1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7

Analysis

max time kernel
123s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
10-08-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.3MB
MD5

c3d2a0b23dd6aa4e6b78be556e16dae7
SHA1

652adaeeca58269007ef87a0bc676d4c13a843b6
SHA256

1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7
SHA512

da26d53d5eb08933a387998f6e4832614daad772c3052eb911256368617b18da064d471d68609e4e7855bca08657bbb9da096b4e81587e9aac513d48927b36b7
SSDEEP

49152:O/KoYJslyMY8YgJ/XMJJRLKiQpi/vsBeylmbEm2w:kKZIyd8/FcJJRxQ8/vUobEmX

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	mad.net

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4996

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/2

Filesize
65B

MD5
d92e85d4dc1f5dd9595e6d722acd5b9b

SHA1
d7a8746550315d7201cdda9b6e5804e81e30db98

SHA256
471c08b2d79c2dcc28e27385016f5e82e609fc661d1f0b0ab1a596df7c6e4486

SHA512
6522ff32ff601f9f229de0218f22e5d6d2d4c99678e7c3fa60007f4e37ab45f68f897232a9f401a967bc4ac6bd21adc03a5ccef0c4136e67deae9c782316a215

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4b89d47bef8d1b61d52035d49513f889

SHA1
c694dacab3d03d7e6c615e98024683e805054ceb

SHA256
7acbe2cd9dea6c40704422256a165452f1800909cd18d2f90424d7ba2933ddf9

SHA512
4e1365f9109fd0f2713cd67890ec27d66854a88db411b383dbaf6357f9544a4b12d0e194e1ff14f157b6c334e32d13cc9c768a790f34a78f1de0986949c6067d

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eddb1543ebd4e4628c81b6dceb72c9d0

SHA1
831d5dd231da32edcf02d275a8150a1228488520

SHA256
d24c96e5cde319f8cbba5515d814628f91add2b8fadf0c77d1aa2a3c2754d193

SHA512
511ca09ff3718372a6d13d7b4e99025703546c93a8d6a496eebad6e52c7f98f024f699c911b00f9e541c7fe4fa12e9f882bacbd1a9e38220e5ee40305622ddec

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3aa2c2d9d5dc9eb08fa0f745491e5523

SHA1
61b4a0db31200ff25385f0c411be1cc151f958d9

SHA256
f0b4691ee6078247094f612c5db2bfde5acce504c92fc3d48ef580d0dfead5fa

SHA512
29e2f175d4332dc360f4c667c90201f91da797fa4b1aa4a467141ee68017a8853b36eeee19477e8e76bb44c8662875ea1f0000b0a49f4abd86a66a33b90fb3fb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
605d5214169f8159096792ecacaef242

SHA1
7c6d40c435a3f4a6a04bbd445169baf81593cb51

SHA256
cb8aae5b9031379d91c60d4f59b110443d082e45837643d2cdc4e3d28ce29213

SHA512
268091efb75db3e765e41d239f0a0168970670a9efd057dd6b6192826a38ba1f7e8149003fce6f532291810465601b81a02a8f70ed35477ea202c42df7c898af

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
29a3ec03f5b1b7744e6cec7f07e64181

SHA1
a1acdce1c8e265bfd561b5ab010f5cb3b59d1105

SHA256
a6ce4efebb0e5326a3057fd8c65de1a5f17232d312dbeded6562e1bd246dfbee

SHA512
b7afc2c5b74f576e9883e6805da010503e3270e2ff1a568a3af648b256c319c96d3807b6afa02041c44ad147eea00ed413247285cbe7c6470376e0a8dc355d0a

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1ef67830e752d2e313c0990996f0d282

SHA1
a068b501aeabd8c3f419ccacb1bc46cd8fe7b7e1

SHA256
b4415804add66e423aac35fe3c5a3e794e54ed896a4b96238f78517625f6be8c

SHA512
0959dd4cbbd7863dfc8e405702ae83b120853f21a39292c080d0669bc5b097ce7826199d594ccc15b5553fa49f30992f40dbe8eff9faefd5cdc48e6a8af3b9da

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
1295d4c19773ff4a7fdfa64305dec128

SHA1
0309cceda4bd21b4bd8e980dc985cd7f758dbec7

SHA256
21c165c62f18b44c8226179cd7945cdf65a92c19c8052c7db0877131b29bdb18

SHA512
29728ce40116df1721fe78e53cb0e634654b7e19ec20a3c76a3bc4eb800fbae6cfd77b1d922ca7835491a11355e0e85b411225f2b0c2eb99e15e8561a1aa5530

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
69950bfbed11758c2a8ab9eb9fcc94aa

SHA1
96110ca1c6c0e8e18fcfc9982a596a3eee52b581

SHA256
a23bb288c4332133eff2879bb0b613a3986b68ae096442db1c2eaa44e34031af

SHA512
0b0a5aa78e6defd625887cc5913ce00716ec93ff237acd7ab170dd6ce5ed2c3e1bd879c42d1e5c0f9770b51543736276e0b9e1599fa274c3f93de1b33fe448cf

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8f54c86a9b1ca81ad36372981c3af56f

SHA1
3f0c85f8573ea0289cd4b49d54021e1c6516a47a

SHA256
743343ae0ec9468af26c5967a31f8b2d2471cf25676b082c8cdcbe521f9622bc

SHA512
26321b4c1a2b9a1b5e42910df822a53f3f1795fec2b42af9fdb7248f5d7364a4a307712566a4da2be085485e65758d5c6675b048970728ec4614410d7387dfcc

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b588ba3b02475da4f1d3a4c71fc822db

SHA1
456407b2839bf047e05895065fcfb006669145d1

SHA256
ab449b7f6914ec24a6fc67f61b172995bf07ced55c2e5c5214dbb28f49a89563

SHA512
0d540d6a01ea840f45510971feef7457b54abbc9d9096e857ccd58c6b086c09cc9f4136b8dabe603927943279b14490cce13e2086ca1561bd1907f9029b242ef

Download Submit
/data/data/mad.net/files/PersistedInstallation1195910449586371797tmp

Filesize
90B

MD5
2719854691282b9bbba7ae16ccfe1608

SHA1
19a4f459666cad76ebb97e861bb0b41c8edd1151

SHA256
1d9ffaf1200e21bfd97e2f8b3bbc2c1766719871720a6b9c78a2cc93925efd00

SHA512
27779b32bec2e7820a30947b604d4e7dac9f02e4cab1217c0cda94d9b03973d0564d5b21f38801bee4e8ff23e2c52b826b9d6d6adba4ce9dce130e020cf4624f

Download Submit
/data/data/mad.net/files/PersistedInstallation468160979333726469tmp

Filesize
569B

MD5
2d9fb6bc7c2fbaca8788c7d95fb06bd3

SHA1
0d325e634cbed476a4517116a62c383a1f87b054

SHA256
12f708ae4e26e4ecf78e0b883ed6f711a21bd90fce7860de42d411040ec23f20

SHA512
08e2dff8c26edfd907b5bd4d6f4003acb478282f4f0c4965a808f7d344bc2e7d2c894b7866ea5b1595995d2872bd500031a9fda0b264d2af6b353536a5093b59

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads