Analysis
-
max time kernel
47s -
max time network
153s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system -
submitted
16/10/2024, 22:30
Static task
static1
Behavioral task
behavioral1
Sample
ec8927344fdc09c66f4b45a5cba929d65b407742d54e532a29d37097d1107c9a.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
ec8927344fdc09c66f4b45a5cba929d65b407742d54e532a29d37097d1107c9a.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
ec8927344fdc09c66f4b45a5cba929d65b407742d54e532a29d37097d1107c9a.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
ec8927344fdc09c66f4b45a5cba929d65b407742d54e532a29d37097d1107c9a.apk
-
Size
4.5MB
-
MD5
896202fe4e3ef104fcfa1ddb8dc12bdc
-
SHA1
468e78a0f1d94dca6fac7988e88c15fad06d9d6f
-
SHA256
ec8927344fdc09c66f4b45a5cba929d65b407742d54e532a29d37097d1107c9a
-
SHA512
f0e510d70a49a50b8a343d7bca9d96c2d52221b13c26bfd6cc8d487cee4311337982b66ecd37e827ba53bcb3f0d38dc8bcd56c7ac7542e0143101618e92fba06
-
SSDEEP
98304:JM5Mv87MQ6NyJhq7E3iQqUjBYCvvUcxPmxKULGYqTGqWfrSV:SO8l5X/HdvvUcxP0KUJH5ro
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.rhmsoft.codeund9013 -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.rhmsoft.codeund9013 -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.rhmsoft.codeund9013 -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.rhmsoft.codeund9013 -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.rhmsoft.codeund9013
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD56d66511ea6b295ea51c42ae11b7adbba
SHA130c142aece2ddc824c51f46c8bbbba63b375e97b
SHA2562a862d5ee35f35eb42fb666f3b1d255c4d8fb9153e8a33369a1942e53875bdb1
SHA512532cac8d6282569d39cf52c73a114d1003f8d1f15b64db47d09a774651ca231bc112f694c415d37ffae795e686659f37b0e9f977a6cfe75353cc07811cc11197
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD52209a5f280d23f876cfe314b84e399cf
SHA1a2ec5ca626eaefa0e76a2976fdb5853dfef6b2d2
SHA2564508cbee83c82cf5d2346e04aa625be5c018e38ccbc26c8d42fe28e4dc485677
SHA51226d9b3a14d3cded2be9c56320f88f1914fe2040e61428c5cf781b9f2cd7c449f053748cb729569a54f8bca541b49538039c615fa03bc4b114d59515ac8328f81
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5ca108406e4097e9a45b69fb5dde42040
SHA161c5f98e67a3aa203ecc76263bca59467bd4b60f
SHA2569c90a1e2cb2c02a44118a9fd3e9f5bbe594ee3f8994c577fa1b5c64760063880
SHA512fb538aa52ee791cacf7d69668b173c2432e3f29cf4fea6abb91d386d5406519b398634bbeda278dbfb9c1b67525234e6a15dae8282e59671a85c93404a08f3c7
-
Filesize
108KB
MD55a0b7090b09968189b636efae16b3ab3
SHA160e2f01ff9513907c7d9bb6d71b91a49930b7969
SHA256801d76baba4b7ef759b0cc70a061eec414b8b2e64e148938e943edafb581d074
SHA5124d9d66c07d39a9292f7775c0fe0d04ea5bc1ebf8fe90f17992e7d72e94a6b2dac1f5926287a6edd96b179c8721c29a228c7b98625ff97bbddeb911e0e1089aa7