1fc7d828113a3a5e5e663e49a9752a75597b03dc23d5da1c889b0c0a82b3870f

Analysis

max time kernel
123s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
21-10-2024 15:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

2.8MB
MD5

fc4129d694399bfdaf1a6c5883551a74
SHA1

38e1a9e56f190c0962a8dcd65f56f3a901c24d73
SHA256

1fc7d828113a3a5e5e663e49a9752a75597b03dc23d5da1c889b0c0a82b3870f
SHA512

b5a2d601b55560379d2fdd4b08c463205c72fd2d4a734b1eb7a115db79aafdac9a6ea659c2f49f176fe066fb91edd97cc2e5e6e24681086afe12998f51e5767a
SSDEEP

49152:N/zCdcQbf6DbZ0CJGevZ7Ezz6XZq3wmHcuhykS+fMT4BhKM6+YzYc6:FW56DbZhF5E2EyWyk7MTL+YzW

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
collection credential_access impact

Clipboard Data
T1414

Transmitted Data Manipulation
T1641.001

Processes:

Com.ukjent.app

description ioc process

Framework service call android.content.IClipboard.addPrimaryClipChangedListener Com.ukjent.app
Acquires the wake lock 1 IoCs

Processes:

Com.ukjent.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock Com.ukjent.app
Queries information about active data network 1 TTPs 1 IoCs
discovery

System Network Connections Discovery
T1421

Processes:

Com.ukjent.app

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo Com.ukjent.app
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

System Network Configuration Discovery
T1422

Processes:

Com.ukjent.app

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone Com.ukjent.app
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

Broadcast Receivers
T1624.001

Processes:

Com.ukjent.app

description ioc process

Framework service call android.app.IActivityManager.registerReceiver Com.ukjent.app
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

Com.ukjent.app

description ioc process

File opened for read /proc/cpuinfo Com.ukjent.app
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

Com.ukjent.app

description ioc process

File opened for read /proc/meminfo Com.ukjent.app

description	ioc	process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	Com.ukjent.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	Com.ukjent.app

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Com.ukjent.app

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	Com.ukjent.app

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	Com.ukjent.app

description	ioc	process
File opened for read	/proc/cpuinfo	Com.ukjent.app

description	ioc	process
File opened for read	/proc/meminfo	Com.ukjent.app

Com.ukjent.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4966

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Com.ukjent.app/cache/1

Filesize
222B

MD5
cf66226306adb6bc8416c2bf2571e5e8

SHA1
0cf9b1c72025c90199e00173b40c144dd4032b26

SHA256
e498ed078606a3a25818ffe1013365979c31e66bc970964b93f145e04ab349e3

SHA512
0923d1f64c10937be69064ece2a1ffe451263fcb95315ed0f64087a9c394f3a54ec2d1ad25f2c065b7be1883aa37014a95610e0a69c6661b66532c9928a505d4

Download Submit
/data/data/Com.ukjent.app/cache/2

Filesize
1B

MD5
68b329da9893e34099c7d8ad5cb9c940

SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

Download Submit
/data/data/Com.ukjent.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9f5dfaf6e140ec7cb5e354b27fb30816

SHA1
d65f55ce9a2d081c4ca4d6b747545edc493f611e

SHA256
7c26c81a6b0dbdc621edd754976283459353d7df83d2e49825c21ee4e007a402

SHA512
3e397ebc15e7c27891fe8202052f9832dc5ad61852c1abb7bdee3c06737ddc575b8da60a94cbe3f48538930a865a5328d1a2e78d3abea5d6273f039e52ff27bf

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d8e279d3e3a7ba7087838087ecfb5712

SHA1
7113d16f423ba0ffc623168fbf316640318993a6

SHA256
66ffd62aba74c418f33560375c5b56b3be0f6440a33c47094e21131bdc397d91

SHA512
315a9a80fe2f0065ebf2c287579fe8f3284b129a6e292699a2e7da78aa034ac0384a1337c7dba4c0a221944a4fe00381b35b710b8177b10c8255816b58829f0c

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8159b61dd62366cf1699172fcf0d0048

SHA1
e57f3d879cf59e8b6f852e60bedfba10ecbbabaf

SHA256
9eb034dd75d3741d573974ec1cf99ff9427456a2a1368fe776adc46a6147a0e6

SHA512
4b00f13c7d99596fc731aac2a17b2f714da18960c7af49c56cbf2dd13fb02c34a0f2202ebb814f3136beb652feea2074eb054cfac4fe517912105e34f23a6358

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
48ece5b6c4c31d1fff4f3a2a66db49b4

SHA1
8a6b85972dc3c9180a6dbb1ba627bb21fdbdd9df

SHA256
9676af39f02b88ca932a28668896ea765b2f80747163e6eabcf59d93275ad7f5

SHA512
d9b3fdec628329c6edce62b0a98ddfa9e075fd06887cdf20ca9290658e5244c86d3f7096806bfa726eb1bda33b8f7d57f65f97f28240335f56880d0554eea667

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
604984efa17735ff76993edae3adb886

SHA1
cac1dc3e5cd85fdced99b8e9b8524cb8b2bb340f

SHA256
188c2671a012b628381e60a7072d9d5ea3db820a1b97ea0a84e59800b9384a98

SHA512
da9f18df7398242ec79f0d5fb94579bd5b1cf308ebb2c96584cdb5fc3a228e374346a73d44ec540074df8de774345c7c89f901f41f9cfb9f86a38f70182bab5e

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
46e7116d5563eedab4a926a4791fca5b

SHA1
b7bc4a87f1b0b3355d52276dfb215544eba54ac8

SHA256
60778aeac99ddbef3c11abc01328e3a4fb4fd5a28ae1270468ad9eead53f6016

SHA512
5ef7c920878b079ea5a5cf7d4a88e44dd2d5af80ad8597be874adc18429bca7268b966765e15761fa15f205b598392ce0b6b2a338f690045df998aab4e151149

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
3c4756c3ec097fcfc56555247356d65d

SHA1
0d56560cfbddf016307f9f9117f5d4d7cd4a52f7

SHA256
c8baab9c8e9e9a04865566600091fedee40e0a4a9a0a9a4869764f26568e9441

SHA512
ed416c00bf510c0ed2b9ec22df2cf5c6cc31e89f6b4ab7ff601805ae63a8020278990d970f6eb2034ab04d3dc1c1e5b3a0cde90ac78223087a2ccab4375411a6

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
165c930edef1244c1e45ee385604727a

SHA1
97f20252227f0e5024d354accaea8d48cf71b41c

SHA256
7bbf996953a10e02860199ba24f93e3a7e288ebdb3e87712636486bcafd1b8ba

SHA512
e62f5054e9de78d5eff6e27dee569903e43554322911625178a91cc9a4df8316c9eace534dd2a4e19aadc01a1c24f2e0704b07409d616049c478c774bfb4156d

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
48d8a71ad0977e7690a9bfeb19bb5154

SHA1
8556ac19e11a5d3f124c7e08222fcb999628ff97

SHA256
eed66a1c0955d858ec1dd7f4f96ec5c8e09438a89d2cea0c958f55de3efead81

SHA512
3a31290c46ca5cd9e2a9f371325a8f5a6142b2ac88ed567269f861f1a5bbf8fb39e7b2dc4d5b3f905345ac5ffa53dc7c1cf7f81c6bfbddbb0c7f7fd96d2da2d4

Download Submit
/data/data/Com.ukjent.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
eef952419fa99ce4e3d2ec79647d5835

SHA1
6af9b131be84dad286a034e9c56400bc33fad0eb

SHA256
2cb5030a0c42d11fde181b783afcf82a3b0ab1f061026d9c5efd07dc78e7cde0

SHA512
7a9400c80c6ad4606858f981ed6bb5c3f8c3f1d941f6a4122f853127657994193da5ee959306a575bf59d7764565e26ef67213a0c0ab435aa7e7b2989a6dec2d

Download Submit
/data/data/Com.ukjent.app/files/PersistedInstallation5584839366631544863tmp

Filesize
572B

MD5
e3161515527dc31a84c2bf1702a3cc89

SHA1
450e4e0bf4022a31e46aa19e6952d2af103cb046

SHA256
4732c0765df94296689e852853e9388f6f48cf48d32f342425e82038cb1dab18

SHA512
d15a20328f5663c02ac4ba58805414c6e44335f4dedfa052db6ac4a919cf0cf07055e9f7939732934eb457a69c84c46c26735664fd6c06b5d5d37b1d3557b6ac

Download Submit
/data/data/Com.ukjent.app/files/PersistedInstallation8804069856668940940tmp

Filesize
90B

MD5
afebee859f991c11ce54f77dbcd130ea

SHA1
c015bf516e6135fac6304e81a950b2bda71e016f

SHA256
5b87bd10d095efd07398a4daaa50c3e139b2ee33b1ac492df35b649c093ea307

SHA512
aeabc47eac83bbef4baced3e654695424e4beb7cafc5f63dff1ea68d4481ce24c0b87b4bd3c4514d357114150e47f79de7f51c5c899f7e0166d5f8a3b66f3cbf

Download Submit
/data/data/Com.ukjent.app/files/keyfile.txt

Filesize
5B

MD5
7b0b190604cb556e2a00b412b7156370

SHA1
46c63b0086e46acda0eb49254f805826c4c4fc55

SHA256
86ab1b720b7a9a12dc0dc2aa6747a4ac12a419b658b46ce069a98327f2e71ee1

SHA512
893c3f3adabb980a63d0ca52d13c59360d6d3f3eb77423591d403ca832ab0df6023c5cf12dc0ec6e58f70d22d57a666e27e42a992a087a63b6c1d22865e4cbc0

Download Submit
/data/data/Com.ukjent.app/files/starter.txt

Filesize
4B

MD5
b326b5062b2f0e69046810717534cb09

SHA1
5ffe533b830f08a0326348a9160afafc8ada44db

SHA256
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

SHA512
9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de

Download Submit