Analysis
-
max time kernel
17s -
max time network
131s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
29-09-2024 02:41
Behavioral task
behavioral1
Sample
2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk
Resource
android-x86-arm-20240624-en
General
-
Target
2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc.apk
-
Size
3.6MB
-
MD5
39fa2c58237de702fc3458251f358cab
-
SHA1
16e4e5003046f5d07a0fb1eff0dad56d9ce53be3
-
SHA256
2c193c9f18db13d13903e0cd15c90ff9c3623d2a0b3b74c4d9e2a173e87cc4dc
-
SHA512
023b77900582d0b6629d587f7411ce5153124cd3870b9533cf9afc5304b874e4353d8dabb7adf8a199768992123e707bc6a87ee682463c3bdccecc8a060e7126
-
SSDEEP
98304:kyHTjmHgJcyw+WoeX89z6Odp/9hBbW+te6lXhAyHmz:k+jmKcyPsXMl9jS+oSc
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
description ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.systemservice
Processes
-
com.systemservice1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4317
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD583de75de606b442e7f3dcc5392464f09
SHA1482930f16271bebf716804777d7965ea24852013
SHA2563e321d13eaf0986d93d43b307ff12e96be8a15f3675422656f434963ce73eb9c
SHA5126cbe063d75ce624b74ad2318f3c571131b8672b05250188972553847596b4df6579fd26dc342b504dead941f23143d243dca9a79e9203061ce8badc6b900fde7
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
68KB
MD5ded6b4a157fa3dbf4d6453cd5e3917d0
SHA15cb2aff8581c73c60327a06fcb87443d566fef5b
SHA256d96f7185beecaf199af9d496ce47922b45591afdeb65d67d6d975f1680b32c60
SHA512514ff793bdcd7c41d2a87f618614ee9264ea8ee04d9770cc711ed90f4f21e57e465bc9c707d00be424bf0201a458067bc5ec19f99f506445c08c11586fa03c41
-
Filesize
36KB
MD5045489a0639eee27bca52f48828cd93d
SHA1436e7966e7c019273c44faa4d8c5709b816dfda3
SHA2560151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e
SHA512c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5d73836c4f8ae7ca4d48db9ba80aa1e3e
SHA1adf5bb0037cc43c94921bd57609710b69d685ed9
SHA2563dee1b3f2ccdcf6c8002f87566ca89be2770fcc0c661618f5e99bcd3681f1d8d
SHA5127a3d7e41320cd6f2e792e3e4acfedb3bed862929674019bef3ca003578e648ce7c517741a434acf293547fd57a23cab2990a9c37ad509a84e4a8090cd1ff9c16
-
Filesize
16KB
MD536a05c00f1dfc83cbdbc80ed7e6497d1
SHA1cd6a0e082b58779bfb3d95f58304dcbf16028788
SHA2560e566829ccf2cfa63a8ec6be55febf13c04e3534d9cd91ab34f85afbcf4dab0a
SHA5127b345fb47c5c2549f4614029cbaa165051dd3327b96cb1bdf6c16402bd9a97497ed4194a1eab37626485916594ab0f6e2051ccafa6493a47252dd2cadd379c03
-
Filesize
16KB
MD583380039924fab37f19126c806f349c1
SHA1bb4783a00940a2d2618fe1adeb7fab63a0f15497
SHA256d465e52381b8d3307287bb01453dd6c6e6a988e75d5f6e0c17cf87197574af0a
SHA512a8ddb37c062a9d8fec5994df08141230a50db05defe71a57965594b4da32cc4d25d9d8cff80c58f82c0b608a7c53864fa67ec9b9b29a4dc5be00dfee1ee598de
-
Filesize
16KB
MD57022a8ef98f5ad956be956e5eb81fee5
SHA19f5476bc2eb649908758a0eb1dd047090ad0152c
SHA256eda5f878ee27ebc0714b55cc7a3a1efc2ce86049b333fdcc4f2d56c89c1d9861
SHA512e9110a9378045fcb4d688849d7803ffbdae8001953143fc05a51069b7197cf46cf144065eae4cff1045309d4c2662abd410fbaddde12bca72a753c8d41f0b8b5
-
Filesize
16KB
MD5835cfc7decf507cdc5e54f602e3f9699
SHA14a55d424cb32e766554672cb2d0b3804fc47552f
SHA25629257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852
SHA5122ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d
-
Filesize
512B
MD54750b0948c06eb2e648015ff86d5ab7e
SHA16da638275e0effd0706e344d73dbb0226a65d8d6
SHA256c23d4f76f1f06dd263df3b8c125be7cff0674e3c1ed6db7c98d7c74ada60bae5
SHA5127ac6229e57f7506755b72649a4cbc9584315eebaff7d4d2fab4dcd2a16f345e0323e15688891de7f778785c9adb17213562ba37fdbde4322fb251d0e83ad158d
-
Filesize
36KB
MD562e0bcbdbd0451336a73b3701b715f41
SHA107a4f66c5943df5253024211da0972004eddf4d9
SHA25683fb7399dd842833bca96cafff745f668d517d0caa712962efc31b2500cc4a3f
SHA512f251075a81334a232997fab9237a33424f50101bc3f3a7dbcfcf9defb1cab987c193c172e430f40484c224c30285627a4d13a6806aa469e79a5de10ab54ce868
-
Filesize
4KB
MD5c802b7c8ed1065fa81076347c79b1a28
SHA17d8ca5cc628114bac24fca6c8f2871ff3c1ee33f
SHA2561dd0418345a3552b38991079da1ca1fc24a5ff195da9712e4634ba0ace8644f5
SHA512b0871e9e578bcfa61ada81eeab846144818500608782131a73d753928569c16040a5b245bc493bb6a79b9b27ea014fcb7a40d6af5b17058d5c9e6ffe448d1642
-
Filesize
4KB
MD5778a95b718a9cedb6ca864c38445dc1f
SHA17a956f5b6f2e50d34c166ba0dd3203499d17ff1e
SHA256b0a95154dde10a44fcd0fadce59fac6c3fca64ea936684173e0fa2e0afa930d6
SHA512813cf64659e3b967f6fd5fd9e266e9ff876dc3c3ab9ed027d4f60ed1ac4a8051611f05616a956e056f84fbca7cc3b837d5c8098f9627432d0ddd72b81f2fa18c
-
Filesize
4KB
MD5a6e64461ee9a38c07dc73d0878548994
SHA17ad7417f7ff6b35db49a44c8a69701ff0f7f5de1
SHA2560daa412b5d28deeaf074470518de3c78129196f34938a8e6e250171564f0b82f
SHA512346bb3fe6fc80d0b2921041d1448c5593ccb36b76915a5ae8fd8d49b70c1b162b51ab690e65c4c0728a8e9452a9aac0d455b2ae84a7ef71bd4d4c5f16b1ed69e
-
Filesize
4KB
MD5d98bc97060e062c38abd58ba5386d123
SHA10e32c61bb6a7bc34ce8449743376d9a2ab2f0200
SHA2566f99f5145def816d081ed079256d148e4daba1f902f3d87137fe773d4d0f6058
SHA512ff576ad1ff99e4ac9bcae131eb601f219f776690d32c058230aacaa8a336aa36a538ce249524900d61ffebc220e5ec0df2839c89b4eadcedfecbfe055229c577
-
Filesize
4KB
MD543435e735bf772788836139767c5383f
SHA109119a9716472cc430bc8d7ac9a2c23559423063
SHA256eb9ae8d5e2ca6251842a7a23560c78568981313d01dfad072c820fef2dee8bcc
SHA51238e4ec50c17b8d99ee25ec787fab836045444b69442d1a3a203f6b92a334aaf9005737df06b693c2980033e02c36b3443ec22f5f114fbaeaa951bc8ef1328ae0
-
Filesize
556B
MD51818dc0d964d13a0dee7f3c5ff46310d
SHA18a565a08cbea1f3f370331029a66ddaf15add91a
SHA256363ecdb121b506817313792b24bf3bbd4802658df9397048cb2f219beff18523
SHA512df7c2307908f9d9b89ece47a704e04144b5df3deb4879c1def99cbff4a4ce3d2e50c377eede704255d4f970f2871e7bd65366df2203a78af8eea3ca11426b2bc
-
Filesize
90B
MD5a283bc1c206eea87a774ac1621b813d1
SHA18deef8685e8d29917e79f0bd0f35f002eebb568b
SHA2566fcca7da84b338ea7e50f1b73874cfb395f7c576b3743dda641b5b0dd345c10c
SHA512a5e0e1d34149647ab421654fe1b4dc03ef081aba27a1c392fb019bc1d3be88ae4611b85d9ccf5b95857766670bde6cfdc777c8ceb011a6844d249702ae8dded7
-
Filesize
3KB
MD53039d3edd05207c437659f5403b7f94f
SHA121a6738af9428303f6b6caffed1f5e0ab0dee773
SHA25652053bc0de2f7b1214951b26e30a993309adbe18a5d54fda79b72caef6de73b6
SHA512d5067034cad4c14cd05c28149a9d2d32d409a72ac58905c21a90fc970c66814de7f218c44cf333f295be818cc9a9b5b32994b1c10b6bd94179496cf4cce07ef7