601884de6c11f18f11c61503ad8873636a1b9916144031ce33e313d3e3d785a5

Analysis

max time kernel
6s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
10-08-2024 10:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

setka.apk
Size

3.4MB
MD5

d8408ba5caf6e3fba21b62d7d59a8dba
SHA1

0b09bb73f5d2fedab3f87e614834c14eaa47abd8
SHA256

601884de6c11f18f11c61503ad8873636a1b9916144031ce33e313d3e3d785a5
SHA512

a8f2a16c53cc1f817962ea14d978a8ae7ed5da9b89f0b97327987576c4d59eed66632eaed2682597d5b5cfa5ede1078fca52c94306ce6aa9feea7df25292876b
SSDEEP

98304:snqj3IRtMXG5TAMbJ8C2xPiKx2/1lnWgSzICupTH:snqj3IRt35T1dAxN2XnWhwVH

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4503

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f19f7771f8bfd78a43ed000612cf4d2f

SHA1
8b571c45fdd24160f04c71ea0f4007747b06b729

SHA256
088068d02e91871fa4e68eed864f733e4f167009ce7fde1790d1f48ec659fcbe

SHA512
1b4613d420a6f31c89f3600149a5e4a787f16c0f35540201dabffe6d9d686c845ecb8f4e8b9274d3c0c609ecc1cc7e82c45d48c121e386c65a3d2c9e5bfd4746

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7113d8db0873f17696ac2970ff8005a4

SHA1
afd52c8b04040717ba82955641ff773912e8c072

SHA256
b38dd10746cf6412cfe412c28d9704fa96be8143ed67ca0d4272cd0224a7b42f

SHA512
df831c5310aa5b2d27dabdf96784066cb76f5316b33e5aa19d5d716e339d0c3d6a5e8fc4569b768900dba5681ab12504f44e08d9ffde6cfeff399fe0deca35c1

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d32601f282b9aaf794d9ecc589acff57

SHA1
e46d94b4ae7094d0eecd085e19116b5c73d87f1d

SHA256
b1e58d210665d8712e77e499194d7ba8cf69772dd44374594210cb8eb639b605

SHA512
ac6cb196b75a61a1349547522c897bf229070998f9f397aa3cdd714dad8f6d2a3014abc6fb18fcd42f3cd7c1df717e645b752541a9c279b5f825ca4cc9ae30d5

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0d090a8b7d0114f706a57234da40b2e4

SHA1
2f37743669eb2c659c2f70d0672331fba1284459

SHA256
be01113ae925ef91b8d147ba6bc5c29efcc5e0a617e1a46fa8d6d12b6e2a76f8

SHA512
bcb157676480f3ae2243778752175042cfd63e5a36c097e7b0590a5979a6e87ee4a598434696fc98ec558c757533c9417195501c1f8fbfe8df9ed81758fedf26

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
913c838db2c2e125e2488c2a729dfffe

SHA1
ee82e6c69121935bdb782e1feea8ae33871d61f7

SHA256
e4f846094a9ab0117122dd120a26e1a568802046316522f9360324d9e663f006

SHA512
77aa63714ad3485630617772766c3284735a206394e765a2bd58cdcba704cd214de143d51edfe3c3d7d1de9b05b702b3f422797ea86ebff6486cec84b5988fec

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e0eca34f29c08de2b3785888d413b710

SHA1
39322777226a74b514d81b7ad02e3cff51efabd7

SHA256
5fb7b77b1add65552698fd3fb99eead4d758db60dd844f09505de9f0195f6a4b

SHA512
29f890fbc79eb69a5f0296d0a2048309d1ce1a257a9cb8eab904d308dc7ae2ce8fd166c4f4a7b83ff46d56592a840039000535983efb055c264913cdae329326

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
06781da2cacc2007711e367ace3153e9

SHA1
26a6c1ecff870eb6eec73371860e134687e94bfd

SHA256
70d696602e5f20d209996bf4dec2d76391e040655cf36ba1d34c8ba1e5839103

SHA512
c67924eb7ce9fb0d6719e7cae94b1d90e939f0428b0722d4076473432ce17f0f0de2ebeffc4c3ec6f58a0e1168cdb2224335eab303f9aeab3969c3bc8e86b1e4

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
110bb0fda19c8277d0799a1eed62ddce

SHA1
9b42072b7ad5e7722bda1f55aefe8994bfcf54ad

SHA256
6a365da9b322db8a0a9c1df214f0f89f3b7e42e44ba9766b609f98df406629f8

SHA512
09851ec98f6785bc51b104ab072f38aac813c8232c546355fd1a84dd54dd2c1165cc2a1764373df4be3e57dd346cd4562cf0df6cc10d5b509c7fce9f1986c651

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c189a0f28a1e95cdaab92e5cb9b264a9

SHA1
cb310d61dd898cededd36a1699b5b45cb01f5380

SHA256
ac5809313d7f43a0361d933c66cbd67c7c5f7a64303ca36d0b2e12a2679be116

SHA512
e109e06e774150308f52d00f685f5ad948d482e742f501cc011ec0f5c9fbc7b1f9bc67f6dbff393a534533598e827e2ea1e1f7c623c5f538be7e7444bba392f3

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d0448469cac9575f2020631b578855fa

SHA1
9d0adc7f730a82f5a4b05ba89d69d0b5d2c0638a

SHA256
640004b742d1ef6dca004266976b153a142963056c94c533769fe8a088e99f38

SHA512
327f5f0e3d117da41fa6471c368d065538ae8ab67bbb1a7fff1bc2b91aa21156e86f6908f9a7f4179fdee65320da885f5c5a1f588df736de667aae4839103ba5

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation3348556850148907799tmp

Filesize
567B

MD5
5a0b84b5e0f2abd907a9ccc46c78a537

SHA1
5a9ab52f856e8a6143bf01155e721e5451769f3e

SHA256
a6dacabc021cb198aafeae7db083ee30aeacb84bfa42ebb616f02db1da6863b6

SHA512
045a25d9c8eaf763cd6ea46ba742560f2539892a8c77c70d0a43c6415b377b7bfe6278c762f5482a417e843a3884e9f6af161830aa962b3552bccd9f9a72d757

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation9211447392338527347tmp

Filesize
90B

MD5
21998bbc6b2c5fdc5051b917b4b6153e

SHA1
5c0490d3ead3416b01cab4d0e6d67dae976dc1cb

SHA256
61f03dc38f09d879880a8debd57cadac7778ecfc8a5d5f801bb7df590a8171e3

SHA512
a1465530b34aa5223a00f7057c3f42826a8bf8baddef3797e6a55489ae82d7f5dd9155ebd1eabdebfb6524d18abf28eb36ca1b476b4399c0ce0f56dffd987ae3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads