439e53498cb3e748000300269bc2aef86d1edd918d75cf1fbaa7fa9137ce939b

Analysis

max time kernel
123s
max time network
186s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
17-08-2024 15:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.4MB
MD5

38cca61c45f8473e92603f63361f1b49
SHA1

1729f9318882c1f2c6183a9782cd1347a70336c6
SHA256

439e53498cb3e748000300269bc2aef86d1edd918d75cf1fbaa7fa9137ce939b
SHA512

936f2b24e03efc16fbf8fa42d1da8a95e104c2126b61f10aa79ccca6579ff927e15cf499ef73271ecd9c245c317dce6ebb1f5d9365e6f826f68999a760be6a3d
SSDEEP

49152:HQtQEZV22hZDft1rnIxlPntEEXil48G4/WEbGq7yMu:HQyYMkDfUVErl5Dyt

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	mad.net

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4941

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/2

Filesize
62B

MD5
ab4d0b667cc74cdfcf9d0fe250dfffea

SHA1
3ba08895661fc2e360ad8c8baa3b31edd169850c

SHA256
b90924af71920e56b43023317d07c73be286755fa6cdbe36228201e3f99b0190

SHA512
2bc400502ae045f77ccc47955601b8a18d2bd6451584b19c9aa86748dd04c1e7f5a65d91bb7bf904b9af60e94825dd144df0b8cdc5e562d0480072fbf51f85f7

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6a0a586ecac73eb8830b2dd3a607bf36

SHA1
a938418edf016c87c195fd4e26129dea1ec26e72

SHA256
5ef9fe908bc0aa88f2a2a0532be349c7a04d64f72e6b54229c0f3aa11bbf17ea

SHA512
c1fe6188f246392449425c9c64c1f515054b4f29d246b99709de3aacc5d74ec7c9013b8c96b7fbc675833a9089bc3d26e94fd84f2d7abdc44d31ee4682793331

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
908e1590cca9c8db6fc4cd5d097a3f3d

SHA1
b0aa84bd308bdc6fd7d4c9be993feea1658cb6ee

SHA256
f92ea679230af7f93c2f18275231e98b11aa8df322d22e9c4f00148eca529485

SHA512
a6ca4c6f83c82c45c4ce56c54a75db068b88c0ab0bf062854405b33d7345b9687225dc1a56d269448a567b6143c01ffbbf72b771937677b8bd30308a0a64d4d2

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e870844360eb3371b68afcbc2cde068f

SHA1
b100a51f9345babe8fc0508f012671ac7d1a7a95

SHA256
5cf65419b666af545eb980a663d6db0987406fb3b09199ee97adc932a7bbc9b9

SHA512
8cddc38426547026cbf6d393ea4c8aabd19401d4435ee958aa635d5d01b6cd082ac67493c7916d8ec7a8371b0de9f82fddc8441c3cd6f3a078b9c1d710dcf583

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
26a920b6ef84d111951d084db73425a1

SHA1
f39b1377c229bdf5972385ff7e0e1b780d314ecb

SHA256
496cbf854267e60b11814fe6602089cf4e550297cbee9ef0a4d2bc4bdba732c3

SHA512
0ecfe01f5e5d5384c246619c2b23424b2397c4a3a40dac5f25721437855a6466431cfedf4c8cfa61d18470a6f7224649ec329513bb2d8d75852417fd149f3294

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
6f8e5be7835a7b573f74ab0dd24b1b6c

SHA1
7717350604a2954726ea378b5a6734c112ac8602

SHA256
d76c851c533ab787d6987f55bb70bd024be0be552402e956028fdef1a39bf73d

SHA512
793eec2d789cf3312c68f9bd0eb8977ced5198d4a49381e7e90c42a610798e31e4576590a1136855bd6eb7f1c37c2b1b90f0facecf2dd7e4e7cc2496ec1eae61

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0f3505dd5b55cf011ece15adf4eab514

SHA1
c926601756e387a74f151386bd0f1bf86caea281

SHA256
e8ab7fad7450f1ba52d07fc6536d4f705483d8904f2862a48262268b2c2d8bd7

SHA512
d122ca3947fc47d8f37568fb1e7879a7361fda8c56be4d770f2a8dff1227c72f645e21db21f7964d07a695b7b7788a2ad4f4da0fdeedfed557531a62abc10c8c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d968f1db5a84687dcf1b2d663909b86c

SHA1
3ef071ce06e53f5db55cbaf06ce67d214bede932

SHA256
8ecee4d776331e2a47ba73a3681368e79929029bb923bddfffaebd4eda73afde

SHA512
d1fe52baae41bf39c67515e70803d9fe246e67caa3a8a4720075973fe54987fd7666d205731189d2095ba39b9093171f3ba4d5968901279a08330baf8bba0aa0

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b8c1fd46c9d578373780a59dc91d10d4

SHA1
601106430238463d9da4daf5d39601becb05a958

SHA256
568dc5bd7889ba56c30efc6ea706d71893ca32bc109c7c454832a6b489d9bc07

SHA512
129a0b0dd3a3ca3418c6b5aa2368ba602fd4725a5df672763db8ee50c0e4dfd40c67399bf8830159e68a2389c2bea091de24849dd2d314ed378068898a6f2e2d

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
2af541c38a8c20cf4eccd39aa9a6c4fc

SHA1
52cad97e259a9ac1f8b669715b3c5b0f7203b529

SHA256
0814810d4826affbb33fb064305dc699227d49d2cccfcc0ceb7abc342498b9ed

SHA512
34eab428569dce1a397883077de0d91b4ab4b566c1b45cc40207f4d7a21b5c51edfccf313e3bb5c43761d3df8014d5f27b4ae90725f651d07e50142bcc88e1dd

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c24d6e79f2688447b11b411a2fcbcbf1

SHA1
a39379651c53c13b93f01b6fe80e00c50db789fd

SHA256
aa6307de0664bbb9c27600c1a06e20aa1d79da54375836189c0abbec59ae36f7

SHA512
72cdc2ed3bb062a5026c7101770a0b1ea2c2eba4788805e317fa6b5487408b0ac6cd8f19b57bd84b854a65d3831ca51bdba2362860cf8c4987f60f632ed673cb

Download Submit
/data/data/mad.net/files/PersistedInstallation1249960826470918931tmp

Filesize
569B

MD5
631109ca40c31cfda9fb73e264608738

SHA1
8c674518fa1d110a57feae3afec6d13fd48346ef

SHA256
df510f3cab0717298c1ee7b4924a335c426fdcf5733f69bac9fa9e88a9f94687

SHA512
23132631dee7a8d5b1f9a530446868515432d5f92ee689bc8d0d86803de20c5d5822bbfa7255ab5025f68884195ce7dcb059df399e8cae0575b872e4e7339142

Download Submit
/data/data/mad.net/files/PersistedInstallation2572711387945069932tmp

Filesize
90B

MD5
5d6e63efea1ae4af0ce0c1ed37c9b350

SHA1
5344d39f286ac4f97f4e11b5de02d77b8d3420ad

SHA256
39350107db59f7e3ecb62258ea93034955bc3229ad7d9ad8b30b6f2586598fb0

SHA512
995972102a1fe9abdc36198fe19e5dc59f157baa61df2cbb90f38e6b19e7416578586c150993779e220fe47915430725073ab2951f56919145819568e0b099bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads