a8ce6d1148b4935402d9702051170d1216d5c6478126a85aea2c8a3593817eea

Analysis

max time kernel
27s
max time network
158s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
13/07/2024, 22:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a8ce6d1148b4935402d9702051170d1216d5c6478126a85aea2c8a3593817eea.apk
Size

3.4MB
MD5

435b5a6e0aa3a0896bde5e9fe83fca83
SHA1

760dd423c83616192c5917ab65c7a6d0845d7bbb
SHA256

a8ce6d1148b4935402d9702051170d1216d5c6478126a85aea2c8a3593817eea
SHA512

ecab8231a7bc2d711e250c2a69d30ccea4ccf18116fe5dfb1a5a9d16fa92cf649886c6c929aae5dd360af81bc336b1d03070b7c3410c03588b85fedeb17ec9e7
SSDEEP

98304:tlHNHirTo7AEqNEyNRl7ESY17c9TefhOrDH:7NHSEsNNJnEiTN

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	jmsjaklsjasj.pk.unionbannew

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	jmsjaklsjasj.pk.unionbannew

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	jmsjaklsjasj.pk.unionbannew

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	jmsjaklsjasj.pk.unionbannew

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	jmsjaklsjasj.pk.unionbannew

jmsjaklsjasj.pk.unionbannew
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5005

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/jmsjaklsjasj.pk.unionbannew/files/profileInstalled

Filesize
24B

MD5
6a1e0262e07ac75201a4e3c227cfc630

SHA1
e2454dc6cf7fe0bbd3a6f60c346abc0f0761925e

SHA256
f77956e119b8f46f96ebf5534ca49662d449e23861c3b252294c508b11755dae

SHA512
18c43af40b4755fbdd5af3a13813590d2b4a3c2ea2045c55d68f8b56e5007e9d18cd443717c31763a389e86d40e30184b1bb3a16270214dada079850cc8a7324

Download Submit
/data/data/jmsjaklsjasj.pk.unionbannew/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
4f99771e8b415f1bfa9cc5d01d1904b2

SHA1
d3c8495922d138d520fd3e97531e127d9efe88a0

SHA256
2500b9d7ea4826771b3b7dc3c8bac38d8193f0eaa07c8e9f25eb0523198cfa34

SHA512
cd6f0da805255f13c42f1916aed9d93a0609b0953188a086a2f4aacf2075d26e686b266947b71ac8aeb04e99f96c96ebef6cb46bf9d49c2bada3add0fd3fea8e

Download Submit
/data/misc/profiles/cur/0/jmsjaklsjasj.pk.unionbannew/primary.prof

Filesize
1KB

MD5
24eb58cf93eab7f6bd1e9bb561dda2a4

SHA1
d6b11db7adee088922f146c9bf748cafca2507c0

SHA256
60d35984525caeb63bc24c1d39e80e6954376618b1cf40eef3eb27398a302be1

SHA512
3d424902f3326f01f401b299e95ed6eedc90457d88dd23eca177305001dae083ca31dd431e23a4dc600b32a39c3359fe3dc5be28ea2856246200f38309bd5624

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads