1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e

Analysis

max time kernel
144s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
26-07-2024 22:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e.apk
Size

2.4MB
MD5

d1a2af30ccd41825b8a5a1c837e47da9
SHA1

cf8bd38a3cea08df8841285f2ea7cfa2e5547bde
SHA256

1c719657aa40638c0db7a9a4e808ddcd2532d651e519d6e9b1475a8e60bd674e
SHA512

81c7863b606575fd66e5626ba604aa8093f2ae4f58a0a4fb7b59861a058983fdc45419b4d40624e85635dca50f41f9c337206ad757a7f2c0f6482e96b3731a05
SSDEEP

49152:NlEZYDbHwPkxgL82nPLL1EjgI1/Hg67f3g92so/KrTA19s:7oYD3x72nPLREjge/Hnoo/KrTI9s

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

com.gurujifinder.mjpro

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.gurujifinder.mjpro
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.gurujifinder.mjpro

description ioc process

File opened for read /proc/cpuinfo com.gurujifinder.mjpro
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.gurujifinder.mjpro

description ioc process

File opened for read /proc/meminfo com.gurujifinder.mjpro

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.gurujifinder.mjpro

description	ioc	process
File opened for read	/proc/cpuinfo	com.gurujifinder.mjpro

description	ioc	process
File opened for read	/proc/meminfo	com.gurujifinder.mjpro

com.gurujifinder.mjpro
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4442

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gurujifinder.mjpro/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
9e46ffb02ec051f1f5b30889189306e8

SHA1
879c0375e2ea3c62ea9020f7d3db14a67815853e

SHA256
2b676aecf4dab82cefa78ab0619e969095cda10e81a0ebb67297aa295a998db6

SHA512
1c9c868964e10c7feb8122e280fb278c90562bfa410a5761c8abda242bc1f93feda126efbe660ab7810049300122ffa498f1f765522135cb56503f604d80c2f4

Download Submit
/data/misc/profiles/cur/0/com.gurujifinder.mjpro/primary.prof

Filesize
1KB

MD5
7559f00ec492fb53864c6c7dcf00d8d5

SHA1
b17473caa7879269f6093dd1adc4c09c406f35db

SHA256
d95c7a869d9c61fa2baebe4fcd22ef15030be068a3ec1439dd6c662650060565

SHA512
7a820f8b44abafb5fdda3d7be1004821ffa6ae771c608baa5c8157f223c9646171244ca2a6d9910a67f07f026b03c19c20d30bc0cd126f16247fcc399ec2c125

Download Submit