Analysis
-
max time kernel
17s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240624-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system -
submitted
10-10-2024 02:23
Behavioral task
behavioral1
Sample
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
Resource
android-x86-arm-20240624-en
General
-
Target
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb.apk
-
Size
3.6MB
-
MD5
d836feab9d4bf3c6cf086bdc14724c8b
-
SHA1
c837cf7b181679a0081165e5fe4aa0eb94f748f8
-
SHA256
5d2ff3a0a3820997a9929df3c53768079a7b4515f28ec4dc87dcf646a543d8fb
-
SHA512
8c7801c5f1d8dfda39e0c65bdbea83feb8f217b41b69a245d01dd9e983a6a357c8b0b2be79123bed07e638655fc66ef3a093cc01be68c696ecfea5ab6c692dad
-
SSDEEP
98304:5s13ZL3Vf6JqeomaMDmQZ75ub8GoRJ6Odp/9hBbW+te6lXhAyHzwI:eTLVf6JumaMiQVWovl9jS+oS4I
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.systemservicedescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
Processes:
com.systemservicedescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.systemservicedescription ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.systemservicedescription ioc Process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.systemservicedescription ioc Process Framework service call android.app.IActivityManager.registerReceiver com.systemservice
Processes
-
com.systemservice1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4263
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD53453e8970dc03ef0d9680f67d108aad7
SHA1df56a1543c164c5f7b495f6edcb121f01ea27fd2
SHA256d8fdb524611a37504a27527e0c75e3e49d35e3297271f1d44fb2b1ac081465e3
SHA512b1d25f541461a3f12ce10ebfcdb3f782a378914cfd03e24ab4e3490a82d60faf9af5c9c24ef289e809dc875000d6b9ede30c811f2657e662b772c98cd66daab4
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
68KB
MD5aef051ab0cdb082a702fc34002025b20
SHA1556b3e666003b889ca52a4aec94ee0fc009998d5
SHA25665bd05fa30a50b1bf08cfd9d8db52e412b1acdb3bdb8c7fcdee90764a418a854
SHA512279cd9a26c932c90b4d1438fe4543ab188ebe55e18a8bca72910a037bf76d03d5e1c90cac44c2f3551566a4a8c49fc562a7720bb8ce5b24e035b0ad629ffdee1
-
Filesize
36KB
MD5045489a0639eee27bca52f48828cd93d
SHA1436e7966e7c019273c44faa4d8c5709b816dfda3
SHA2560151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e
SHA512c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD5f9e54bc24b72ebd42db2a120c40380d3
SHA14dae39de23672be9674a8349f08224af0de0e028
SHA2567206f697f0129962465c3e3ea5c79b1ad483d38c288842bee57d3d8a008b64a8
SHA512f4c8c9d69391e59254862afde60aed83a7bc1e52e5544d634e1255b6f540f3b34caec8b504e17102b3ec6571a33b0a307fbb40cedc491b5d0917a21c57faebf1
-
Filesize
16KB
MD5770d8010bfb0c97b885e4a54cbb3f657
SHA1a25f947850879ab2c1189ef2f117c30e8477c3ca
SHA2562e036f4acf8309d84d3cf6d94759cad568042b0dad07f60c8099f06ac34b72a6
SHA5128422308d0f2e87b76d788fb374a575bb217846e3349f19556ed49e8bcda91aa839823b598ff6cf5aa7945384bfedd721885bbef3f3141d525ef5e185b17c4810
-
Filesize
16KB
MD5e53e91f96096e03b203e673b1ba8f71f
SHA15a36b4710be94428a6e4c11412edf089eba2ed9f
SHA256fb3b7678752ad65ea270a1fd45981afe90e50c913676184652620879c281dda8
SHA51294be822118984c10fabec2f0d87c644db034e8d487ff29d19fdea513c6343d9aa84e9ce6f0e85e9abb83809d72c146ec223bc5d2b6c37e4a46ad206eace44d0f
-
Filesize
16KB
MD5e9c935c0781f90b0adaa1c223a10b6d7
SHA186388a4906c330a463ca4ff52e2de996a313ae74
SHA256eb6f4c5475b87963f12b1d11ec8e9359806aa8d8670e95e50db2fa338c9b3e46
SHA512ccab0654625430fc4a68b0f9dac0b2261c63ddce7f918f8efc23f039c055bace19adfb838fb8d6f0b1351da2d38ea6bf5f787e010fccee9ddc740259f63d3098
-
Filesize
16KB
MD5835cfc7decf507cdc5e54f602e3f9699
SHA14a55d424cb32e766554672cb2d0b3804fc47552f
SHA25629257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852
SHA5122ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d
-
Filesize
512B
MD53c24658f2f4fcf9557f0781e9faa3a13
SHA19715e69b4b78c21e44b98308d2be6d630782708e
SHA256774923a6657d356a12e23a0538544e14d93488127372b57af6713b8a674eb797
SHA512a69b086bffcf049f7404ccbb37afaff6a84660317e3ee04f086a070c77e529397fd77ccfb0188b4742b2a98cf33001fe4b2ed823ad9b0d796b4c82b36cba40a5
-
Filesize
36KB
MD5af9336828afa8e43f95635451fb2540c
SHA1f2321480edf83394d9f88646f6ff3a0c6e9c9f47
SHA2567cd4572057a697ec874c784e3a03ffa1784a023d01e4db24a717347c28b13a89
SHA512a31967c7859a53a2e74a195d5f27b82d9321af222c93d89624d75ba4e74eb5fa8df649b0401f2a1f5ea033a677085cdcfbf94302e7d230b50bab1a8dd03d9607
-
Filesize
4KB
MD5b3704e1fa235a2c8d3caea8ae3a95a03
SHA1aff9cd81a38933e4b2a77b64be78a2fbf4afb056
SHA25667673d4b30d0ab9cad77c6ce33dc6a523b50e54d4f43549b63a976ba27e94b70
SHA512005933f2540d2919b75c1bca1dd9d6284e44b84af02b6018abdee946f2958f7cdb9e294d2f683f70c37c9729efc0fc16eb7fd2d27cdf52607baa6aca43688964
-
Filesize
4KB
MD56aa616edf21db1e4def1e3ba5db6b7fd
SHA157a98f705388bec3815fd3dabcb36da31ddbbcc6
SHA256ffd88193a998c0818ef2da375eaf0c017f495df2203e767035a9ccec607ce8be
SHA5129a8fc2582b6ce7a9e903a79bac1b3bd4e9425f5add124776c0cebc2fcd427f5569df8c0de87439735d91a1bfc68fc68e521caefcf5c8f8f693acff30e8f2e5f0
-
Filesize
4KB
MD5a1813a1b826dcfa767b44095052f3d7f
SHA1f91d04c495db6280b2063a72d12a67c505297258
SHA256b31fd6c4db863b4922252386ab5af039ab1b275b8ebd5739455ff419d36974cd
SHA512527adc7d18f61e0b13dd3b502972e736d8d0007f4125b6227ed2ea259442af3c9b7b2fd35da089b500a300205099279283668535a99924dc819d067a4a6aa997
-
Filesize
4KB
MD560122ec203acd77f9066e95192564073
SHA1944d1e9f9624e93bfedc0c2179c688805b6f5b42
SHA256c0635d8fe50e189d1ac2b419f135cb6058fa658f887a4373b6c77ccdd961dac8
SHA5124362e6734778ea74be26d0d98b6e72e49f3663b87857a4eeb4d2b2208ae7b881018472db65c589891b539f5b2a2630c671708a8958c4564b8cc18e347559ed9a
-
Filesize
4KB
MD59d903773d041e171f9e22f858109c87d
SHA104350946e92d3fd92782cad93b1147134fa47044
SHA256688e6217bcc7fc9277bf9e647f95f00ff8d0467098354a96edc7beaa5b5dce0e
SHA512259b51726085751484af5910fef2184af7b4c1d4aeeeff63684b20c8cc5db0a95f4ca3f19dce3fd69bc83eb0c321c9bb878be1db60a15a19eb77bb753854de14
-
Filesize
556B
MD526c93ab52ad34c1bf83a70aa55874c43
SHA1e9fc8eb9c56e6bf1b4c30b3102fc45d328835f2e
SHA2563e3602bad7e5cbd517101106d381569891143645ae19af7abe08baf250e9b16b
SHA512cd2b378382cfaee86f1c00ecb4e863cb1f095ce362bd84662c2b240a084d05a638ade0ada01a510dac45aa5c422b906a414712d81b647ea9ba41dec5fa489403
-
Filesize
90B
MD5f862b29d10e91eeefd347745289455cf
SHA159b11d0f4b9c3eabf4bdc688a40bd8ca9ab676a9
SHA256ae34efba935307f4eae185050f8cf72a3730fa5abe5667c7812334e666d471e7
SHA5124bf3a5ff322dcde6076bf8ece3f0b8e941f5fbe79d1329a48787b94940953ea707670782447077c4878a4bc73f2a7240f566d70a71efe74591efc6f60d7c7020
-
Filesize
1KB
MD5eebae2573365cf93c0df7414103da280
SHA1983cd8ac9fb54b7009047c0a5580fdac9ac8e2dd
SHA256d441401aac6059dd90dd7eecde1749d6c2ab3289efb7acae09a507b11af7940f
SHA5122a86ad58c70da6afa0ab250b7e54a175398a3aeef80d9c081b15e9fff345e3b332167d89338985b90f029af21fc02c86af75681346a386b82fbff6f685c2f0aa