72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77

Analysis

max time kernel
125s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
28/08/2024, 22:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77.apk
Size

708KB
MD5

8b97d95530d77edc99798a41301b13f0
SHA1

e2699e9aa3a2c6929fe2ee38bc5adc40cb45dee8
SHA256

72c1c0d86bbadcbd29e5b29632419adb134441b72b46a89b52c8cf5d9f02aa77
SHA512

12c71b114519fd81655b4cabd0f0d8525e5cbe7e4d5f6f7533c165ada165646b2ad36c44520b8db646449d7621b416258f636c159b1e95be67c3a419719c6285
SSDEEP

12288:UbBPL/DCtv4xyQzx7AS0ptHn2E7IYGfk3Cj0AGVBiGWidPjfbKna4GHHAwpZbz7r:eLXxtyS0ptHyUCgAXidrfbKnehXjf

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	j.j.j

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	j.j.j

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	j.j.j

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	j.j.j

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	j.j.j

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	j.j.j

j.j.j
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4963