250ef3ebb19e8430181eb55f34d7d49f21b889937da4b90836096f9995a4b91e

Analysis

max time kernel
45s
max time network
165s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
01-08-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

250ef3ebb19e8430181eb55f34d7d49f21b889937da4b90836096f9995a4b91e.apk
Size

3.4MB
MD5

3ab2064321cb5810d8e1f007b6e956e2
SHA1

7d2addb2e19d7a5db3b4319722458718d5bc3e83
SHA256

250ef3ebb19e8430181eb55f34d7d49f21b889937da4b90836096f9995a4b91e
SHA512

5ec6d8ca311bf176191b0f0d15448075c61f1ca8f62c75abda8be0b412f5d4f0625248f2ca6227af76d0699cde22f3327cc4f2b8bcaab46dd878e7b0f6a376c1
SSDEEP

49152:4s0n6Wxk1XEvWthlVMuqF9FHjEkq5FPYp5rMrgh8tQamYeCE7HdttU4ja96iHw1C:7S6okREvUV4TNtKIGgh8tuY0BhHihJXR

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4973

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
2840a77e6444761c12179e68bbbee5c8

SHA1
62b701fb7beb6f96c6acf5566864dcb5b2aa2cd1

SHA256
7702db028d82216bf42b8ab0519cd46b7412afe408bbc0087ce01b77e1f766fd

SHA512
8d5bcd04f40ba9af0ec671ea8a38375cbbd28941b0d31ce092950cf8e6835eff1f350aafecaac57bef0d571b45f68df9a247cddb3b139fae07ab90cab2232c75

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
0a984170829d28fe05f6cdbd042ba3f2

SHA1
f2fe7a9bc17ead430d08d90e1f8a656a1b9a4484

SHA256
baea1e1b71ce4a51d248c9c58b5efc65e55b8645f3df44cf64c6e0f1b98d6172

SHA512
f4d1e6a95ca070fad6d5f04c900af7a6293b5dd4f53943cc71bb1879933f6d8e7823684b94ec2add051a0f90a08fbd54fe6aaaec740f1f48da95b7659cbecdef

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
ab0ba53b7ae1f82a380397a5d9ee88b5

SHA1
e9d107451fbbec45e296190c589aa82126f99f76

SHA256
c8ea9c660758380359a4d73b727718365710caddf06e584e3fad998ece9120bb

SHA512
96171929df25d291f9b45b209d13878738b95213f32ec337f161d4d95eeda7e4522b62744ae18096ef09e79f3b7c7bcc7985d1963030af3fe629039a97d77404

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads