bb911c91ee232cc3bde5595f29455b0be6acbeb26328598f550ed3f657f40c9a

Analysis

max time kernel
26s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
11/08/2024, 22:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bb911c91ee232cc3bde5595f29455b0be6acbeb26328598f550ed3f657f40c9a.apk
Size

3.4MB
MD5

06c9c647ea0045ae66194ecb0c9e69d2
SHA1

a33259d692603fa90369c7376b3ce103788c50a5
SHA256

bb911c91ee232cc3bde5595f29455b0be6acbeb26328598f550ed3f657f40c9a
SHA512

ec755ffe1edb7a3f7bd6c60e77ac2237dbbc8c47c3dbe81060ec754bed07720286742853309f0421d92094efb179b9fbe590d1f134e32fc5febc317da5f6fb71
SSDEEP

98304:E4uNzCckIEvOV4TNtKIGgh8tuY0BhHS9hl/:EackIEvOV4TNtYpcBJSZ

Score

7^/10

collection credential_access evasion impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4461

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
6653f3d4f2b7f9a4689005fcf3061e68

SHA1
1689da1bd20383191c2158fb6958656134c2ebf6

SHA256
04cf779175147351d88de22293027875c5d41dde651dce5e99541c741b9ff712

SHA512
a89afdcdde460ae97e689b6a25504aee0b92d7d58e1a7c0adf8754203db215d239af6c8975e2d9ff6264c283cba5faf3f085f9f5bfcb280a850467c1b4577974

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
7df54a289457b4ec7ff2e5143c864d2f

SHA1
c45b9ebfd8b87bac06a8d8f6f58bc6a58bf93e82

SHA256
4213531993823902279b59ea522a1fe3fa0bb08cbbd66c69ab9936219d391e92

SHA512
e673bc359fcfe7a761fcc7a2b249002e3bcb862b6e8ad42fbe4737cd79af0722c3538894f8c8f54432d919a2a2fd60a76d60c8dd2bf651e113758f2d791890a6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads