e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8

Analysis

max time kernel
20s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
20/08/2024, 02:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8.apk
Size

2.0MB
MD5

71f6cdb3d8eebe1c8e7e26896238e571
SHA1

019134386a6d900d61285e5e986249928a9504b6
SHA256

e4d7484b888deceefeb17ee346821a0c9d3112dffd5ad57c71f4df7d304580b8
SHA512

740e8bcde7462b99972ea472ee0cae53f4f61fcdc6d9ca1c8c44d0661323178c891f7fe82052cd7bae7239d7a953a6dcdb5e6fc42b28cd4acc9e1634e284228b
SSDEEP

49152:I8FjWz5Kzip37zl3fg1S1RvyzHth1mFI1/3Go1eiUMG1VummJwga8TGi3U/kX1l5:IIhup37zlviS1GHoFW3aiUM6ummJwgaE

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pl.spyone.agent2

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pl.spyone.agent2

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pl.spyone.agent2

pl.spyone.agent2
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4535

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/pl.spyone.agent2/databases/database.db

Filesize
76KB

MD5
0379f2b646309bcd59a19760005dd257

SHA1
9185b00c3401321841b1c7edd10624a13c2dd47f

SHA256
62c0d663334435c7b56f7ef5ee45ef1e1476f9ef39ea6667dd48962eadb0216f

SHA512
387a118af4cd9315a8e5323b7a2b78e5214b0556448cdf6a68335ecda5615dfd0c1ca0313d8b355e8489980635319d90f2b7b25889b1e556c11b7657bc184fe8

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
512B

MD5
4f62f423bf8a2b366c03d0bc9e7b9d96

SHA1
73b9e97ee03bf68d62d54648c2747262b6500bdf

SHA256
45d5b30f3b571f31e79f9b9453af5f2246cdc74b2189509a38958e9cf407cdf8

SHA512
83287214adff79e23a352db200a4f2304accce46a74ac5af4a9210e010d546befadfcdae74783c1730160747088764d221ab507e0c7cabf2e39b92db6bc23525

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
8KB

MD5
3a14079743d9ccf9be7f8417ae00a9a7

SHA1
879b72f4ac433d81bcbbc4794c7f6a9e297cdd56

SHA256
92ad3c6275edd3814f4ff036b9822ccb6d60be9c628829086113e6f3f9dd262f

SHA512
6c1b751515e802810126a4ccf19540c1b026c0c806ea98d36f8603cd0475b3ed36a50135295e19fcd1b9ff546c47e6404c688d34153bce427cf7703a159b3820

Download Submit
/data/user/0/pl.spyone.agent2/databases/database.db-journal

Filesize
8KB

MD5
f681bcda9fa0c678eda108b10f1b0e91

SHA1
da96e781214d014f6b275fba8f9160ff5bf57384

SHA256
15e6b6d369a9f952e0ae09ba77fd4f9d85e3e493ebfc39a4984c81ad836064ad

SHA512
a442d1247240527d362151e9e06a12450961d656b4a9c2c41b10bcedeabae79fac4f4143a9d3dd13a7265cb758373604d5eb57627fadca647a6ea7d85a253eae

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads