xamalicious | 9b14c548e907abda6a6ef0d257ff626395dd00bd7b07366be0cb9e2e1b8f1ebf | Triage

Sharing

General

Target

com.universalcoinminer.cryptonight.apk
Size

13.8MB
Sample

240625-j3yysayblh
MD5

49e1c42d2a73804797bd9cb8ac79e258
SHA1

c2fd54cbcf327f2fda474817775d72db28b8be50
SHA256

9b14c548e907abda6a6ef0d257ff626395dd00bd7b07366be0cb9e2e1b8f1ebf
SHA512

b369b99faa31adb99fbc677b1371602a95dfdd8109b5debeb9c7818b615aff8ac8fa4ffcd28aa073a7dc7adac97e2873a46e5ccfbf2266f335fd8feb31174e77
SSDEEP

393216:TFq7jnC7ZiiEIwVmRipdlZE3xizNSyDYEZUDS36Yx:8nlIEUipR4izNSyDpZUDY9

Score

10^/10

xamalicious android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  com.universalcoinminer.cryptonight.apk
- Size
  
  13.8MB
- MD5
  
  49e1c42d2a73804797bd9cb8ac79e258
- SHA1
  
  c2fd54cbcf327f2fda474817775d72db28b8be50
- SHA256
  
  9b14c548e907abda6a6ef0d257ff626395dd00bd7b07366be0cb9e2e1b8f1ebf
- SHA512
  
  b369b99faa31adb99fbc677b1371602a95dfdd8109b5debeb9c7818b615aff8ac8fa4ffcd28aa073a7dc7adac97e2873a46e5ccfbf2266f335fd8feb31174e77
- SSDEEP
  
  393216:TFq7jnC7ZiiEIwVmRipdlZE3xizNSyDYEZUDS36Yx:8nlIEUipR4izNSyDpZUDY9
Score

7^/10

collection credential_access discovery impact persistence
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

collectioncredential_accessdiscoveryimpactpersistence