cfa2b7b3980eefdc6f7628e4dbece6d5ed588dfb49bfbcb40a9dd51ce3914f0e

Analysis

max time kernel
88s
max time network
187s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
20/07/2024, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cfa2b7b3980eefdc6f7628e4dbece6d5ed588dfb49bfbcb40a9dd51ce3914f0e.apk
Size

2.7MB
MD5

6a8b70ae15a8d0a47a3f46dd6621f700
SHA1

361d0ac88ec17ac22b6e037d8eb0da5c454bfe72
SHA256

cfa2b7b3980eefdc6f7628e4dbece6d5ed588dfb49bfbcb40a9dd51ce3914f0e
SHA512

1aaf7cf11021aba8dbabf909dfd61e4637f36368d7be1422c179aa2b9322b9303816342b2df55c4ebed414aa83a725fc6636195e4657636be11ee1d8b17c5ed4
SSDEEP

49152:fUpIPshh4sDSRH/9U0yPqT7cklhARv8G8gXpNhhr9DiAunS:fUpkq43f9U0346jwhhr9DiznS

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.telugumv.xyz

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.telugumv.xyz

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.telugumv.xyz

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.telugumv.xyz

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.telugumv.xyz

com.telugumv.xyz
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4969

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.telugumv.xyz/files/profileInstalled

Filesize
24B

MD5
2dca8986d5de075be436d0dcf61a7b26

SHA1
019f360fcb3c90a99908a9af538ec9e1425cd599

SHA256
770b7e1fb963ec227e815ab8c66cae88cc0400d02f8b9cc159b70aee9036be84

SHA512
36b6a1e1cc5770d82d96abb5cec8bd1221f58420399dcc2eb5fbf2be320477bb49dd6c6c936a4b34698f2319dbc120fc89d6872f0930cabe44d2c5cd411357af

Download Submit
/data/data/com.telugumv.xyz/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
a83fce3c08a005201f19f69a5ed6e0fd

SHA1
02d742bed4accdd455f696c6dbd0ab5a03201ece

SHA256
db5cd414f78d9f0a940d52e022b2d51ba03af8deaff6b43ddc4ca75a77b7effa

SHA512
9a1dbeec7d46cb1441a070e3db259260f71f0f795de88e0ab7bb14a4593aa3f9eb00a8e27288999383490dd0d7958c470cee778254ecae6721d6b347bec719ab

Download Submit
/data/misc/profiles/cur/0/com.telugumv.xyz/primary.prof

Filesize
1KB

MD5
6b2ed377c665701c32178e8da367fc54

SHA1
551748bb0ad4ce191f94026ac429e3093da12811

SHA256
2326f30f12e351ab5f9e60bf7869c6086558d6d7da1ce62ccf772bd8d6530779

SHA512
6cbc2140b6d3806c584caa6a80290c20b1d11f7167ff457eadb0fd11aa1744a668e449e2e55d565c34ec10331ba4717b711d3120bd390a90896d9c0010ab8c24

Download Submit
/data/misc/profiles/cur/0/com.telugumv.xyz/primary.prof

Filesize
2KB

MD5
e665bd8b3766cc55f7267893939f2e9b

SHA1
182f44f7b007e5f9fa160101043dbb89efcb86f5

SHA256
4dda7f14ab3421802b60dac1b16fc9f7eb07dc286d56ee93c8a5655466f7da68

SHA512
7a575e4b67c4608d693f242fd1a4e273d71a108f53e22a899eb0a50a6eb305b39f483903222d00e7028bd2c21eb391e834433b1a54114ae4e85a10627a8d5794

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads