1cff06f6542c2f6879bf2f54ca6f89fdabd9d3e41d67aa58670bfa7edd2768e9

Analysis

max time kernel
92s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
01-08-2024 22:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1cff06f6542c2f6879bf2f54ca6f89fdabd9d3e41d67aa58670bfa7edd2768e9.apk
Size

4.7MB
MD5

47c3fec11449daecb163ce929d23fc9f
SHA1

59756b66f84a7c8c80e7377148b277678ba4edca
SHA256

1cff06f6542c2f6879bf2f54ca6f89fdabd9d3e41d67aa58670bfa7edd2768e9
SHA512

807a30bf8381a6ca5e174dc635526e393b7d408f6d453dc514161a49729cc6d767512c6b77283b62ad0c906c92a87610e869712ed96450407548604c66d3178f
SSDEEP

98304:bFbCkMYktsqYRK5JFFjQPA8cO7RiND+ZxSDWXu3F3sxnDKN4H4C5Ry:bFbCkMYxqYG1QPAfO7Ry6xSDiu35sT5k

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.google.Sabun

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.google.Sabun

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.google.Sabun

com.google.Sabun
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4516

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.google.Sabun/logs/20240801222628336.log

Filesize
33KB

MD5
7e98cce8bab7441e5553d5de3639f0e1

SHA1
212b18c844f69b572b683b28dcada77e36ba008b

SHA256
432574f5c8f94f4224011c8dca829e5f2cfc67bfef11d3d65e1181e099661a4e

SHA512
ddbc39f8d535554667cd8698dae31b61f0a16f2313a31bcf2781a8264e2251b846c5a0e65b8cbba26374660c70a2450611a317f29c72ede986d625f060250ebe

Download Submit
/data/data/com.google.Sabun/logs/20240801222628350.log

Filesize
20KB

MD5
f37ed4628e44898d4138a8908be9fe4e

SHA1
2e39293d88f2b0769939946ba39af4712fc48baf

SHA256
8a812bbdc456ce5925f73d8acbfcd8549eafa5d61a3526fe404726d972f1304d

SHA512
7b8202ad65a6700c43ad2d5a31fadd9f88946ff09a710a8fc714165c006d23479de335b764a6efed859529eea887f2fb45bca2ec84c26bff045a6f46cc7216be

Download Submit
/data/data/com.google.Sabun/no_backup/androidx.work.workdb

Filesize
4KB

MD5
7e858c4054eb00fcddc653a04e5cd1c6

SHA1
2e056bf31a8d78df136f02a62afeeca77f4faccf

SHA256
9010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad

SHA512
d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb

Download Submit
/data/data/com.google.Sabun/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
f1679052a7fc3abcb17ebb4890febbc5

SHA1
e2fd72bdbf2681093f543a1feecf60b642baf9e2

SHA256
e9ab1434b511d03aed283bd2d380419c99a68446bc38caa618c07a9e9042ad0c

SHA512
3d73687d99422903b9307cb05ddfb4f62dadb9655b9f413f059e499a2b15b88040cf91e7a6c4743ce619aa09734f4da1ec67e4b9ef78994e1195bef28f6241b5

Download Submit
/data/data/com.google.Sabun/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.google.Sabun/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
930b0b4bb386741f985c5002f9cc37de

SHA1
e17dc756f2e765ee56f9f4e99480c88fb9c58f01

SHA256
f328593f75900a2159166ff78a3ab564ae956b9a512a92a16e05bad7b3d24f04

SHA512
fac988400ca11cd8e7548dd69f2f7dfde1cc943b2c69590c8950532f9384799f9dc36165cf9c3cfba88eb4c5862d7a225ac8b02dfdf3250416114846d9d6e924

Download Submit
/data/data/com.google.Sabun/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
e17cbd78107ea30b862d130dbb85d54f

SHA1
f5ad9e27867e3f0ef1ca496337282f0e9b94607d

SHA256
83579f8e479966355c8eaa2e1b28d0098b36b82b3ce32eebabbad652c26a1c5d

SHA512
faf13bb4b4349dc365808b2071d4b11067c97baaa314ffb9d02d0acee3c78eaad16117cf34a3f506e93896080b144880cd8221fd5b6874fb92abd35749693b01

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads