6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d

Analysis

max time kernel
47s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
25/08/2024, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d.apk
Size

1.7MB
MD5

76f13d5223bc46d68918c4cdfa72d852
SHA1

227a7d34ce680568e38a5f893401c4ee22b3919d
SHA256

6547db520e9151abad18f578065b1fb3ccfc1ab29c5525b5dba6ba38067ac84d
SHA512

65ce5ad8f48b1157d2c55e5f2f45eadbbea12d8c87f3fde7698f36f9efafb49bea2ff3f81e0dafd5e7291df52966e477aad01aaa15afc0e1e889611a8a33a4c5
SSDEEP

24576:7N1gWZNzEKshPPX2pKwquQkmwOuo0uz99LlcOjCFJLu/u13AWEsicWDgSHKQ5Xf:7/GhPPX2QwykyTVznbg6oWgSHZf

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4967

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
2dfcc6c53078d39840dadd7510c035e5

SHA1
187e9cadffbc09d8adacb3229cd79419408d4654

SHA256
fbe6e99ff48aff1ff05fed58254cc80274dccee19ac5a50fc8638b366300e9be

SHA512
60953da255f0089356a585ed44a79149749108900a9585579ed2afbd6b18ae9edec679c226b870545aea6ac35be00fc7f23f39da5da3d175a10580242704deb7

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
428d0ef80525fd07f879b519a0b4bae9

SHA1
b80db0202d9c77b441cf2cb679fa838291400d06

SHA256
5af601f0abdc094201062e4418fb970ad44bda25eddeee89f7268bd969b6e316

SHA512
d93735404324e4cf302371438e7c34b0fe95a487ff650f6a4a0389c39f9b870c73a28b67e4895b87b5afeaaf9183936dfe9704d59e823568dff006d4339d31ae

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
549472216eb6b4dac7bb8a0399542600

SHA1
0293179c1fdc22acd777bc34e2817ad3e78f0796

SHA256
002dd7512f5a5c1b0af98bafe741cee875545f8d2fee939a6765929c78e1d81f

SHA512
9703a86c51cd1e731d54c89d34bcacad44cdc46302201d5833bb91037f7b66a6810b58ffba2d4b4ee4470bc7481e5e998a35470150eba884f31936cb775c2afe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads