c8796dff622e456bb5b0d428372dcfe0b12ee37f500e7ab68f693dd383354f91

Analysis

max time kernel
25s
max time network
136s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
26-07-2024 22:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8796dff622e456bb5b0d428372dcfe0b12ee37f500e7ab68f693dd383354f91.apk
Size

1.8MB
MD5

0ff9e439f5c78bce241f149c1d21d7dd
SHA1

2a7d93e1f4eb46dc7d82eab5932b4cc5a28e2a3f
SHA256

c8796dff622e456bb5b0d428372dcfe0b12ee37f500e7ab68f693dd383354f91
SHA512

a252ebab98f291e587e6ad4a6b656d4814f4c435b4522f2b7e7702b78f7f9ed5a8a194ec83bc023f6398d87fe5e2c8d49f484c04e94f8ad22d2806d89830361f
SSDEEP

24576:BaUIvsMTlaiEeDHeFBxPUxduQkswOuJ0ygkjSth0vJ3cOjCT/v13AWEsicWDgSHO:UUiTlaiIBxPAtkM4Othons16oWgSH0gO

Score

7^/10

collection credential_access evasion impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

pkmast.pk.yonosbipannel_new

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener pkmast.pk.yonosbipannel_new
Checks the presence of a debugger
evasion
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

pkmast.pk.yonosbipannel_new

description ioc process

File opened for read /proc/cpuinfo pkmast.pk.yonosbipannel_new
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

pkmast.pk.yonosbipannel_new

description ioc process

File opened for read /proc/meminfo pkmast.pk.yonosbipannel_new

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

description	ioc	process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

description	ioc	process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4442

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
f35ee6255f206340a16857b406630fd7

SHA1
890d771b99fe1cd028dd3cbf22bc53792764795d

SHA256
6fc8fc32b681934edfabe198987276ad5bd2fd94c357640d5e23e4af13eb3080

SHA512
c70666fc47afdbd6647174ad91c72e9468e1b2563686a5a7d24e4a0c2d700d7ba25b0434e2cfe76b00b30e2f8a4c7d926377135d77fd4e5a3b9002aef6696de3

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
35113b19e2759d7d2fded1709b0463a7

SHA1
b4c39247b9f5032a51c508c19ef840917929aa0b

SHA256
9483431ce515796266833b81436f584305c77fc6c69d33f345133781259cd63d

SHA512
7d9aa455ea9df455e59f2047b23dac96361a2dc702cc689ece5c74cc363159f365d1280026ebdaceb892f7e371b1db02b7722087e76d32e50626ce495828d6e7

Download Submit