f53a8790749851ffdedbfb86be2eed965ebf808eeffed6a34699c8dc61d1a990

Analysis

max time kernel
45s
max time network
151s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
05-09-2024 22:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f53a8790749851ffdedbfb86be2eed965ebf808eeffed6a34699c8dc61d1a990.apk
Size

4.2MB
MD5

c286542fb731c09be5a9b84aabddcac8
SHA1

baafe85688f15229581ddd7f858beab795efba4e
SHA256

f53a8790749851ffdedbfb86be2eed965ebf808eeffed6a34699c8dc61d1a990
SHA512

e7d7924c1a4be171047eca41d495cf2443019baf675815afdcf569b9e18dcae3278467a6d2b1b8b2d0d0eaca15dd0bded4549a24564ddb256e68430f49d3c545
SSDEEP

98304:NYbnUEUdh2BE4+4/YS2ZXTs17BNQ8AUvMdJM/o/KrT/dZEjy:q7khb4H/UQ7BNQ5Uv4MBdum

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.gurujifinder.mjpro

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.gurujifinder.mjpro

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.gurujifinder.mjpro

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.gurujifinder.mjpro

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.gurujifinder.mjpro

com.gurujifinder.mjpro
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5062

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.gurujifinder.mjpro/files/profileInstalled

Filesize
24B

MD5
32ae04de884f11b7e2ab458d7e8e7179

SHA1
45fc75a33aa89c9079e45832e2f3a10ad676315f

SHA256
cc55b819cc53453a87326026863ba0895a296af9223ef87fff3594e65825f58a

SHA512
e2a17ccff2bcc02e691f628781def9297d0d89ab113c9912edfee37a17410a5eadff10e1fce387b531530e21e87b17c2c6dbfc31bdf0b08a10435be79bf31e6b

Download Submit
/data/data/com.gurujifinder.mjpro/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
a32ea99499493e177caca3271fc315f2

SHA1
8ffd9f621d0b8ba027adabb03ee0c3bc4dfdc877

SHA256
fbbb241c48a6fadcf62d69e971f12f682c0a2ff349c0af0035da954473176038

SHA512
268338a170c543c6e632d356e5924034a8ade5430da113e51e6ebf72a803a405c47574daf620ba15bd097465955b49fb5869da3f84c5d1b213702866e89bedfd

Download Submit
/data/misc/profiles/cur/0/com.gurujifinder.mjpro/primary.prof

Filesize
1KB

MD5
e3037459444c52551db7b9ebcb524ba7

SHA1
5b15f6546ea18902e62d59fb63d929441e631076

SHA256
a70cf57d5b806330335b935db461034bcc7aecb3f93e66c2c172140c74b13448

SHA512
bad40fa01e49415e6c240f2b66e85e2e39b4ffd80ad9e1a6c46f028ef114282dc5c226efb4b2987544bc73ed43c2a46bd1c6215d7f0a6a9eaafe7a196781ddc7

Download Submit
/data/misc/profiles/cur/0/com.gurujifinder.mjpro/primary.prof

Filesize
3KB

MD5
5a1898e129d35750d7325b8e2317fc74

SHA1
e4e43e745793eeb4b941c9224d82698b6af6dc80

SHA256
ec64c10e8e8e629f040fe8ef4f2fc63e9bc1efc7fb1a9828c09f21b5368589e9

SHA512
329f05cdc5758acd3047bb165b28c2fcc06f6c0e0af5a2b4ff1664fd146eb505419133930c7d98db31b2e82aebd0f58e1c7100079a0b405c976b4410b439c5aa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads