5604a97bb438d66e71e2dc85766a6afef45ff29e4305dd38ec9a6c3dde356e54

Analysis

max time kernel
123s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-08-2024 09:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

3.1MB
MD5

a83594f9fe6de44660884e1b126d26f8
SHA1

3397315e766395b5e35771309b833d37e34f6d5d
SHA256

5604a97bb438d66e71e2dc85766a6afef45ff29e4305dd38ec9a6c3dde356e54
SHA512

c42fcf479211266ffa186aabb9832f38fd48cf69e34cbd89b69ab3f79f7a26788c4c63dbd68bd47bbb51804624b428b5a5aaa01bf215f018455c398ccabcaa06
SSDEEP

49152:A/coYJslBHFyaFOD8TsWYGpS8oWvxK6Nj7LjfXsgRkXT3yA/PIWW:OUIdFdHTsWYlW5Kwns6kj3yGIT

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4483

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/2

Filesize
23B

MD5
96193e959baea1e2f27d995ea1a78f4f

SHA1
35ca86f177dc40ee897051d7a25465229eff16f9

SHA256
5b8965479df32457034e64cef1a1c6c5f1012c3af1c92123f11f8321b28c5a03

SHA512
cf6acd549795ee14ef3debe06f22f021c13ef3108228ed5b8a8cbd837f7836680646aeb4a5119ecb9da8ffd8917dd8f105be2ae442c7401a1ebfa5ca3120413a

Download Submit
/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
75f5bcb90ba2fa5b6b8a250a030d250a

SHA1
490c924de4a50796159b0cdcbe6c16624b061589

SHA256
1e9e33976b273b536f0598bd9feabd70cc755710b682cfc1d7e76f847ab60e29

SHA512
e4c24404c3b42ffe960e31154826a50bc8cb65172f087c8066531a73d165cc310d21032e0056c5fc2f4bbdaa13971e6df1e1016440e452ccc8f93445e2cf94bd

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
24413ccf8be6a8202deee5ae365adb7e

SHA1
31a6900f04c408cd4c0509477f1e472a85be8bcd

SHA256
e7373831b0621acd2c03abea6324408f7fdb64ab2cbdf2ac16b6ac2eccab5f42

SHA512
e0a85090e5e24d036ead9a7aa08ac7aa1072c6f791c3e3ca033762eacac9fec8505f2ad83eb40c9d0c44a65c025722757bdd7822dce7564f7a3318d4bcf75113

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
998fcf454c4a945ebd4d14860ec1fa47

SHA1
ed32c029b545e1023711fac2750a67de2fdae8b8

SHA256
767ca9e3c191aa6f575e4e45b6e93b3a8736a425df5398888abbeeae4c6e73db

SHA512
296db5ecb459ba9450c06ab37662f280caa92c13253485d20dd45544da38e7c9783e77e9c4bf27bf85116cac45bd2ed4a25eb85c2034e99daed70c5d00a3ce92

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
914aecc7e66af4d2488d7560c516facd

SHA1
2c2666cd17858ba7d48db2c9196b3cb3dfdfa3e3

SHA256
3f0935e24bd1286ba172d05b0f230b533650ac3331f77e92591584cbb17aeed0

SHA512
e581aedf78da821aa386f54d15394c1fc6907635f5031a8f5e8a68a91890ad65711b8cb60cc5e6e799ecd6d3d90d9e82c54076a24b2df076cda4951290c84f98

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
68d08db2043a951079629472e295a3e5

SHA1
3b9a011f7871916e676b6761c91c4c1894342321

SHA256
ce49975e88293a3bdafd59ea6d8d4cc493dbbcb0fe6eea960fa4882a0fcf0ea8

SHA512
5a17dbdfa60a144dba7ef40739dc3e4f3cbba79386595220f91400149f767a24b3381bae2e6ed0d0399ebcbf0b204f8d9625fc27ac8829f7306f6b9ea9c5c5d7

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ac6cabba9312ad316bcfd753de4c2dec

SHA1
ec8b669b3488a4f485b215124f572c5a4f95186d

SHA256
76b3f3d2311ca243c58d5af69b6719fce6b445da264a4e003665bb43f618969f

SHA512
9973626d72139f1692fdc94c38d18b95e0bbbfde70c4200131f649e3ab8a05fa5db2d17c5eb3249f62848d141812d57a1dca3349df3f1a244bdaaf80d9f794e4

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1b989ca2f1f9dc1c1ac6f6c0af8128e8

SHA1
5c432350f9cf75709032f1ba1fed67be967ea2b5

SHA256
40f6fb1ee82bdfc0e479597cae16b22036e4a697d33ac8298316ac59739f5380

SHA512
872e098735f6fbc3edde36f734401536ac9badaa1ef5fd7816bfef1f043c22a4ea5993fd8c190b43daea71e10b2e9b2caf885849433dbbe0c0507bb54e7d75e1

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c7b6d557022c6ade3fc4abcf24a60f47

SHA1
2c6b95df4b13b5fd074104ac41d38f7f668ea8da

SHA256
e33cb801c99526bd681b385d745b4724dcdb097c033afb5b5609ce2fe42333d5

SHA512
b1a0b7fde189a06a85ecd53f3f3196c55c15814af319b680d9df8ff2ebec5f8d7b3f0dbb0713abb8c3e6a045a9b5119fe58f3f3be10583879dac50782f3988f2

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
75633aa04228ec18814da4b8a8bfafc3

SHA1
3eb5eac2fb10ef935d8684a7444d254db00d8c3d

SHA256
265fdf6d859bd1142a95d37e81c3cd4ca03872163ab49cff264f4f67dbfa0636

SHA512
cca31189b8261097615a52008b1551e2d7038fa7c6bc3626904de5a9323f2dd7f551f315fdf6f8e25bb9e81c70b51de963faf054b462bd263ce84a32b376469f

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c038e4c828bf4c3421a072d9c9ec5c2b

SHA1
88bddcb14f5a0e946e07d526bc7d7dbb831d0b36

SHA256
3b065183ef359cb8a570f3250853c5a384ad49cf46155bca10447873a7b537fe

SHA512
63c4c27287585ae2bfc06461416e164d251659d504bd4e4e1f7bfaf827451bcd02a466971f87941206cc16ff155c26a8f94dceb703abe3d65b05485a8e877daf

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation2786032469471739680tmp

Filesize
90B

MD5
be15b087dd050d9cc30a80824e997a41

SHA1
1cddde3287944e3cda7f91121a64e93588d70d44

SHA256
60ca1c0c3b9773626dab323f89c783a446e7bddd044afefaf0ff02594bfc5634

SHA512
6ec6d1c6133d0a3c014012e546486d0032049f3adb07f96d1f7523e028e78a50a121a91d73451473c0d5a397acd8dd99f711ee675b38a387775ae203d0bf49fd

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation7011264863154640605tmp

Filesize
569B

MD5
1e4187eb2c02704c0676fddff5bdda83

SHA1
3b23472f924c32bab9fdbb4d2355055bbd276f77

SHA256
987b2a4bcfb997b9126fc46fa2c4b842cf3657108d3d4c26b04afef5a0ca8305

SHA512
65eb7ffa7c53b2fec4e7396551e43c0dbfcd1cf8d9922e995be4156b4afd511e42e75422c5f24d0bf2c26297d6a9a67dcf952e12c8d38f6507034b3a93febc5b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads