bfc934f7d27e74e7c1b09347316048fc

Download Submit
/data/data/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
0f644f23696eebc658c562d884260633

SHA1
e85bd14631896b5b54b92db0dc12f5114ae95548

SHA256
6dd725205d85d5c981258235cbb693e7022165a0f8613d557e2dab2643a82f68

SHA512
c389acd17ca12b7a8a7f3049b893023b9084e512fd06d32caf1ef73676969169b45725daf7792dd271556aa83ef2f8c74957320aaf692dfe67b6052ee53b5aa7

Download Submit
/data/data/com.tech.browser/databases/historyManager-journal
Filesize
512B

MD5
8428a108b0be317161c883359bd94d2d

SHA1
853b4d5525b08cd5153c9f933c8e99767ed9f274

SHA256
b5abd98dc038c904861e7732bffdff780e2555186264233d9e5059325312441a

SHA512
a575ae15ec452d042cec41585ff9e13c03bb429fba5add416cfd2b6c40ce4d6a26927b143fa6f6015cc4179bd9f57f17215185a645e10e94bd2befb523f76aae

Download Submit
/data/data/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
140a94b13882950c6266ee3600236323

SHA1
956b3dcf7496d63b9ed9f2b51b68b7dcd596d7dc

SHA256
af4e6707a99eba2e4fb7bf4d99dc5ddb97f6fac49d08c99133ee23a6f36f2f5b

SHA512
2748f6d847cc96ad8228c6d5cf20c4d94b0d3861c255ab2cab702c8d2349c7970221ed9303faa0668360c1e1314b9b5e03ba80733dc298634fa497be7bd520e4

Download Submit
/data/data/com.tech.browser/databases/historyManager-journal
Filesize
8KB

MD5
df9006529797de0e61fb349ab4759ddd

SHA1
62d73be25abc7b5dfab3f049cc177664c1e1a823

SHA256
61d563a60f6fc85c0a66a8803f2717d7fd8828fc50ef0a03e5d9da214a6b1c33

SHA512
535a3ab738db035fee0f580d2a2311739b54419ea314d5b1252470deace3f52521454131f05425f98d158a89a65a9a6d335275e41077207884621788295f9906

Download Submit
/data/user/0/com.tech.browser/app_ttmp/t.jar
Filesize
363KB

MD5
71f79ba9526f0b6a04ff423212d75238

SHA1
ff505b3673f566a812ae925acc84157a1b6f34d7

SHA256
ab9672e93263e2459e8381f5216b8d8ce928c7bff5fd74cca8ae6f32977e557f

SHA512
b8df08dabb951a4881c0bb7cba6b80b76eeef9776fff51730daa8672f0afb6fa514b9c8bb8981b93db698698a83b77391e16aa612b55cf1150d6c18881aa2253

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads