f6e38b2d2438e968bc06c329ac0625cee01a28ba99d216f0e31aa3a345b77dcc

Analysis

max time kernel
22s
max time network
151s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
08/09/2024, 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

materialious.apk
Size

5.2MB
MD5

0b1ef2534222d6e36ba4674e4869135e
SHA1

d8bbf06328f3584b95cddad86ad73b655caf4986
SHA256

f6e38b2d2438e968bc06c329ac0625cee01a28ba99d216f0e31aa3a345b77dcc
SHA512

610d9fdecf0318bdc4cbe35e6f0463d72bb5f149d81442c2d9f59929f247e71319e82f41e370e0d8ad3e089f007368a40b29b9a47bf227ccb64e8d6fa5853e5d
SSDEEP

98304:phbLVm8ciY9L1tJSxZAqZtD+58eE8O4fqDW9znbMiJCbqtXcme6gMspyrEz7j:X9mjiOHkA5REwfqCRbMiJ0Ip4P

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	us.materialio.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	us.materialio.app

Checks the presence of a debugger
evasion

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	us.materialio.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	us.materialio.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	us.materialio.app

us.materialio.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5057

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/us.materialio.app/files/profileInstalled

Filesize
24B

MD5
30469a7d36e238597a8a44099d3981c6

SHA1
f88e72273f718b6082c60c4578e79d2b50ac2290

SHA256
5646a05db62a5dcbfc68151385bf56b15d8ff4acdb4f4d084b030332e7bf68a1

SHA512
ef35657df38ef33b41596bc01494c1cc8b308081583ef09d21801d3b99a6ba7da9ff81fb88e82f45d2918e1cdd741db043e884a45412a91ee19fe3847a4ea6a5

Download Submit
/data/data/us.materialio.app/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
bc5e54f5faf42044238b94a1abf26c7a

SHA1
e6924e1cec27c470ecba436b186bd9a813328300

SHA256
c029cb744c18bdf9d2aef38efc52abe54afad69774ec2fe71903e11a86e453f9

SHA512
afea953971dd7f8662e5d487b1147f9d6b99ca0c362728459b7db3d7e833a185cfac5820390b6c6301e9c7f22167f8eddd8bf92df9a0730b7c9781aaceb0daae

Download Submit
/data/misc/profiles/cur/0/us.materialio.app/primary.prof

Filesize
2KB

MD5
5fbb0d06527042a9779b2c50dfc39087

SHA1
c06d80f2b15135d06d44d6ae32bdf60aa25368d5

SHA256
0865044e231e50c78a0fbbba2a84d3e1dd4e69280dc9412046b19f928a0a596d

SHA512
a04ba65c3d1c903e8267e0a5c839ad960620a73163cda298726eb74b23da8ee036649b711b443281af8cd6b66cf5095024cb7b1be4656f51b6e9976fed3655e8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads