289e347eb7eeb710b7f432fe65447c4014892c79fc743ac40a064e1d77100c3a

Analysis

max time kernel
86s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
08-08-2024 09:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

215c986eafa67fd6529348c91fbb3db5.apk
Size

7.4MB
MD5

215c986eafa67fd6529348c91fbb3db5
SHA1

b93ee1e1e1edcaa0c68d63c64b759d3cb8a186d6
SHA256

289e347eb7eeb710b7f432fe65447c4014892c79fc743ac40a064e1d77100c3a
SHA512

697d191310ac2f4d4bd29cc9be22b620323acc280c5642ccdf509c1dd2c8e7226301f3809b0ca24380d999f2d24ee004efdaf85c668565a6ec9aa51b277c383b
SSDEEP

196608:jKGuv2IYHqQ8J2wF1F/R4YNKvSzilCUNUyTU9M:jOv23n8PF1oYbWlCKUsU9M

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

abyssalarmy.smseye

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener abyssalarmy.smseye
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abyssalarmy.smseye

description ioc process

File opened for read /proc/cpuinfo abyssalarmy.smseye
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

abyssalarmy.smseye

description ioc process

File opened for read /proc/meminfo abyssalarmy.smseye

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	abyssalarmy.smseye

description	ioc	process
File opened for read	/proc/cpuinfo	abyssalarmy.smseye

description	ioc	process
File opened for read	/proc/meminfo	abyssalarmy.smseye

abyssalarmy.smseye
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4490

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads