Resubmissions
09-09-2024 06:12
240909-gx9f8avdpp 1009-09-2024 06:11
240909-gxt2jaxekc 1003-09-2024 10:25
240903-mgf3matgml 1029-07-2024 19:19
240729-x1hexawamq 7Analysis
-
max time kernel
47s -
max time network
147s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
29-07-2024 19:19
Static task
static1
Behavioral task
behavioral1
Sample
Mellat.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
Mellat.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
Mellat.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
Mellat.apk
-
Size
6.4MB
-
MD5
9cca6bc6dcd20c4e2e61e21e72bec62c
-
SHA1
a157d6b9f2ba4bd8124f40a8b3e3d3006b21fa62
-
SHA256
0bbd59618f244b78e5ef449c183be032096ed408049cf8a130508ffb928f3382
-
SHA512
bd6310ccd78b474aff7eb317f811e9f326c196bd681bc8a2b697000deb8f44828a620f42b11d43c5e909911eafb38353d6fe4e4be21e2c1055c914e61be3480c
-
SSDEEP
196608:N9ZCIRe20kC4GwFzQ1bjbYjaF8N5jxyBBfLX:lCIRezkMwG1b/iwy5jxyBBfLX
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.formelleetae.com -
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
flow ioc 23 raw.githubusercontent.com 25 raw.githubusercontent.com -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.formelleetae.com -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.formelleetae.com
Processes
Network
MITRE ATT&CK Enterprise v15
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8B
MD59e8d9145a7bbdbce76ff1132980ae16d
SHA12249889c63f52e0bd10933be1ceef9b525bd2bdc
SHA256c3b8ee4a620ca21bbe7b34ba330a8a96466c3f2ceaed92741f0edd184fa7d72b
SHA51222f565f069d434e1c66995ede45334e37359e02c9669a4c6c9c2567e1d1ebc0cf2f80f15e9105910c55219e1472e448338dcd5a09d85282b2743d431ddba846f
-
Filesize
2KB
MD57dcfa09da25f186d481da6501b55aadb
SHA1431dfef5d23c4d6fb0f2f5a2a90ec8d215475f33
SHA256d0332d7c3a791a2d01ee4ad2cb239c20778d358113cf7ed5447974ea192e1bd5
SHA51284ef089fbf1c51913ede84525641725eb1bead3dbca041924517fe516589e41eda61c1ff7046a3e13d541edffe9f26be789922f5a05ea2dca4a1a827be89b154
-
Filesize
25B
MD5b9d9e0f8902d129e1aeebff0ae7b725b
SHA1cb0d2b4c9dd60a5c1fc6261fb581bcd3416fe781
SHA25625a822139d06016af8be1296c0242b60e35074f94c713e03323636be1162ce91
SHA512f158a9dc753e0cb41f71a98714ff02198c576bacdd792a6153fdaf6f9a7b52d8cfb6d09099a269d0c1b0d31e2ea5a307ea1db85115bdc6797887a6de36d597f6