Analysis
-
max time kernel
142s -
max time network
132s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
16/10/2024, 22:29
Static task
static1
Behavioral task
behavioral1
Sample
4b14e12a410f42bbb892ad1583cf670dc3c715d12f056959da19e7f7a3daa636.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
4b14e12a410f42bbb892ad1583cf670dc3c715d12f056959da19e7f7a3daa636.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
4b14e12a410f42bbb892ad1583cf670dc3c715d12f056959da19e7f7a3daa636.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
4b14e12a410f42bbb892ad1583cf670dc3c715d12f056959da19e7f7a3daa636.apk
-
Size
4.6MB
-
MD5
9384d5ba2f5bf84084f3a2f9d2375d29
-
SHA1
42e01932032fc72d9c2771a2a323c528f33aefa7
-
SHA256
4b14e12a410f42bbb892ad1583cf670dc3c715d12f056959da19e7f7a3daa636
-
SHA512
58e7adc6e5d863583c6d6215c7d75be6932dcebcd4768bb43c632371993ab72af606a320cee1cf90eaa7206b80d61a75db7448339a4ebab387f7fc9b01984222
-
SSDEEP
98304:kJzTVndwXIID/HdLZY7mF0Qn/eU1DNXa13H2zAVQQOV0cIaJoS:AJnCbD/HFe7O/eAG36HPJD
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.rhmsoft.codeunbniem017y -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo com.rhmsoft.codeunbniem017y -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.rhmsoft.codeunbniem017y
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD533a812b1eefd38cd7daf3f8a8cbb746c
SHA17432fa16c8347e69e4406c99d1c044aeb25bdf86
SHA256b802427461b32d08076829a9cc6b40d3462ccd81e06e2b05e7429e9f92ef0525
SHA512a9f8de33a1b617ea367c592d5208be9d1e3d6746d228e0ea4a59cc24cc24cfba08afdd7d0c88983a4423a6318b71b5420f7401138c553fb3a2f6a23348225114
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD5c080519fa58c98af906549540fac7e45
SHA1781295755648ee8e800efde4482ce8cfa2e700d3
SHA256e8f90ead66fd822ccc3444293958407b097654495577c2b53a62d0fe79d2d253
SHA512f248cf5fd30f22bdac25ab8560efc8b8db352155e26e668e4c43f32a07760d58097d1ffc0ce2b46d89d287d7b16e75bf08b4472c9b73dad2633a2515563c11ec
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
16KB
MD5a4e17980748f2dd5ce8ecee7fc7031d7
SHA1164541fd42240eb8a12e2daf9b0911e373909856
SHA256806773439e1dbe65bd1c3bf8308cdec2c4804c1b828588d23a445b2b7416019e
SHA5122b89a0d48a07c3758c22886679083a00c1a1bf9b28600751a3c23fdacc8af04374194ed5552a9ef77f18446151d21145a441d0f117c6cef03b5baae90e4b80a9
-
Filesize
108KB
MD5124122245390c31f63f0008e4ba969aa
SHA17545cf670bcafc0dd0fb24dcdb56086c6d007098
SHA2568cdcbc1cd2fc703910bb419694f263d2b6bd7d1bf55a768ebf7973ee6d0661d1
SHA512667855490a750bf7b3cb07ddd13eed5280a15fda4d1a06bbfc4fdebf96b920c4f0f01a5fc20779c26f8400b3f75a617b2cb5e1a0338d51a33e63ce01e90d8648