1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e

Analysis

max time kernel
47s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
26-07-2024 22:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e.apk
Size

2.4MB
MD5

d1a2af30ccd41825b8a5a1c837e47da9
SHA1

cf8bd38a3cea08df8841285f2ea7cfa2e5547bde
SHA256

1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e
SHA512

81c7863b606575fd66e5626ba604aa8093f2ae4f58a0a4fb7b59861a058983fdc45419b4d40624e85635dca50f41f9c337206ad757a7f2c0f6482e96b3731a05
SSDEEP

49152:NlEZYDbHwPkxgL82nPLL1EjgI1/Hg67f3g92so/KrTA19s:7oYD3x72nPLREjge/Hnoo/KrTI9s

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.gurujifinder.mjpro

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.gurujifinder.mjpro
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

com.gurujifinder.mjpro

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.gurujifinder.mjpro
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

com.gurujifinder.mjpro

description ioc process

Framework service call android.app.IActivityManager.registerReceiver com.gurujifinder.mjpro
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.gurujifinder.mjpro

description ioc process

File opened for read /proc/cpuinfo com.gurujifinder.mjpro
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.gurujifinder.mjpro

description ioc process

File opened for read /proc/meminfo com.gurujifinder.mjpro

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.gurujifinder.mjpro

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.gurujifinder.mjpro

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	com.gurujifinder.mjpro

description	ioc	process
File opened for read	/proc/cpuinfo	com.gurujifinder.mjpro

description	ioc	process
File opened for read	/proc/meminfo	com.gurujifinder.mjpro

com.gurujifinder.mjpro
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4998

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gurujifinder.mjpro/files/profileInstalled

Filesize
24B

MD5
5bed6aefcdd6a1ae16f8276fa5dc9a92

SHA1
285799b92281fc3d20d81ae7505aef1b7c6dda38

SHA256
0b6d7e10ce605817f6cd64e3c96bd47a270e49cfbf55d5798c1309fd88c0d412

SHA512
d47fad05cd40bf60e6fa5566226260e2d6611ab31ef4c3de82afe1c033f0a97e03d552be1e123d80019a6bb2ac18c38b4e6af420ae21f6a136a808c02797ecb4

Download Submit
/data/data/com.gurujifinder.mjpro/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
c219b17335892e99eb7936812bdd5c5a

SHA1
94dfe9d193beae568dcb895b74714d02fa412fb2

SHA256
56401f0d8d54944d627f89b8d31d055c4d3dfee986819a5bedeb1470a7ea3e3b

SHA512
cb17d20048d1b8d0ed1c9c1a9fddbd27f739282eb116f4444a79cf42a1bbd049ee18347d9cd604b5957ae73092855301f1de0a4e49f0264224f7908bbfda4d7c

Download Submit
/data/misc/profiles/cur/0/com.gurujifinder.mjpro/primary.prof

Filesize
1KB

MD5
7559f00ec492fb53864c6c7dcf00d8d5

SHA1
b17473caa7879269f6093dd1adc4c09c406f35db

SHA256
d95c7a869d9c61fa2baebe4fcd22ef15030be068a3ec1439dd6c662650060565

SHA512
7a820f8b44abafb5fdda3d7be1004821ffa6ae771c608baa5c8157f223c9646171244ca2a6d9910a67f07f026b03c19c20d30bc0cd126f16247fcc399ec2c125

Download Submit
/data/misc/profiles/cur/0/com.gurujifinder.mjpro/primary.prof

Filesize
3KB

MD5
4cd31121f3ac61f0939a6279f1dfb60c

SHA1
d6857fc675c5b13f4fb71b1727ee609604db1fc6

SHA256
ef952dd5565007ecf3442dcd5f5ccb74a505117ff04905a21996e76e4069ffa3

SHA512
13591841c1445bf4fa97b5c1f22e157038f81ac31d5e20991ab52d006711f94f6b4687d2b3b6cfbe4bc487a73a1a5a89d8af99462f310be767cbfdef8da2b6d4

Download Submit