6d7689b3a6f7c0e583813f18e346b32ee3cdfee399ea2f01c15395158b0113f1

Analysis

max time kernel
26s
max time network
166s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
27/07/2024, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6d7689b3a6f7c0e583813f18e346b32ee3cdfee399ea2f01c15395158b0113f1.apk
Size

1.8MB
MD5

9dbe1b043fd4be01e55e073453f31299
SHA1

84fc9a597dde41a4c77c02d3aabcb03849f85137
SHA256

6d7689b3a6f7c0e583813f18e346b32ee3cdfee399ea2f01c15395158b0113f1
SHA512

97743e168fbb5772e91c61d73237c9bd66bb564ef3b76df1486074d5b1f5187b07930db49f92828aeb82137baf346c9aad7333d0b2a33bf2c1ffde79bc4fc53d
SSDEEP

49152:+k5nth2thbnYHAuBAX2GjP6OiyoAgSU3u:+krAHP6qo33u

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5066

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
b8dcb7d74027ee679a6fb68e8646872e

SHA1
0d47f5cf7a1c5a61b828b8474a7c6bd3629fc807

SHA256
98b663a90a9da1f6ccd2746a73ab8b587ccdc158e427abe8d96da59eb20f6f3a

SHA512
3a36f53786982967b1a41f7c83818997b61210ce5380d059cfcda0e41614611185dce32fdc84192d64583df15b6991e41b3f5d059fb0ab22297fa5ae8a979bbc

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
b18c755929a675e33135ca1259c1d2b8

SHA1
ed50cec4972be37905382b1b08e45aa79b5c409d

SHA256
ec1839994e8125f7b29160346f67b0851ea87d5a7d8ebbac7372eae5d9dd0364

SHA512
fb97ce317beab009bff8abf224e9c9d9813e8108ba386c50b09a5f898ee0b282a63a25a4cd4e4591905f22ccb2142d2293881bf1ff9f5075f6c687fde46aa713

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
8eb8c09acb08bfac356c17a4ee2c8743

SHA1
c4135df6864d897d24ed98a25b58af62cee7b866

SHA256
67b8e68661200e48b5c83721ac358a0d87c8f5bd1dc500980646c4fa98d1429a

SHA512
2246b18b4dee2ffe9de4c8b0ab8bcf60f6c178279adba29484ba64355ba58a0861c9f7fbcae42c3018012f34bf98b7769071b56b1bec287e951ff3107b907bc7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads