f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778

Analysis

max time kernel
121s
max time network
151s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
21-10-2024 16:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

7.0MB
MD5

d2e511a1e5836f0557c695eb23307711
SHA1

7e0c6781b9b560dc958d38786419f5a09dcf3cf6
SHA256

f3ee8522c46e31269449c58c69369f93a525201559fda2a2eff1d2d205f4f778
SHA512

56e6f6fa644e564533f0727dfddb3b22229ddffb550a8f72db58071bc48b936c3717f61a06071976b0dddef7c5381119e2e2f9f6f44c3490fbbe33bbe96c4527
SSDEEP

196608:debHCUOigkvgP45yCG8Ii8Z1v1oGKoBbq27:d8iUODHrG8jdo7ow0

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	bot.avesta.uno

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	bot.avesta.uno

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	bot.avesta.uno

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	bot.avesta.uno

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	bot.avesta.uno

bot.avesta.uno
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4836

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/bot.avesta.uno/cache/2

Filesize
33B

MD5
6167a44fb840e5ce964d679d71380954

SHA1
a2de5201620d3618e11923dacce4e06c10f19043

SHA256
1858868c14858ddd3e4eae688c67c46d9cbea98049701987bfe3f02491009240

SHA512
f492fb8e88c3cb3d2ed1aeaa2a7f487c27e5254c6be7c9199dc101d29699505b9ae83c3963dccf469df585b429fd33e72f7e95cf0d046429d20bd09d2f949125

Download Submit
/data/data/bot.avesta.uno/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6cfeebe0d5e632bba78f6666941c8439

SHA1
428b7d4c1fd8f21ff47b664dfbd8aaffa506adfa

SHA256
9af09c034898bb31768f45ef51c3064baa54b8150fd6306b60224cd4a3a3c2b0

SHA512
389a2947fdfe346388271d5c4782869eb26712938ffdc164cf8472933cd727938250c29b1985ef8782712afd2ea5965a0874050d13ac35f24ff2440ccca31709

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d8795b5d5245dac40f6a025309039d59

SHA1
05b7a9b97c66fbd4bb6f0d64d6847c86f5637659

SHA256
0f5580e91c6c997c2a031fe764057b65064e574fa3c330720d747d9e940e6634

SHA512
e96a452f3b88d9706ae1092399093377c7f0dab2d3c6fb0400f1b36b5af2cf5a5b8ef5fffa7fb59696750c9214907e65b798e462c88aa316c143878c8dc1d9f0

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
645774f51a27070eef76a8b6a5b5aa6f

SHA1
a595d5608ef8c10eb7446f9306601c55199178b0

SHA256
3ccb2baa4fa9c8622ed3f9fca69f5cea36596fc12dd0279dbba5936c61a27202

SHA512
588e6ff69dc09cccaf20d95e4cfe8755b522246fb5b8c6b3065e6185646a3e5fe5fc0138106b6e10890602509a01f5e36fbfe2d9ae20bb9f5cac74dd74545897

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
12810bebc1c15fa4cb40f9dca35af877

SHA1
cc24f1996d860378a1ea30a2415a9e64fb191fbf

SHA256
c5910cf9f99f3d888a7d98463c7dd89f915099087931eb49120f59c517be7d6c

SHA512
9e812fdcd7adb948a6475e844281257b813a0c1282190c3c27fba32f5463cc1a448eb5208ddb0b7a72a9a182559e3c2fc8a25f33d0f9ea998590a76b3c0f4c37

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
657810321e18b2369c22c3a53c2f416a

SHA1
a32ffab658c108649a9f1cdc6afa9ab3590c3dae

SHA256
c52e7fc7bee1feec4edc7d788a54bb575963e55c2a65f3ca550af2b7de405751

SHA512
14d70ad553d135e090a310b78c022d6f4222d1c8f1a861198a9a830e1011fd2c2c32de87116d780ce4abc60cf14f68a597c421a6ddd0a86e7562ba23f3680c0a

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0877f0dc1049e27f575d8f753ab940ec

SHA1
49530813bd2b8ff97b17901bd0e98ef8cf356352

SHA256
826ab1687083ec5848db0ae78db53f08c8283466de31b9c4264f4565dff4ff23

SHA512
1f587ca1f1abbe06754defa838a36e9914bdadb21c012f84f6828314fcc296fab894ac9f894a737e1f743a812ad28e39ba9b359034d4fd8c5b9cf43b35d0e086

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
24852cfdf0d9e9eceeb62875f686bde8

SHA1
0b000682196acf5e3d304c6d596722ed61eb9764

SHA256
0090fd3e7f00db84afa36d618c84a00b0a02e24d39e92b8a817b3994fbb8a9ac

SHA512
e6f10eccc2d0f04b57c898d821250a7b9c8a510988a71d72edf856d5c9de21a371ae07e6e79ce17672a56ca287194a79a98dd5fe076f08dd0a71461e9459c3c1

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
fb2f928bf766e88721cbba3ed217d667

SHA1
a2b6ad0c8c53e59030bd2e65a2d26f5b4d12bb14

SHA256
c5496e80448717e58a37935f8aa887a746a098fafe8c246b451b61e77a6f6cdd

SHA512
28fc9341f8a1165fa8f82da4c0ab5b2c87affb3e56a85654216362e5231ff751233bd649a7b6c43f8320ae701bf7614df6a6a428e09f8162d288e54679193cf2

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
59a4b106560800b752aecca10dee2005

SHA1
5a1038453cf6b4ebf8e3f75a6a2b62274a6efddb

SHA256
ef193e900ee6691ea3c48836493c157e361422c5bce36a054de0770c3918bd12

SHA512
a0fea645f3f71ad7aaa23f06f6fd6522e0fc13b1608cc16a261d589b4102c7a6ec1612b0be89a45b9e59590f9c97ffd34c3292561918040ae89bb86d7128792b

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
30f744d8be33ab4ad408b331fdf9a5f8

SHA1
32bc494e1a6d02628c254aaca4f6b77e64fba089

SHA256
a4dfb7e44776b65d91099b0f672bdf2122e1258cda682d782dc52d612878c0bd

SHA512
2a11c3afd1e991ba9c6e7392893e079754cd0784ab3e8578a78d48e7d8f59ddfc1a1d5119575a4ea1e4b5c578f84a172183724e71c2dbeca7722bf409712dbe4

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
9fcfa9ddfa2a487ee183843c98e57608

SHA1
60949e3a19fe76b605ce32bb6f5a3b66a87b985c

SHA256
ab851ab57b8646047eb3cde519c50ca5ff0b479a96409947b22643175e535fec

SHA512
799a29849265d33c30bab1a2158ffac68af805a05fcf6b8398876d3401c5659e5092b90b8498f5954e75c00436c18fb6927b84403cc8c18d0df31afe379b6cd8

Download Submit
/data/data/bot.avesta.uno/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cf7811bf0dc61393f772dec38525f768

SHA1
f0099fde08c35e4c010423de4bef4ef14563c211

SHA256
be2647d7e117c232fa4106186b6cbe347e174d1af5551c3de72f4ba5a92979ca

SHA512
e560277acde51cda1112902598ea6de1f89f11264afb5a65537eabf6de35e1cffe402dc601f14531429bf7a42b60e6638279aba22ff961b2d23ad58d4dbc2494

Download Submit
/data/data/bot.avesta.uno/files/PersistedInstallation6123164213227346814tmp

Filesize
570B

MD5
688fbdcff071465878c5483e18f6bf0a

SHA1
2521daed0723eab58121458284aeec08843639a9

SHA256
5323de784f305dd5327748774afee82768eb1b81bb294e592a27f21ab96b0689

SHA512
fe1b7e6504ce44ee8d3e381b4d634970452ff2c3b51007fb9cb406568f42bebf65f22549de90ba62445a3c241de4975f7533deffd1c708abb469fdf8bb9ac10f

Download Submit
/data/data/bot.avesta.uno/files/PersistedInstallation8220190804101629069tmp

Filesize
90B

MD5
8d158041959b6b5779d43a05408d53a7

SHA1
ced184226f7e5b06abd6817b45e431dd24c5241e

SHA256
2eda18007975ac30b78dc366ca7480f94f016cc8e2c50ff5deff68da0b6aa5ab

SHA512
ba0be3d0a9f6e63d619e1ea18ba53230a49509b9ebc39af6180b43be8a03b52f4a9a06508987151f258479dd98c05e4461fe1a406decc855c29e0188afca432e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads