ac06764c0afa554de02ef8fe57ee0f5b7332136c5f0530b163cfe5d1c4f4fed0

Analysis

max time kernel
124s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
03-10-2024 05:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0e11fec5f5d27b784836146973ee5a64_JaffaCakes118.apk
Size

5.5MB
MD5

0e11fec5f5d27b784836146973ee5a64
SHA1

918f04ebc97f07f67d4f616227315437cfda2915
SHA256

ac06764c0afa554de02ef8fe57ee0f5b7332136c5f0530b163cfe5d1c4f4fed0
SHA512

fa446b31daf88910adeff555a594fd0fa2a8fa1948fa34d6522d616973e3683f94d009f838c724422f39433da67205718158aab4f9606a4fd0beaa0d10208b4d
SSDEEP

98304:bmSfH7ZmEXZoIgTrWlc7ur/FeWmP0DilENNJ+Y7CdwzkikakKfsmFwWXjyfk1QN9:DIIG8/WO4mDnnyBmFRwTM4

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.memapps.boostcleanpro:beyondAppMonitor

Queries information about running processes on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.memapps.boostcleanpro:beyondAppMonitor

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.memapps.boostcleanpro:beyondAppMonitor

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.memapps.boostcleanpro:beyondAppMonitor

com.memapps.boostcleanpro
1⤵
PID:4526

com.memapps.boostcleanpro:beyondAppMonitor
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about active data network
- Checks memory information
PID:4573

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.memapps.boostcleanpro/databases/mem_boost.db

Filesize
4KB

MD5
5c45b4430f97e2357e097205e22966e5

SHA1
d9db28cc63c9b6bb68fb7b931b60ec40f0746c7f

SHA256
cb52214ba89a1c2cca38b1c11e7181e0d225d1a7ddb268c6147b45217a61ea2f

SHA512
9f43528f46f26486c6fbb0da75bd648104466fc198bc62f009869e39282afb828de136a975ff4255ce2909ee856ef9ebe4cade2d72eead381f7409ef816d63c1

Download Submit
/data/data/com.memapps.boostcleanpro/databases/mem_boost.db

Filesize
5KB

MD5
d6221c88aef248e61d9dcdd165d5f456

SHA1
fda7fbcef4c8ee4430526d58b7d67ca724346726

SHA256
cefda9d8f9c75f32d0bcac134ff277aa31ecb816a90344fff2af328c1eb93651

SHA512
903316f3ab4fe31d1142db1325a6991f29996d3832e81692bf4160d343efbeeb42250bf1b355c85295780506683576e7c8b6e8176baff8b822ebc05da3d646e2

Download Submit
/data/data/com.memapps.boostcleanpro/databases/mem_boost.db-journal

Filesize
1KB

MD5
ad1ab46cb1a25fa9d625fb2dbdc2ab17

SHA1
3dace503709ed0e6b3450e7d29e563fe4f8865d5

SHA256
1d5dd4c390b522749fb45ec71af6053ee28e8681e7b45fc1fd79469234979062

SHA512
8a33c51164eef8090b09c1bfcaf4ab42a032843f236e64a57725f9c74273041f1cabb7a34a7dd5a8e0b0bceb844434563c3b58a0199292837633387f8033c990

Download Submit
/data/data/com.memapps.boostcleanpro/databases/mem_boost.db-journal

Filesize
2KB

MD5
6ce71807446c317a97d3acdfe7dc2705

SHA1
d4393f6eedbc79134e447ee5148bd92675b9dec8

SHA256
8f74acacb888dd5434c8ac36839f0b7e833b9d336c13f0b70b64050779fe9db4

SHA512
a415318995546a428efc7137886743a38249a3a7feb50c7a2b3f21ca71219ea5777e3b93726a2c621924336a3241486b5846cc7b1febdc215eddaa10a449c4cd

Download Submit
/data/user/0/com.memapps.boostcleanpro/cache/volley/-507267791890490242

Filesize
2KB

MD5
f6236799d92890ea54751f284b33aa06

SHA1
cef8e024d6a23d61c270bcfaba12feb4b499f613

SHA256
2371edc4e2d3098afb3ec28e9a9a33b46659e04bed221e9c933c75c110f3feca

SHA512
3a5859d91a87120c2a59bce2e98846b0b9df2e9f80b3a12d1f8dfa746162330ff5d65a191c59733786b9243dfbcae042a2e10083dec9663f656a676c6ec5b1cf

Download Submit
/data/user/0/com.memapps.boostcleanpro/databases/mem_boost.db

Filesize
20KB

MD5
894e53f613d3bbf376b5e5a580dace0f

SHA1
5beb341d7501ae9151d4455f32b48b67b47a82db

SHA256
3fe1a6f6e57b864c66fc687fad13d9c8255999a13fefa2c1c7102d0d2d5c962d

SHA512
74e251a74fc8002bc4afe4319d555477d8b2e8114d097208ea1b9448568ce8060d48ea7282ed9aa21c71140ec8fe4286d97db2e488c7cc59e9671a8058b188e1

Download Submit
/data/user/0/com.memapps.boostcleanpro/databases/mem_boost.db-journal

Filesize
512B

MD5
bd8c06cee70a6ac0295cb210095f9025

SHA1
033034ef4525ac7d6f54e327d733272fe3d2353a

SHA256
afacd7f7e7c27123769a18893a51d0cc1f0a153091de186c88f5c57bafdc8f24

SHA512
3980904077e169efb5f45217f324e2e6e18297cd1a2520e7ca4eae25a2ee3abeff6c9ad863a8267becbdbb12b2e1c71c87daf3d821cbf95fea6aa8fbacc2c621

Download Submit
/data/user/0/com.memapps.boostcleanpro/databases/mem_boost.db-journal

Filesize
8KB

MD5
0c20940437c0dc8edb83357747fb8622

SHA1
5c58b480da5f3b1b77446e74bbe6dc1a7193fcbd

SHA256
367108ab094605a66a71376b444dd6cacb14cd08d1501ef33e75a92a92c7f143

SHA512
e3428297f0fe512aad841604b40bf5fb4abd11ef3febdd9915fd13bdce2c253699187c8baa1413740691d77ee94153ae78cc58020cf754fb06124e02d6e4f8a7

Download Submit
/data/user/0/com.memapps.boostcleanpro/databases/mem_boost.db-journal

Filesize
8KB

MD5
8566e4f72c5ca67a4bc327badcafb34c

SHA1
784b8ff7661b500304a5c248984c0036e40b8503

SHA256
994fc0b3fea2ba69aef1b8649785cf4a857e4a73eed6187c58d635f8809a6646

SHA512
aa88c01df6bcbe76df5cb91883f607434ff2f8bb46bac08271f5c3458d59f8cae176ee47cb5e89e2dfa942c77287f6fd9e52e304fc841b8a56573a5fc85a8722

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads