f5e578d2fff1a61052688dac80a13ad49dfa2972e7682bc8e80d2a7519d2aa2c

Analysis

max time kernel
29s
max time network
168s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
28/08/2024, 22:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f5e578d2fff1a61052688dac80a13ad49dfa2972e7682bc8e80d2a7519d2aa2c.apk
Size

3.4MB
MD5

2b00dba02475baa8459a3861d04c6f1b
SHA1

a70a940352a7dbfb769f2ecb6217f5955a3b0c70
SHA256

f5e578d2fff1a61052688dac80a13ad49dfa2972e7682bc8e80d2a7519d2aa2c
SHA512

3fdcd72756f29cca5ff427c155b710a24a776ec8ef2fd929460c8745abb98ad78ccd6f8a7f6061e154e5fe909347bd486f561607d70d1be3c22ecd8fd42df1f1
SSDEEP

98304:8az1lejwGkTEvOV4TNtKIGgh8tuY0BhHRPaY:8az1l0kTEvOV4TNtYpcBJF

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	pkmast.pk.yonosbipannel_new

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	pkmast.pk.yonosbipannel_new

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	pkmast.pk.yonosbipannel_new

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	pkmast.pk.yonosbipannel_new

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	pkmast.pk.yonosbipannel_new

pkmast.pk.yonosbipannel_new
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5057

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/pkmast.pk.yonosbipannel_new/files/profileInstalled

Filesize
24B

MD5
deea1c2e88b12a3a6fa1422bc905a807

SHA1
edbf6af313e6ee391fab6f0dcdda2a7f569498bc

SHA256
14cbe97a55c9feb6fd7120fa0cb5fce7e33b13092b0380c019958306ee4487fe

SHA512
efa72d51d9f559eba3bea4734a45e0f30909dea3bca885af5f2cbcaed1e0874ec7f600831999eddb33d291541b928b1fd9128488aa14bfe26f6754466a87141c

Download Submit
/data/data/pkmast.pk.yonosbipannel_new/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
c0049c0ca8da540c783b0eec501746ff

SHA1
3b3b55c108e6c351b32031925cf9aaf065a3fadb

SHA256
d55be523413d09587a3e13e353991c50e1b49a6f7adc331c3d0c1536763edd35

SHA512
ac50fcdd0e5939ac0dd88b955d4c772214a2fcb6757a2ade7ff93e6dc2564dd41f25548301f8a569353cc5278fe51371ac62021a2d2fd26599267e16ad9aa14b

Download Submit
/data/misc/profiles/cur/0/pkmast.pk.yonosbipannel_new/primary.prof

Filesize
1KB

MD5
e9c7c90d758a7a482917dd302e16d6cc

SHA1
1bbae0962698d06cf0d7f9910e5867a33a83505a

SHA256
c19aef5ab9f76e34c8ee4b1bea808b3828b5d140344f24f0fedd1d26e92a4514

SHA512
80812bcbbf3db2f31c2a5fb58a423ef987c4982e3d8d34d96d49d4a8945ef5c0eb7f35bb90ff733e1c0f505b52b1fd3e16f3ae7e496f7974e529db17f37ba39a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads