6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d

Analysis

max time kernel
25s
max time network
138s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
25/08/2024, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d.apk
Size

1.7MB
MD5

76f13d5223bc46d68918c4cdfa72d852
SHA1

227a7d34ce680568e38a5f893401c4ee22b3919d
SHA256

6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d
SHA512

65ce5ad8f48b1157d2c55e5f2f45eadbbea12d8c87f3fde7698f36f9efafb49bea2ff3f81e0dafd5e7291df52966e477aad01aaa15afc0e1e889611a8a33a4c5
SSDEEP

24576:7N1gWZNzEKshPPX2pKwquQkmwOuo0uz99LlcOjCFJLu/u13AWEsicWDgSHKQ5Xf:7/GhPPX2QwykyTVznbg6oWgSHZf

Score

6^/10

discovery evasion persistence

Malware Config

Signatures

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4244

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
092485d105e8dc1c80929c9812463e1e

SHA1
c12a6406035d9331a5f4e132181a93ac0817db8e

SHA256
9b7c4293c131b6d04856ec1b056e644baa057ca65f579f6ff7adec1b67db1423

SHA512
a3889431e64ae3e156833ad32035faca082ec8b54f2efb8a2ee2294d08acef3da43faeda8f81fb7946efb7f15d27932e3e5f24287c069b06b1d1e0dfa202e0da

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
ed103d9f00888ae5c731487d34f5273b

SHA1
e203cfeebd7a5b2a9d5a8b6fe3a01bce09026cbe

SHA256
89ba81ef4fa1ad2a6ddfbaf67fcfe795983780fcd149d9b8b7d1ce5582c00f50

SHA512
31786f4875e8b04647a60dbf1950bf092fff3ce361799ff9991430b261d9c02c9e17717d46d3e55ed94db32df659e208b2fcbb3477ffb18a6cd42b510e883f0c

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
549472216eb6b4dac7bb8a0399542600

SHA1
0293179c1fdc22acd777bc34e2817ad3e78f0796

SHA256
002dd7512f5a5c1b0af98bafe741cee875545f8d2fee939a6765929c78e1d81f

SHA512
9703a86c51cd1e731d54c89d34bcacad44cdc46302201d5833bb91037f7b66a6810b58ffba2d4b4ee4470bc7481e5e998a35470150eba884f31936cb775c2afe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads