1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7

Analysis

max time kernel
123s
max time network
136s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-08-2024 09:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.3MB
MD5

c3d2a0b23dd6aa4e6b78be556e16dae7
SHA1

652adaeeca58269007ef87a0bc676d4c13a843b6
SHA256

1a34f20869907a0b003fb8cbf57a3172dd2f72ec52508474a1edc03845090fc7
SHA512

da26d53d5eb08933a387998f6e4832614daad772c3052eb911256368617b18da064d471d68609e4e7855bca08657bbb9da096b4e81587e9aac513d48927b36b7
SSDEEP

49152:O/KoYJslyMY8YgJ/XMJJRLKiQpi/vsBeylmbEm2w:kKZIyd8/FcJJRxQ8/vUobEmX

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4620

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/2

Filesize
65B

MD5
d92e85d4dc1f5dd9595e6d722acd5b9b

SHA1
d7a8746550315d7201cdda9b6e5804e81e30db98

SHA256
471c08b2d79c2dcc28e27385016f5e82e609fc661d1f0b0ab1a596df7c6e4486

SHA512
6522ff32ff601f9f229de0218f22e5d6d2d4c99678e7c3fa60007f4e37ab45f68f897232a9f401a967bc4ac6bd21adc03a5ccef0c4136e67deae9c782316a215

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7e42b00ca31f4e08004e44a103748b05

SHA1
afe9aedda43d9f0b354dd15c6e3bf4e7526c9c87

SHA256
f3a35a1009dcc4e26568c5a40ec8cb0cd91146823717987244edc88ce94a263f

SHA512
66abaf486fc701ba4ee9a6ac1c32d8d1925274126b255daa36537be12773aaa159b8dd6558016f51c44c140f930da6511ccc3440bdece1aa368abeb7391b64c5

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c07db6f5357a5939c4787d50eb339831

SHA1
1d2c24f61ace2fe8d75499784808756fa700c81e

SHA256
a78f868f7b78c16ebc963edcdad5c0eb7b9dd6617d0530070505345c89a0f672

SHA512
9a604d040bd7bbccee79e30db1638d4c5378d3bcd4f1d93207e8d5ff479d2b1cfae357f8e595598f4f82ba28c142f7534a2322b5cc7bea3ecf1a22e5353e833e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5d12d9706969337006373180de73a5b4

SHA1
e4091992e66929cd81c8b4a13ee6905ef2411d32

SHA256
c77b9836503d560a5191ea905181af634faadb2c29e8378055bbf482de444a7f

SHA512
721a474964d8a7997bfed038a1dee82e92b25ab6986f903f3be4c74df9c426246a358c13cd3e7eedd01de046ecbaefe7f6711eeca7f8dbdcabc9e88caf442d0d

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
df25ddb774e2280aeb2eb8d0a640e99f

SHA1
ef109b771930d4f185d0984525399a56bebd26b2

SHA256
4a5f77d15ca79702c57d6f1512adbc3de2de9d763c8507d0f7adbce800116eb2

SHA512
b6a45e4c8ce34be7c8510a57f97f83b82e74866a86a2ba35b8872f800f2d6c3874a9e7a269c9ae1d32dc0e866ef338f1c85c4f6c71538f0f2ed146f1d389b723

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
561ce6079d4ac5505da60b70d7f22686

SHA1
303ca79e6d108029e99a748e6fc40413c74e1993

SHA256
f86c2778dec86aa62ec7d778e59d56fe035eed9401e1ed1bb4132b65162ba7f2

SHA512
bc1ba2abc9c6df230e5512359bc1ff305e670022b00ae69ba82fc5ea5c3ca92cb6bc2d0dc6a2e9e93fc271dff7ade790869c38ebd11e7c5cef76991ac2f88ab1

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e36ba17670ae63e664bf2d8ed9c44a28

SHA1
2c3ab4da1a13e3b7e91995c33fce88269eaeb705

SHA256
fc10bb050718f32e54147ccc260d247ea2559c3df0f9010133e9d792b2362df7

SHA512
4ba4375490df92398dab5f409a65309134117575678f252e9d2c268e0277dbecf0e843c8089246a0ddfc6867ed913f8ed4c9257829c1050feded41589ac1ebeb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ec98399e7575363b10410cce1c37f421

SHA1
ff24846826f81af54e496bffdfd97b59c21a6bce

SHA256
a36a53d27fa90a04743526073b8a36c07bf241b4e6012255b95da5ff4bbf4f44

SHA512
8d9b48feb10e9665a858134123df1cfc7aed9a567468a22b7448072506e7e1134e4498370019f8b5559298fc98627c3533f6011776a386d114f8039ebb4dae55

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ab151b4506923c08fe7030856055b095

SHA1
f04b8a163811a619923bc6a6f1c8cefe81b1329f

SHA256
37aa7d371e6630dcc9fb9a3afbec91742b68310d1f512b19185af97ff0f673c6

SHA512
46cda45dc1893ca7ab732fd405b15a0d86c4ed7e4c30ee00bfbfba609a5bb059d9d06cf35db52663819902c0d008cba1226800ecb9271b61408afd7d85465a92

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bade403db2f13a4d6d9b025011239ca5

SHA1
1f29c7f74e6dc3b8dc1767b36719dac5d82aaf8b

SHA256
ee0a9b94ef153b1cb7c037804265b372060b81f88a301a6d8dcfb097c1f7a36a

SHA512
274bdcc1cfa43e8bba4fec196f96a425ce203845d292d58db1150f39b110a700f6b10a70961f8d2225e3dcea33b08d50349e4cdaa59aa13a8a2e7e49216a3210

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
288ae9fc47e471c5f0d60ac962e844c6

SHA1
ec8240b5cbe930e199cad8475fb3fef261da81b1

SHA256
8c2d39875dbca37b3a1001f68f6d90523ccf094a093819262d54a2a16877de0b

SHA512
0b889965f8e41a21c7d09c39cddb222597b2a289e6d98aed38bcf042aee8b8d13029c922f0a8908d60c410eefd89005d445f025fb37ab0223f3333e30c9de1b3

Download Submit
/data/data/mad.net/files/PersistedInstallation1208669698756628541tmp

Filesize
568B

MD5
f68f0c3da5315157e0ff5dabd896e2fe

SHA1
b37b2edd6500141c2460181ed86b528552e1fff5

SHA256
fd1fa8032bb4530628cf90219dcbc4a6d18adfb59aae7b5d7690e746aa7bf03a

SHA512
dca2cf39efa27fd3eaaf30dbf3d491e8a494d80d824f3c100f076af760b7a6e592d55b3a52c6bc6b328988be00e221d781c30916a9a3cdbf420fe438cc24a16c

Download Submit
/data/data/mad.net/files/PersistedInstallation1918045933104915654tmp

Filesize
90B

MD5
85834ff6f69b8cbd5428ccab8b93ccea

SHA1
c2355ebd55a9f95a7ca8add183be6d746fcc52e3

SHA256
ab98357b36d37c502a322b7e89876d89ea571a1e270a6a1175ba1ec784857df0

SHA512
ef14052168545c90b08892bfc25f6b5d58be6ad6c7d2399ff4fc6389e580ab096d4092ca739b5389fda5e8181b7f2d3a90ec4f5f32136dc3422e66af43c1ff86

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads