fd4a3f8706baefc3ae3116bc5341cc019af561f981603d895856291610106e36

Analysis

max time kernel
26s
max time network
160s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
11-08-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fd4a3f8706baefc3ae3116bc5341cc019af561f981603d895856291610106e36.apk
Size

3.4MB
MD5

cc7fbdbb55dfb3bf35becb9a4e7feaef
SHA1

25e3b777b23c2d4a918a30144f7836a4ef11dc01
SHA256

fd4a3f8706baefc3ae3116bc5341cc019af561f981603d895856291610106e36
SHA512

3e7f290fa2cb364d9da61721f94b342a0db9fec9eb13a16f55142a3a104cf624295212fe9b2dbd83fcb403bfcff39edd2124787ccde538a589d612b023d14f9e
SSDEEP

98304:7B3KeEEw5k5EvNV4TNtKIGgh8tuY0BhHQh/x:7BUk5EvNV4TNtYpcBJW

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4242

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
3da7423fe9c401a35a1e64a645f75a23

SHA1
b921b502876a20eda1801361787e1cabaeb8f342

SHA256
76e7dee3f16ebbaf67b043174ac1860241023cc8d3429ce302234c27c2f46e82

SHA512
0843bfcb606482fb48e53d7b3781d3bd26449e1e2ae763a9a6d914cc7e8f9c86ba01c82050a213411d1be094330dbe2be648fa01f5a20c7ab6eafb54a4180166

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
a030915efc624a22ab3bc4c4093e4c0b

SHA1
819c5ed5d23bde04f668f2b427228a1e0c34b178

SHA256
c8c61743c0e81f70e8dab1e82d74016d2b8ed61ab7df07f919b68889f648e0aa

SHA512
705608156abac7e8e3b6af5582c2b0c21c31666e8d91de52bb1e46d03eeedccdb7a383837456970eec766cffd6ec59620d589ad1235058d9ae78372f39aeae93

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
af9a770d7f175831c11e042f91343628

SHA1
9e47caacd6588d3a7fdb8dbd88c36ec6b5d96be9

SHA256
4338bfc67bbd2695f005f51f5ee04bdf30431e8e67e4f47529a3b5584660c1d5

SHA512
124538915110b396d9e96c525c289a75cbf4563d45a0d441967fb7dbb59bb90f2c41f9658a2e5b12826416bb1fb60c5b8eaf91daf85e61c9c0114c9421c35f39

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads