3d2e8bd0b83a48c89e44c6e9dea76f803460484517d193bfc114f20170e4baba

Analysis

max time kernel
25s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
03/07/2024, 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d2e8bd0b83a48c89e44c6e9dea76f803460484517d193bfc114f20170e4baba.apk
Size

3.3MB
MD5

41450833c1eb6512843b2beb27e121c1
SHA1

634ff3c0a3346935b1ec4d0fe32fedd7fa0c4b5e
SHA256

3d2e8bd0b83a48c89e44c6e9dea76f803460484517d193bfc114f20170e4baba
SHA512

31b98d9506cb8d9e5667d4c7c81c85ebf7a254f2fb077ba586bac5c7dc32f4f1c316ee13494885efea785da4afa7eb47141ef0ee39d0ac4a0ed2658aa5ebe548
SSDEEP

98304:3AgdTzuAlEK4z7vzS87KEoIwDX6WDBqap043k:33B9lbivRebIwzDuB

Score

7^/10

collection credential_access evasion impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.lijyutuportal.android

Checks the presence of a debugger
evasion

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.lijyutuportal.android

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.lijyutuportal.android

com.lijyutuportal.android
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4457

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.lijyutuportal.android/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
88412784fb4643d6b6090335d5b0b34b

SHA1
63ab79803d2a0c8a7ce4692c6bb57d3257547635

SHA256
20096154f394cd416e91ae14957525ccb3e9264bdd5897be7043bfde0472c325

SHA512
ec508e03297c0e55e6b1da0271d052f2e22ad03976646a4da47c7ec4ebbf8ac0c1cb0b71f974f649b5d9f25e099b09691f0495b4ab1ec6ccc22925914568b6cd

Download Submit
/data/misc/profiles/cur/0/com.lijyutuportal.android/primary.prof

Filesize
2KB

MD5
a6a00e27c25303a7a132fccf5b8c1297

SHA1
b6e7b91825752f76b3830c712701e8b650172a18

SHA256
5b6b5a1bc7529a209a856cfc4dbfec1047b431ddb1358288d74f2f7704c4222f

SHA512
dd6ea31d7a4deb23dc251ffdd11562b2745c6d3b83923cbf3dd8535e545692fd1ef5b9e8199f20af1b2266d3991baf2416fa9de9358c0cf3d88c62582ff080a0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads