829363eeefcda1a03f9e86ffc6e540fcc95a29774d24e6e8322d517976dfce3b

Resubmissions

11/07/2024, 00:25

240711-aqm63s1cjb 7

11/07/2024, 00:23

240711-apyw7a1bpc 7

Analysis

max time kernel
179s
max time network
193s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11/07/2024, 00:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Bonlab_2.0_APKPure.apk
Size

76.7MB
MD5

bffad66f7d641f55682d9093bce86755
SHA1

39c2f26a07067e7f04387d8045182c5c9333c12c
SHA256

829363eeefcda1a03f9e86ffc6e540fcc95a29774d24e6e8322d517976dfce3b
SHA512

cbcc59c9a522a5c24496871631d3bad9bbb91f420fb277d1d88fb1ca2795311568e30545b2145871b28b15168347b9046a49f833b8443d92d626e879ce46ed2c
SSDEEP

1572864:2PSO3fke+d9l9nHkGHgssCD/7flitfBNBfXSUR5xsoAdLU6Y7fbE:+S9/nHfHgssCD/7flitfBNBfXSUR5xsF

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.standappstudio.bonelab/[email protected]	4469	com.standappstudio.bonelab

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.standappstudio.bonelab

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.standappstudio.bonelab

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
31	api.ipify.org
33	api.ipify.org

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.standappstudio.bonelab

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.standappstudio.bonelab

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.standappstudio.bonelab

com.standappstudio.bonelab
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4469

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.standappstudio.bonelab/cache/http-cache/23e329817fb13669d33e1f8989ea8a21.0.tmp

Filesize
5KB

MD5
bfbc24cb6a92156f9c38993ba67c07be

SHA1
1f0e02651ac0f7c0ce99156b14bbc9b92ce5ea83

SHA256
57961adab50f0750e80b7495e6d9bda4c8bda2d26dbc78474021b9f06d61c4ab

SHA512
b019b03c85af692dacaa4bc7bc6829a87064e8aa0fceaec6ff7f5ab2afe90090d553b4fec9c90aedda2e15d630c80b14dcd9a35f3220f90c4c99270e51aa95dd

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/23e329817fb13669d33e1f8989ea8a21.1.tmp

Filesize
48B

MD5
50bb521715128089b43691eabc2b153c

SHA1
3178d893c0bf24a64db65a92562fb12f2f472035

SHA256
85d44fbe6d093e724fa7aa7c33866d1be383427518d1469be7f1cb71b6691717

SHA512
2912ba7d1c5de599dd38c8cd49511d2b5d7f31a2175e65df2042a8008f8ca439fce97117bd4dc16198b1b14e05fccd541439e4ce1d362459593bced651d8bc3c

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/5007da20d5a229da2e625722e49f369e.0.tmp

Filesize
5KB

MD5
1905c4c7c24a3ca1b2422a6441cc712d

SHA1
0aa5749d363575fd64d8bad734d891e101212877

SHA256
806cc8bb1ab2d43e50b442474656b4548031ee30d9fa695b5012a1e530ea82af

SHA512
091feb457543f65400d27eecf08e705eee68639ef16460be918555de9dc33f6431f658503ed2975eaa2d8f9c536b06b698234a02ed0b16b39324865f65dcb1cb

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/5007da20d5a229da2e625722e49f369e.1.tmp

Filesize
13B

MD5
907326301a53876360553d631f2775c4

SHA1
e900c12c18a7295611f3e2234bc68e8dc0501e06

SHA256
d5543b3a5715587c9c0993a7f56f3e1ee445af837f62c38f2f3457a2ea8d00c8

SHA512
435c1fd96b79b70c370d6f769d44eca3e682404189ff42a6b5718c21bf9dc8358d72c115d68dc25014b8cb9c709af0e64de012103fce687cf4a340fa8f3ea2aa

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/9b0ea4f9b3f48a4eb06908e58d849b83.0.tmp

Filesize
5KB

MD5
5543a78bfa54d33fa54488e64053e595

SHA1
fb36f0957f1ce0d9d3caa3001924da401b230602

SHA256
9ffb4c19254e5d79c936adb8ab1d85602ec3884efa8aad7972e6d6c0d8d7cc40

SHA512
f5b6e512ccfb8597eb8a8b7e4604544fe95528b828eb8a3562a978313c7b507615954d1cfa82c9085bc509c30e3d67b2c9c8b29f6f4f1580c8868206b21372b3

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/9b0ea4f9b3f48a4eb06908e58d849b83.1.tmp

Filesize
5KB

MD5
c9338b72862948015c478804ec0e56ac

SHA1
0b6253eb3521bf53ecb008bfee369c904c44c0bb

SHA256
8b654b4c381aec6ba50632fc397b11794a2a055d2dd039f949e76b60d4dd0508

SHA512
8636c984f18094216606b079ebe92a31bcf466376e256f2713e465e558c992c7da4b05335a7df0b1958b4497769be9fe465f22b70949483b070317462924bd0c

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/journal

Filesize
296B

MD5
6cda820a9660610b39aab567ab5a1f39

SHA1
ec0cedad95aa66b3d588f4d3fb616c9aadefb105

SHA256
a1da3fb5e2cbcbb40eb122421b059fa26f6835b715f89606067730b0ec42fe84

SHA512
d0fe06b9c050237da422be1059982e2f9068ac91c93112155b75e54adc5258206b5af948397ea647527e09ef9e354a1b280fba84618d0e934d2b823269153ef8

Download Submit
/data/data/com.standappstudio.bonelab/cache/http-cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.standappstudio.bonelab/files/al/persistent_postback_cache.json

Filesize
9B

MD5
a5612927e7792641607f093050b775bb

SHA1
99216e1430784a2fc369f81e03a28e5f681735e3

SHA256
4e89c765f879a6052bf02aaed88823281bbeaf0e713f91faecc643d6d31326db

SHA512
3ce4dd5f437b9405ea6e4d6bcb16512c98914b2dd15a01facab5fc68126698cc37e0448fac28408560552e9688ad1b6948e0fb8c9d11f893635d20e970cd9090

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
0133134ec4ea1bbc786eee57d493397e

SHA1
b712b3b90a38534e1ce24c63a1077995ab6f46d0

SHA256
c62f96e3cc8005eb62c209cbbb25f0ed5b0ed1b39c7f09c5663f36478b5d119c

SHA512
f451cf0e11ccfe84fb5349ae63ce2354bb559171e8a64f3227ebf2df20fbc6dee7a1af7f49e265a662722a60d431fff01a391c2d8edef63a742587ce43731bb1

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
7e57fc6793baf9f758fa14acca421303

SHA1
86d2b1ce0e3b0b07367c0fefc1d9f2c0fcd589d2

SHA256
3484e66441306278300a8e1d9f951828f6e4199cf6ceebd8b95ed5ccf37497f1

SHA512
95be83d004c735ab10fb180a68d58e4d68eb67218acb2d5c0fc33843ca15741bbc107bdd1d06694cb3a497dffd839baa150c1e66635210fe1b41ac6e5e0641de

Download Submit
/data/data/com.standappstudio.bonelab/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
cd6b8c7651ed94298cadec54e955ba7b

SHA1
4fc3ccc528f64f027b2ae71243103039b105d16b

SHA256
e2cab3dcbac83279daab75ef12f3b10d2ccc20d969cc7d4b5b8f2a773791eca9

SHA512
e91e4f41ef74a204f50e3f6d47ae37aaddffdc203cd4761f0864dc35d48dea8a0c33fa0bd64e9f60fd5a3f74065015f70d36d2fbe2c0a3f1737a9c5fdf26d1aa

Download Submit
/data/data/com.standappstudio.bonelab/oat/x86_64/[email protected]

Filesize
606B

MD5
51b7e46503ef03e8030479bcdc83e041

SHA1
2753758c27f3671d99dec663a10930992e16f039

SHA256
28a635a587f6d989b55ac3427518d7886b791fdc33103e730585b6994972ed60

SHA512
ad5041d8a059b9f925d835d6e558b367f0cc5b429f69e56282fd263141216f806d94e83816719498553ef6ae3b6270dc89aa1a71c6112320231aca064fb89a2b

Download Submit
/data/user/0/com.standappstudio.bonelab/[email protected]

Filesize
3.2MB

MD5
42a776716f329899669f6d761d626003

SHA1
7c8a66fddabe92a33367f14c29f13955149223c1

SHA256
7aae06433cff5967ac254484d784c2c348380891d0914c56de64e7e006668cd4

SHA512
bebfa64178281625ce6a58a3ed61ec0b80278041b79a6db210ffc5e0536056174582daa32c2042d1dac5be7a5b8afa19c55a92b7067ada2f25072375c8e22cf1

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads