cbb34018e304fe3d88abbe31bd8da90e52f62c9200024ba7df7d80e6bf2d32c4

Analysis

max time kernel
162s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
27-06-2024 00:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

8ac01d4b53f2a6d14c054c50ad9166c8
SHA1

e5e90998b6f6416458c9f9bbed12943826daae1f
SHA256

cbb34018e304fe3d88abbe31bd8da90e52f62c9200024ba7df7d80e6bf2d32c4
SHA512

e71bdc8653037093923d72207155e6a81129f733acec256ec28d328819e51790e6f1600886251527eb4ff333226ef39281f97f83bce6119a1dc6ad47d24cf256
SSDEEP

49152:S/76xEtE8qpwRxqPjPLnJe6QhXBJw/OyH3EQnBAutAcCanljLIx/zCf6GMSs1Eex:I76C+9p8qP7LJqcLH0QnmutSanljLA/l

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Mad.api

Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4465

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Mad.api/cache/2

Filesize
65B

MD5
27c687faad222caddb45b3f83388215d

SHA1
d0c778c99e4d16464759e5dd4f193338372bd000

SHA256
ccac02d818c9214c7a52ed051dcce3bd63e5df576ccbca90b1b58d4492d579f4

SHA512
af3227b2dcbb61bf0f4a21d46dc53f845877218ae1f8689795fb6a93240a6a163457587bd11842d2c8c9b8283a2fc211c0f78bfba020b8505d4a22fb7f66d65f

Download Submit
/data/data/Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
201562fee76c087c6e633bf5e90e2be9

SHA1
465e023289a18d10bcac871077523096889b9c3c

SHA256
8690d3fc546d0d1320b3510f735195f9881be02e09fb6e00283a5ba0ee055bfa

SHA512
d896963f2f0e5a84612ca04e177e89d1443b2b3a8a56dd682e00b01782de139a92a837dd6616fe44e92e9a5cf3236d533c45923ff257c9d7e55b99daa2e83464

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
29d8165fb6bbcfb0f0b7ee059d45f95b

SHA1
85e37c67c22f6386227a53f3911d4a2d6e71f52a

SHA256
78219378ee396782fc6664b41f08d9ebf0f24c5eae4c4e5d9ce9ed24b1bac0d2

SHA512
b431cb544d1bdb0b5b8abda3d6b8359b6ff32369ee78cab631dcd80acec54e8cdae1c20f58c1f10e4122763c7497c8a4ddf75299d65a481ee324800399761700

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3bf2fd12eaa4aacffcb3bc98f40943f9

SHA1
7dbda13cafffa76af46945e3d2d8cd4b78ff1e14

SHA256
75dab3d109e5f3cf7d347018406bee8834ab5079c8c1e0600c8b462b4013ac7e

SHA512
ac37cb8c949b9a54b7a2fa143a3bd121dbbb1a72d8d31edc79a498636cd47eba10a42dd450190d91f21a80440674e0f5cdad7d3b43695eb72e755477ae5a3fda

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3ddb05ad4c79bce9873652f8b5325e64

SHA1
5473930c50297790cbb51b0e0c5ce8eca38285af

SHA256
1bfd290b29b07cec026eb660ba00b30c77d6014986296610a1739bbb781b850a

SHA512
bbae74a18f1765b2cd04de58e57c8780e92e0d7d6e05d64318319c975698e677284ded28d71c2b550322912768f29509ae5ab06877bf0e95707215943c8c6a7f

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
09ebd40703522e4adae936e692ad4f4e

SHA1
c4d963f2a22893d65ea7398415d67a8941b206b1

SHA256
4052bb95705c1ce20e6475349e3d0662208688841227673afb7c97f8e6e1c63e

SHA512
a8c5a3a3fcc9f2fe86b1ef9a697d7bbb0f535175d908b72e99cdc9ad8d98a3cf72b39e2a2472cf981d412f2547f94cf2e932a4fef71c6f5f14d80c0ed6346fee

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9ad10ad8a51231c82402cc37a28cb7eb

SHA1
be43836e38557c44fa87c7318b47431f20011006

SHA256
204f8223fd1e33cff012c14568ed28bdc9758cebd584c577306d251f180c969f

SHA512
fd9c404221e125ae40d1f769737a885c08cf5ff06e6e207c2d7593ea23bccefb7d1e60be6b629c0c11137cff98bfa946a91855e53d7a1bc4fe4e520a25b8d5c6

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
09dadc40f62f299d2e5f8a2b134d8358

SHA1
acf162bc7c7bb583c43fb1481f48c05263d927e4

SHA256
4bc93ce5c00b6b630e9a850cc261519fe726ea499300e46bbc2cd578d1337fdb

SHA512
113af27690737ccd1659998aea7dd123a304594c0f7760b0d89b8822db90ecfb53e2ef689b183ad7a94603c478fb3c72a6c759ce53f4e700af4e02789c609960

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
083bca55da17eed7fcb879f913db629b

SHA1
3afcb0652d062ccf527ec0144e2688295ae4d6c8

SHA256
eb1e9febb2600f7419d45f0f4de0d8ae311889d1949c8558b2f8ce37ffc12554

SHA512
60c2e0ca3c8adec5c8722905103fca3c7b908af3e1d9c24059a7389347391c34c2ee55fe89f0a14090cf5f0af7f4d7950779ca40c2343e0f771e070a926b6a17

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
5300f33b476eef5c3c587cc85ef33b32

SHA1
e44839a257e6319ed9c8790987a59221d077869c

SHA256
6d5e291e470f49d828d0ea3a7f950183ada593c83180d705687ecebb526e32b8

SHA512
53c6e53c8fce7f5a21b438c187718144b135f3e8648b6f5aa3ad581a2137627a58522665042301d3d2fa8824cbe70d278614bda7b56dbfdf842bbd68e7a525f3

Download Submit
/data/data/Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f98bb3a8e2663c833bd486ba1b9435e5

SHA1
a40733fa9a41f8069b3ef7235915375966b2a89f

SHA256
4252643d040af6cf235043952003ca7b5f60e867145324c57b5f195d236ac419

SHA512
c169a4800340e3780cf8e9c565a4931fde2584be499c69bf1e94c6e0b33ef9703e6ed50b26e5a571701a3b65b11101d1f52d6b0f47b1c41c8ab647d740aa5f58

Download Submit
/data/data/Mad.api/files/PersistedInstallation1399774395283199578tmp

Filesize
571B

MD5
2ea88605d0e85fc6d88d8b1c691af102

SHA1
cce33d6ad42bc9501f5bcf664d8a51d0eba1f2d3

SHA256
4af840eee7b7f758254fb26e4cbe6ecab6e29fb6c04de606ac4f818a1f33363e

SHA512
227aed4ca3ef79e4f4e0ea98e85dd0ef9e2314ac19dde145bc2c87bdd26c2f160a4b0fe5db846862a36dd7d180d72ac35587237e7e64e6213236d1f6ab2a819a

Download Submit
/data/data/Mad.api/files/PersistedInstallation6033334327585286019tmp

Filesize
90B

MD5
f32a681bf2d585d7a0bb1122b7ef2357

SHA1
914af5606ca5169faea0095e6c15ae2d2e29bed4

SHA256
a366f774a534b16070dfe3381553891f40d58801aa33429b9bf7dd919d0bb0e8

SHA512
a4af54d1c228911006efe8c3ab33950b215fc709bafebc9c5a03add7934f54f25f7942830da6f167aa16b21d32a1f420e981387f1302b4391d9626ce51647c7d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads