161c8274f6530ee56fc2435577b52e32ebd8e2876dcb0c072898ec112f58767c

Analysis

max time kernel
164s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
16-07-2024 10:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f20a0bac3df3c4d724579608f10beb1e.apk
Size

5.3MB
MD5

f20a0bac3df3c4d724579608f10beb1e
SHA1

a0aa8c2686309aa0ffe8e63a29d7fb74f5338c05
SHA256

161c8274f6530ee56fc2435577b52e32ebd8e2876dcb0c072898ec112f58767c
SHA512

c6e5ac138d9bb62f244f679e934bf435ad913633114b613e72ad42411a2f5f2256e399ae5fa5d9ce48ecba0b9d9840f04363d3aa8eefa7ebe37006e4bb122171
SSDEEP

98304:bX6vH0fpdsCl039pnVVuzpVMAPHS8rf/O+T1LU2ksCqWxi1dcAX7LZoTwr5xpiT0:GvH0fpstpnVMVMAPHZhpLlksd1cA9pN

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.example.shineinterview

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.example.shineinterview

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.example.shineinterview

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.example.shineinterview

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.shineinterview

com.example.shineinterview
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4971

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.shineinterview/files/profileInstalled

Filesize
24B

MD5
ddbf2568df9da22a1f0380665f86fe46

SHA1
8dd982d59ec2c4e5d8e84d6624e116f5465978f7

SHA256
cfecd672af87890a97f0011087d68f5f126b3b3545857a3da7c3ff9e4dcdf80a

SHA512
999a3041cc91cf8880402ab1377812897a788d872dc4fed5188d4b414d4cb9f2a07e86d1ab6da6eb177f6c81ac1079ddc2c052b4267ed51e9a5710b22a50fd22

Download Submit
/data/data/com.example.shineinterview/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
591adf34efe5415998221225bf2e87b7

SHA1
76a7da7e8196b19eccc1cef087e8f53a1969a3d4

SHA256
496014846bd71e62171d94f4c6682ab5543efffeb2caa9bc9b4e2677af181946

SHA512
17f19ac159f923ae8deae92aef6184c8fdadcd6446501df03cbd872d4607aa98fbb1ffcb850c9d874a1c1de23f4f7401fb3aa1323ca574bb65cf6f236f22416f

Download Submit
/data/misc/profiles/cur/0/com.example.shineinterview/primary.prof

Filesize
1KB

MD5
a9c5111aad72022a092dcf2436762c8d

SHA1
26a467b78bc11a467f4606a31e6b3fc2ea72f0cb

SHA256
dc7cb49f8558b6696e2d2a8bf432ae36735e2aaebc0697f3745d97edb6e42a76

SHA512
d86a5a4b4d30f148b6c115d7ff192e796a91a228a8f9314fca355a558feaff343eb55bd5265cf543ab61f0aba5d0352fc9d6ff2d38aca1592075855167919d33

Download Submit
/data/misc/profiles/cur/0/com.example.shineinterview/primary.prof

Filesize
3KB

MD5
7f6f1efbd1880b8619f5fee910ab0e04

SHA1
d55bf0c39ecf056d314ae16348a7691335571df5

SHA256
dc166af32b3a0d9e620a0809f296b7515a47b5c965755f98bec9db82f507635a

SHA512
ed4f9a9eb19334cba939f48995bfc71ed8f584acb2c69ec61dc4629b3ef4e9d123743d0480e934c19acba7c77d0e325a60eb65128c2581b2f2e529a3aa1c835d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads