b8ea74902684dcced62a5ca2c1d6932659decfefcbdb2615bfe5899e05eb1451 | Triage

Resubmissions

06/09/2024, 14:29

240906-rtlwvs1drr 6

06/09/2024, 14:08

240906-rfkrms1dne 10

06/09/2024, 13:40

240906-qym42sygnk 6

06/09/2024, 13:39

240906-qyb2sayglq 6

28/08/2024, 15:20

240828-sq9desvhnn 10

28/08/2024, 13:31

240828-qsmlbs1hpk 7

06/08/2024, 09:54

240806-lxn8hawdpn 7

06/08/2024, 09:51

240806-lvftcazekc 10

Analysis

max time kernel
135s
max time network
941s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
28/08/2024, 15:20

Sharing

Report Analysis Logs

General

Target

b8ea74902684dcced62a5ca2c1d6932659decfefcbdb2615bfe5899e05eb1451.apk
Size

3.0MB
MD5

2c675f9f2b5176983f3f514ef599aca5
SHA1

2f75fa94b89417f8f8b32de3f7e784b9465e3cc4
SHA256

b8ea74902684dcced62a5ca2c1d6932659decfefcbdb2615bfe5899e05eb1451
SHA512

9ec7fc6462332e439e1435542520aaebab3e786b6b2de8e0a98864c428a73cf0cb8c490ea0b1113c0493c8029f9fcfbd940f2f310bf107553f81732541086f81
SSDEEP

98304:l8ACxpNV/QSf6o7pmQ5GLSGRR/NzSQBa2k+/+m:l8ACb/Iop5GRhra2fb

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

Transmitted Data Manipulation

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.stub

Checks CPU information 2 TTPs 1 IoCs

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/cpuinfo	com.stub

Checks memory information 2 TTPs 1 IoCs

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/meminfo	com.stub

com.stub
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4494

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Replay Monitor

Loading Replay Monitor...

Downloads