829363eeefcda1a03f9e86ffc6e540fcc95a29774d24e6e8322d517976dfce3b

Resubmissions

11-07-2024 00:25

240711-aqm63s1cjb 7

11-07-2024 00:23

240711-apyw7a1bpc 7

Analysis

max time kernel
179s
max time network
195s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
11-07-2024 00:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bonlab_2.0_APKPure.apk
Size

76.7MB
MD5

bffad66f7d641f55682d9093bce86755
SHA1

39c2f26a07067e7f04387d8045182c5c9333c12c
SHA256

829363eeefcda1a03f9e86ffc6e540fcc95a29774d24e6e8322d517976dfce3b
SHA512

cbcc59c9a522a5c24496871631d3bad9bbb91f420fb277d1d88fb1ca2795311568e30545b2145871b28b15168347b9046a49f833b8443d92d626e879ce46ed2c
SSDEEP

1572864:2PSO3fke+d9l9nHkGHgssCD/7flitfBNBfXSUR5xsoAdLU6Y7fbE:+S9/nHfHgssCD/7flitfBNBfXSUR5xsF

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 5 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.standappstudio.bonelab/[email protected]	4476	com.standappstudio.bonelab
/system_ext/framework/androidx.window.extensions.jar	4476	com.standappstudio.bonelab
/system_ext/framework/androidx.window.extensions.jar	4476	com.standappstudio.bonelab
/system_ext/framework/androidx.window.sidecar.jar	4476	com.standappstudio.bonelab
/system_ext/framework/androidx.window.sidecar.jar	4476	com.standappstudio.bonelab

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.standappstudio.bonelab

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.standappstudio.bonelab

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
22	api.ipify.org
21	api.ipify.org

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.standappstudio.bonelab

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.standappstudio.bonelab

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.standappstudio.bonelab

com.standappstudio.bonelab
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4476

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.standappstudio.bonelab/cache/http-cache/23e329817fb13669d33e1f8989ea8a21.0.tmp

Filesize
5KB

MD5
1f251f95ba948f11fe007c70eb7c1210

SHA1
83a59857a2decdf8f940222cb791fa7b0b86e2e7

SHA256
7dc1716a48dc09a436a954d17123dffaff8420dda19f340bb20f845e47571a65

SHA512
447ab5c021953f229d8d9753c6ded16234edd11923d0399fa26fe9c819f01a8585edfbd9713e1306d3b8c76e20f14e8fb33f054b6fab6c3abcefe57764302230

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/23e329817fb13669d33e1f8989ea8a21.1.tmp

Filesize
48B

MD5
50bb521715128089b43691eabc2b153c

SHA1
3178d893c0bf24a64db65a92562fb12f2f472035

SHA256
85d44fbe6d093e724fa7aa7c33866d1be383427518d1469be7f1cb71b6691717

SHA512
2912ba7d1c5de599dd38c8cd49511d2b5d7f31a2175e65df2042a8008f8ca439fce97117bd4dc16198b1b14e05fccd541439e4ce1d362459593bced651d8bc3c

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/5007da20d5a229da2e625722e49f369e.0.tmp

Filesize
5KB

MD5
003a40df468387cc937bb32c1132777c

SHA1
9073ff084a09c98c6f74526966353a65d741a21c

SHA256
7e0ac8606f4e05bfb008b74bfabf58d637f77aa068acb961c86eb87bbf0bff07

SHA512
61a43e2ce9ffd40113cf9fe24670e691b7755e0c8b308103891b15cbbddc55a13398c91763f2bac96dbf1dcb506b6c65f0236a1425b2d61d482e785893eeb882

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/5007da20d5a229da2e625722e49f369e.1.tmp

Filesize
13B

MD5
907326301a53876360553d631f2775c4

SHA1
e900c12c18a7295611f3e2234bc68e8dc0501e06

SHA256
d5543b3a5715587c9c0993a7f56f3e1ee445af837f62c38f2f3457a2ea8d00c8

SHA512
435c1fd96b79b70c370d6f769d44eca3e682404189ff42a6b5718c21bf9dc8358d72c115d68dc25014b8cb9c709af0e64de012103fce687cf4a340fa8f3ea2aa

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/9b0ea4f9b3f48a4eb06908e58d849b83.0.tmp

Filesize
5KB

MD5
f996b7f6c91b2f61925510ae49f57b01

SHA1
8d9d52b055b6b84cfa2373a8396f9dfecef51a44

SHA256
a8e60ab058365b06e766c239ec738070b2fa89d0a916636354b4bf94da7cbd9d

SHA512
9ee3f575056a32828395f45eef69534c660c9024a59888eda2200b126d1deccc2e6004b1a070672a0490b979ccce4be126abe4e0bf7b2acc9fe02e041bc72da5

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/9b0ea4f9b3f48a4eb06908e58d849b83.1.tmp

Filesize
5KB

MD5
c9338b72862948015c478804ec0e56ac

SHA1
0b6253eb3521bf53ecb008bfee369c904c44c0bb

SHA256
8b654b4c381aec6ba50632fc397b11794a2a055d2dd039f949e76b60d4dd0508

SHA512
8636c984f18094216606b079ebe92a31bcf466376e256f2713e465e558c992c7da4b05335a7df0b1958b4497769be9fe465f22b70949483b070317462924bd0c

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/journal

Filesize
296B

MD5
6cda820a9660610b39aab567ab5a1f39

SHA1
ec0cedad95aa66b3d588f4d3fb616c9aadefb105

SHA256
a1da3fb5e2cbcbb40eb122421b059fa26f6835b715f89606067730b0ec42fe84

SHA512
d0fe06b9c050237da422be1059982e2f9068ac91c93112155b75e54adc5258206b5af948397ea647527e09ef9e354a1b280fba84618d0e934d2b823269153ef8

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db

Filesize
16KB

MD5
da4c81d9a032121236a4ed034c0cc9d9

SHA1
6ea1d3d14a34c4dbe056fc4380747d3970cb3498

SHA256
30b7dde5771b5ef3cb6cd033fa2b1618a0674f41f47c1441855f3da24887a0ff

SHA512
e61d8e6af3d48cc6e95e34568209bc24308db9d751dd1451538907df0e7caa67e329c4615911b0c6614275f3e5cfb2a8a38288f5818487c5d292c18dd857849f

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
b6d5251faecb452b895a34ae578eec48

SHA1
429b1005657a6de550bc1ac5cdd95bbeeaf27398

SHA256
d5b06a35e0da22fdc7207714910513def756f8945db4870048e29f072718ecbd

SHA512
2258fb3a9f10a4dde08eb8fb68db01ad6d8aa113896f4efea0d62a43cf5a534156309bf57f3c90cc07dd590f3fac092bf008f7e685325ee28802a8a70432c1fa

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8272eaeea26893e83ff8c6bf1c076d8f

SHA1
51554815d218b2747502bab4d3c5cff8a7af3b02

SHA256
6766c7cc540f14ca0983f0dccc14c87f88a8ff20a7b08b652fe57d3057c383c1

SHA512
ee8f209df9db0ec9837703657f518b59735f62d22ed093b2b4b9ebb6d42d3bd4b2b966811f50499cac0e89251d106c6f070b829bf1c134412336c890c80f3bb5

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
74c02066b1acbe89a9a8f2df7cc72960

SHA1
2c3e9e5a72cbe0f8d8d1c03a96e8b43839622508

SHA256
070fdf2762c83288b8251472e6fda4a63a4a159fc6fbbcaf7b4cb4aacd00c4df

SHA512
ed026957624f8772b6e84f3536ee8bfd52739a5e74d98bcd78ac0429bfd25bb323b717cd89081e484e2b379c335010ec7085d2c98946466dafe694c06a70a55a

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
80eda74c6bf95b40981675f1e76b806a

SHA1
8cd793dacdd29e73ed3a3bdf5f50752e7af306ea

SHA256
048962f8f9d4e1ef1fe4ce0a4ca22ac6e0f4c64449877e69f4574f66dc5e519e

SHA512
8f9eb945d5b458f2a063a28328a9448662de6e0789bb1032f0c1635fa8b1bcd8f52a08bd23266ee6e90d7002b1919339b72d53e5b5ee6bd15ffa850e8fc2d243

Download Submit
/data/data/com.standappstudio.bonelab/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9cbc6df28ae9f7db1333b051066f4982

SHA1
b6a988a90c4e9693eaf2b70c61e34917dacf36e2

SHA256
9b7ba40ccd9611f879c63eca2601bfb46f872cbf4dadef992301c3fd4c73086c

SHA512
3ac37fb201be2242b539568a22af649c6325a2219a7a269d457d97ce9cc73b3b967a9fd82082792867005c012a4ef7ca2798839542e018edc78a67a712d20016

Download Submit
/data/data/com.standappstudio.bonelab/files/al/persistent_postback_cache.json

Filesize
9B

MD5
a5612927e7792641607f093050b775bb

SHA1
99216e1430784a2fc369f81e03a28e5f681735e3

SHA256
4e89c765f879a6052bf02aaed88823281bbeaf0e713f91faecc643d6d31326db

SHA512
3ce4dd5f437b9405ea6e4d6bcb16512c98914b2dd15a01facab5fc68126698cc37e0448fac28408560552e9688ad1b6948e0fb8c9d11f893635d20e970cd9090

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
ca9b5d0cc322f67fc71a109f7741551e

SHA1
c2e866347c78f5a9e10684f42f81cfb848ac7f2b

SHA256
a2e72a265ab8cb51ffd66ccd92dcb96f3aba8c651ae6c69a3c8d12bd257af007

SHA512
1375dfd78f2e063c8c878c5168fd48b930612b77891bc3ab506c3f10a2a3b5932cedeb2bac13cd04a35ad809398fdf076b5e7492baa85d12bbba66c189e31533

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
4215e431a17a1647a2ab46eeff425e82

SHA1
1fcb390c4e835c25faf80e2b3e55dab698e629e0

SHA256
ce38daab902a9a6e0c7eb2cdb7f05f2aa43e23d9123b0ab0440738fac9cd83d9

SHA512
7176cfd2c9ceaa3b59c6c7bcc36911e5801ab034859957233061dfc5e8e9486a8673f62f00b1e09a9b01e5dc7dc72902a3250df8fc1713630d285623f8d0ad93

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
8e44c382449445a95065e9d70c98ef75

SHA1
14519b329684f37ff9cf78ec85879b17d5d373f2

SHA256
56899d4266c9c539a864fb349a9a49b62f300aafff76b475755de8e08922a538

SHA512
759beee58b2953f593010ce0be1e4a083ee59c7e9f0e3d94d0c7e2de04f492f0030f2e8a7ea9144a33e3a8b21be95c22832351185fda88d45e8a58269e21841c

Download Submit
/data/data/com.standappstudio.bonelab/oat/x86_64/[email protected]

Filesize
59KB

MD5
68a5a1b01f17c28251de34468b1d15b3

SHA1
4037a9beaad4e27079154dcfa385b969a811537b

SHA256
2249c39a9def752cf00d17c2f469446ec6bb96257f30908f21ed2525653de787

SHA512
2b3e9ee011242709708b7322f61e0e5578e8f85238d4f7f2aa6140d91d2cd2125e9aa9dc3445090dfd70e64fc32cda0b756b271615f9c6a31857a90f77ba7580

Download Submit
/data/user/0/com.standappstudio.bonelab/[email protected]

Filesize
3.2MB

MD5
42a776716f329899669f6d761d626003

SHA1
7c8a66fddabe92a33367f14c29f13955149223c1

SHA256
7aae06433cff5967ac254484d784c2c348380891d0914c56de64e7e006668cd4

SHA512
bebfa64178281625ce6a58a3ed61ec0b80278041b79a6db210ffc5e0536056174582daa32c2042d1dac5be7a5b8afa19c55a92b7067ada2f25072375c8e22cf1

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads