439e53498cb3e748000300269bc2aef86d1edd918d75cf1fbaa7fa9137ce939b

Analysis

max time kernel
175s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
17-08-2024 15:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.4MB
MD5

38cca61c45f8473e92603f63361f1b49
SHA1

1729f9318882c1f2c6183a9782cd1347a70336c6
SHA256

439e53498cb3e748000300269bc2aef86d1edd918d75cf1fbaa7fa9137ce939b
SHA512

936f2b24e03efc16fbf8fa42d1da8a95e104c2126b61f10aa79ccca6579ff927e15cf499ef73271ecd9c245c317dce6ebb1f5d9365e6f826f68999a760be6a3d
SSDEEP

49152:HQtQEZV22hZDft1rnIxlPntEEXil48G4/WEbGq7yMu:HQyYMkDfUVErl5Dyt

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4511

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/2

Filesize
62B

MD5
ab4d0b667cc74cdfcf9d0fe250dfffea

SHA1
3ba08895661fc2e360ad8c8baa3b31edd169850c

SHA256
b90924af71920e56b43023317d07c73be286755fa6cdbe36228201e3f99b0190

SHA512
2bc400502ae045f77ccc47955601b8a18d2bd6451584b19c9aa86748dd04c1e7f5a65d91bb7bf904b9af60e94825dd144df0b8cdc5e562d0480072fbf51f85f7

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
74be4d1408c3bc497a911fa8d16e7dda

SHA1
807d04a12018567efa29132e2befeb920d49dec6

SHA256
d86bd419fbd13be5a8b36e30a58310a28f294d68db503258004bfcb405c1d147

SHA512
655176c33a0df5d7bfdd31625282555d1f7bda4ac8185744e677976b699adef24b5868ae5a4cf0845a0d3ad47ae184ffdf2c6109b185ae74dc79de45a9f01752

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de09ddd09fff944e8309979612471a28

SHA1
b56ad54dd1ee2c988dd61936db28b0de707afa11

SHA256
a5e86181b266cb7420f33b3f2d70fe232d8b3acfbcd084cf6b4a3533ee1af51c

SHA512
fdf454fb0b8b3bbe5e58212c0724beac129bcec7f78ef5a3ac63d3cc54ede71a6f7e2fd4b002829f0e643f5ea6d7c3285ea6e3fbff994f40a324852692a649fa

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
85f865d44ac855f31c0adacdf9be105c

SHA1
6d2d6fbef5d97d3102648656340c7c857e5803bd

SHA256
50333ab6617a2cd79314f51584259389d30ba597825589b6d55854ef844ca644

SHA512
79ae41e6fcf8955f22cf5ddd0b291fa7863b17691398e1bf863de06925f75207b37be50bc69752ca9dd2f01c95183c5510999c4153a36950d4b9349ad2c5eab9

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
149eac01caf3b5acbe921dd7fe917430

SHA1
250c52abd8c50ba2797229f879655688c9a79b74

SHA256
e8c76cc367f61d63b0fe7c12ed3ba95b24b02bf13014f4abc127f9ae475326d6

SHA512
84d8cf62210438692ecf5d5073f023cca82a38f02f4c60e13515faca90b1033304f6966a7ab5fcf2f64035a5fde5e276b17c8604b5676f15bf7f8a747fec45a1

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
c153b38280b2e45b114e30aba9a591e1

SHA1
22dc7826b85d5459cdca96c777102a33be59dd1f

SHA256
a64907bc8f5c6e96e30d3638162e506874d9d9e6764e88b05c41e28695af7f1e

SHA512
c0bd3a64614844857bdc46ff5c3253534265fd9017d2d7be11493d334bcb4db80dc5dc8e9cf30bb54e112055de3d3fa0ccf2383e673d5af73a0b60034b1404fa

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
704e03a05a3168fd3c082f590c8270c7

SHA1
4cbae332232c7e1ba3f99262028e66d3c8cc2eb7

SHA256
1c7f471b7701c6381cd16b63ae0c4a95eff123a21c1a833e6f69ef910c69fdbe

SHA512
811ef9a345d394b4721c2432843b4b00b6312786195d57260d28e74aaa431d694e97416c85621b4c4849d4598d76c54c4773d9cd2d19669d3b65bf990034da22

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
af041556e647bbb6ad434b9a14a5e7a0

SHA1
eb95c4739b813a51dc31c068507e5d34d5e36df2

SHA256
9a2d91236ad8dbe1312e61289e9ad3dd53c5dd6be5a0e50fa29c90602b896ae3

SHA512
ee993d7fad8ed1134f138e81d4b362b1d51eebf1131ecc3b296219c84646d0b277709979b034d2bb5d43d74db9e976cfd8341ee942c5d8b96aae45ac3c29d0df

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a5153e108e2a6ac23f3845270fd2321b

SHA1
19f4de7e04d18c696774e1127a486fa8ce8a7a98

SHA256
7426a2a98bf00973d0793332ca3c022d69a9d343386ccd4dc455a30aafb6eddf

SHA512
3ad4564da0741ae56d19d31f2c2b314403411da7f3652b6080fbed56ae05c0a697f414b55119f212f4da1ff66d37b689826c906645734bc3ad06704ab4087d11

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ce453d06e85fc64d7a7f25afeb3fe658

SHA1
45699b84087d32071eeb547ab318815af1f4a7bb

SHA256
5ffd70794a6a0e05d12fb225dd60b676f38815fe83d4ac732ef5a5b575cf39ce

SHA512
3a7a5c411d470e65d2b98381806173d01cd60cd0210624e03ac85709c2b3a0982156df0568c74bda1eb015bab299ded564d050eaf40370547f380ed2f92eb867

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
277c306f18daf0aabe3e54d2566b1eb5

SHA1
b6df2511b87e940d2a39cca8b461d1584b1dafa3

SHA256
1c5d570051d52e9f2929f18f54875a5097f9ca49192c88437599ec2531392e65

SHA512
1d7d343b9769af5bae63789920199c4937072dac0e053b2609affb3363b0b75c8e9633f0ed381e35904191f13dc9d912fa9bc8ea952afc9687e27e4c53d433a3

Download Submit
/data/data/mad.net/files/PersistedInstallation4497786163312538026tmp

Filesize
569B

MD5
774a0925f9e06dc4d579add8db9ae48a

SHA1
7a3e3ece8731feb3b8aeb46d69d98d180dd1d3c0

SHA256
cc43b2533fe9be5cec3a5f22cbd711ea1d3466ca4a20723b982ffb91eb7d354b

SHA512
6355db0315be23d385186db733ca3c4f664a6e07d4317cf987a98270ab8eae37f88bbda4564ada91a13e4db2d4505f9df80bc8a86fb731651edc0e79ba668eec

Download Submit
/data/data/mad.net/files/PersistedInstallation6484140875528352109tmp

Filesize
90B

MD5
82ecf87c95b7bcaf42dd195ec04f906d

SHA1
90d7986f76f3118a1a78c753399eabf964a46cf2

SHA256
6b676baa2c8c75e44229b187fbb71ca6935094c5ace04c6ee72dde44a03e0716

SHA512
d0a4ba9c5a3acace9724dad1a80d63507115b8cd393364375c1bed62843377834f3a5791744810907ce55eb704606c8f117b9bd6cd7f32224cc3746d889fcf8c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads