Analysis
-
max time kernel
20s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
24-08-2024 14:05
Behavioral task
behavioral1
Sample
app.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
app.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
app.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
app.apk
-
Size
2.8MB
-
MD5
12a7837bc99946ce9d24dfffaffb3e16
-
SHA1
2684184514239d29ac2724a019f64f1a9ac81644
-
SHA256
464c736df632c2aaabc3be139cee8784daf74d363752363061235585d985ff60
-
SHA512
b1b8b11a06fcc8bc006c472a383e0727deb2b25c077b85269df78924c301c42bd63d679db2e26d41396b0894694c492fd78ed4abe3f01ec685f876b5d557c7ba
-
SSDEEP
49152:6Tbdsl35rnglmqdJy2WTx8Xt8VaamfvXV+1tda1Mt54OLkf2fbFfNTeMv+R/V:6Hy0mqTy2UU8ViQv+Mt54CjRFTeMv2V
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener X.God.X -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock X.God.X -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo X.God.X -
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo X.God.X
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD591d640a6a26512351f22184d95be5fff
SHA1c5052fca3dec579293af3361d38a3e804ff3b300
SHA256d7d3b295f37b6750f6a3326f26e9a490cdef4e16b5d72e70f28667a8d8a314cb
SHA5123bc2a0800f9cf73f78ed91943ed0d6a6f50d3bf78d12e5c266ef287e69e9f122a48427bbf63bc8630b3edc6322bf65d653f08d10b008ab836d542f74b1a75012
-
Filesize
16KB
MD59ccb6d7191cabf9f7f11bc7df1958186
SHA14e9a2bd564409d99549e86e72f76675db0621587
SHA25693ac56a87a84ed508ff7ace2c2547a194478ec07741f2a057a40e1ea12dbc607
SHA512b689cddae82d45b5b344b428fc2e5ba12c1eb67aa3e6cbce950f928a0f00fe0f83202db4efb54f9dfa3156f599b988d0b3f0a2dbe9e5b7c09a4a861be93c5ba7
-
Filesize
16KB
MD5573434619496a3a0d80ede36dcfdf491
SHA10c8a2384ad398a69c8ae7848393b91bb081ee0c2
SHA2568c11f30a78f2bdebd3dfaebf0e15cfd4c81e22934c83356b9ee1e9e26ede2768
SHA51213a3988e145fdfe7fba0a04538297e408704f581bc3327c5d23b02744e5e806411a7517ea3426bae662c22bc9dfc52944bfeec321fc4cc41d986434070f17eda
-
Filesize
16KB
MD53d9d3aa6e3f26d3da355dc7d2dc594ab
SHA15272cd6a1dd09d75014e56ba51ddddeba8f50d1d
SHA256c9ad6fc8e5137b7b82fe786af4b0df27f8f375615ed4bb4d869100f90389369c
SHA51287c114ef8ccc175e3977f860323b5fe99c8b050cc5d5eda2ddea054652230fb499b46bf641c3ee8aec3c48cc2770b6026d9c2c402bd811ed04d5200d19e1a00d
-
Filesize
16KB
MD5de82e2c94d2718988804b035a46d17b1
SHA1705f5ff19093ad209f2a666085d6ccaed3bf58a4
SHA25629110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39
SHA51268f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e
-
Filesize
16KB
MD5d9cf75fdd1c2292d986f6c3d5d60f2c8
SHA107ecb1d3a26d952ae5fecf54f36699ab498510b1
SHA2562d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a
SHA512442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb
-
Filesize
8KB
MD5845ef5fa3f91cf44ff716a035169374d
SHA1858becaf2cdeabfa47c389055ecbb1dd5c7d9fe1
SHA25601011e4323b737604529c60bea1f671c7b88787a0b96463896d4c870bc56d0bc
SHA51228c929f6775a6d40a0ea829d20d673b2338eeae12a2bdb50448990320fd8400b3220152c761c52d32dd7a95629b3cba21fa72c5c063820b8039b6ea355c526d9
-
Filesize
8KB
MD56b64e7a5331db226bcc7c5652c2b11e6
SHA1a9c838f351875265010324bf0becc226714404f3
SHA2565658d0dd4027428d06ab04b1dc6a6221cdbb2889f03115b3bf9394142631b685
SHA5127a3e4951ee53cf91dfa7d4b79ab9d084c47133a5a83857514c988401d23a8d4d70f907e0b711abe6e4f3f1405a5c27b4bee7edfbac45c677a37a83092d229507
-
Filesize
512B
MD5148cca7ecc9cd58d0f72d7af9d5d74fe
SHA12285e32a51fef98f82a1134ed4b97c1c0abb0509
SHA25689b5059b56fd92c61b46bd1d22a318538fb0849767ecea28dd31205fb20623c0
SHA512621856fb607a5d127fddc32dcdda1843e00523baa62df139cb30c01bae8b92ca2eb9f7ab50e853b192ac490640326668b45d6ef6f027910297fd4cb84ba3761d
-
Filesize
8KB
MD54658f9aa5ea5b51ef6a9687cb911dc72
SHA17e709ff8badb6bca90973697c0749be530c18df3
SHA256fdc54f4892433735e53106bf06a63bf47cf68280dc88ba9e27f65ca9059145f0
SHA512d7deab59a041f4e85c7f582d873dfa5800d37145f241e48b193fb3e6037bc13f690215a5be4115d9248066c60e89307fe2654a7edf5dc9dc2fb49f660546b754
-
Filesize
4KB
MD58e420cdbe129ad9a2783a01c51bd453c
SHA1db0c045cb69967ec8ca35d4a54e87f1afc826c9a
SHA25661ece7ebda40d9528a5dce2debd9eb64131ad7f442a7cbe35b57c333da177857
SHA512e96f5d95a8aa8c6838fb5ef2e7682d74f7f7ceb26da5484eaeec865552eef2a6eb1abfb2ad89d01f7c288689063e46dbc346bebaa67a64fabd26a4b5889f38df
-
Filesize
8KB
MD5dbb931bc50bc105e41c62a852662402f
SHA1a5a8699a3789f404472b7749f1c0345681ae5bf6
SHA256908ad5828bd1ea79e6dcf6c8e9cf43c9dba280bfd721ae9def90adb87bba8ced
SHA5123f7a4cce1396437bf857fd124a73f7e8411c1ebc06c305bb6ed0b2d2958bc008ce3a204720ec1f5368956824d1f8c5a9308a678855b7404c2695e5c0dc5215bf
-
Filesize
569B
MD564a6f69845ce807fe1541b5b3524d80c
SHA1351df2c3150004091c1c406aa7ae42ef7fc15020
SHA2566f08a308939dbb510c484a6a7c4c85a3dbe551c2f6ec4ef7b383097d7be32016
SHA512a982a3bdc0935c3925c01f01f68cb7c534e2d7155eaf25244cffedc39374e1126b951fe84e1d48205aa69d475a509a9b09e8ecb821ecdd598725684f68e8721f
-
Filesize
90B
MD5ab5d5e0817038f9876cd060566cb0714
SHA115fd684d3b6aee6fdb32be8e9865691e59f2822c
SHA256175fa0890571e30c4a724fc106287c773f82f5ac816939922f8606e0fc4f79b2
SHA512dc4258086580271bca709e0bc7f7e27dc207650a0097c41c6c3a8dcaedf32000832a2fdcfa0324f29637410ed10482a8d9346056b90a372ba58ddd78ad9eb0d7