9c43c8badd2b7c12b5fd9664aeaf536369655d068d4b3e7f29f3731f313be384

Analysis

max time kernel
175s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20/08/2024, 22:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9c43c8badd2b7c12b5fd9664aeaf536369655d068d4b3e7f29f3731f313be384.apk
Size

1.8MB
MD5

1806a592c272b86e1702bb0a39f0e6cb
SHA1

c6a9bc516aea2a9d5f95fbe2a6d9e02c93f5cd7e
SHA256

9c43c8badd2b7c12b5fd9664aeaf536369655d068d4b3e7f29f3731f313be384
SHA512

7f814f2be4dff2457ec1c537af92aecb67569ccb9a3b10f744df899207c40ba41a3090454fe189a0ce907980ab4ee6020f546d9593c90f10889504099987f1d7
SSDEEP

24576:h3XGYzmyQwaW9jIJTok7hXIkTW6zQJPS/2saQJmFZYWtsSA8nXWjIlGME2sn2c8v:hHrb7I9L14kWpJqfJWXAeVtAgSgTLl

Score

7^/10

collection credential_access evasion impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.mikklonline.onlineservice

Checks the presence of a debugger
evasion

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mikklonline.onlineservice

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.mikklonline.onlineservice

com.mikklonline.onlineservice
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4610

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mikklonline.onlineservice/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
2542e5588546d40b042b52fb768945d4

SHA1
d62e4902a64803ed1dd1d69b1f62fd67b25128a9

SHA256
d172e6b0cde470b955d0909487454fc602a987f21f9a1baa612e867b8d81d5f0

SHA512
c2984a66492e9bc13215e570c83f4878092598ce68926e1b1166e04a0c5e86e0148788f8baf23c366468630985eb1d4bdb99bcc9dbbcf9ab457348ede8540786

Download Submit
/data/misc/profiles/cur/0/com.mikklonline.onlineservice/primary.prof

Filesize
1KB

MD5
7517748480e652ac2512e7a68d4e7072

SHA1
d034b5cbb3475caf85b2ef4f49f67647fb6faf98

SHA256
1ffd5d8b6894d6632fc95b8b2cd43ecce8cf84fd27b57730d5eccde79c53ef65

SHA512
ae93607a8d695fb90d56cee31f23d7b796d8ff1047849602752e7cfc8f48f0d702387e719ad2009be0c584eaac49049b8d5d85673f9012187656f56e7cacca03

Download Submit
/data/misc/profiles/cur/0/com.mikklonline.onlineservice/primary.prof

Filesize
3KB

MD5
ef6442feaa817b59cc8fe7a757a5b3d9

SHA1
029ab69e634a7c5de72cb070d96a151cbdb2bc19

SHA256
46081beb4734813e45104472034c1d0409de10368acc9422920d46ecce347724

SHA512
1d04bf86267dfe8779942a97dda2067df23ae91872ef7bd2046673b409608bdc271be8d9acf2a0ca722d97a678443401cd4042b0438b36ad04da05564ec93e60

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads