Resubmissions
24-10-2024 03:22
241024-dw319sthrk 1024-10-2024 02:40
241024-c537ys1blh 1024-10-2024 02:34
241024-c2p6xs1aka 10Analysis
-
max time kernel
13s -
max time network
151s -
platform
android-9_x86 -
resource
android-x86-arm-20240910-en -
resource tags
arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system -
submitted
24-10-2024 02:34
Behavioral task
behavioral1
Sample
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
Resource
android-x64-20240624-en
General
-
Target
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c.apk
-
Size
3.6MB
-
MD5
0366ae0abf0ada8aed90322bfe07dfd5
-
SHA1
2f0779ce64f02944e87674745cb446c5bc620607
-
SHA256
92c3337b3d74f2aab8f0ca3a6f045719a3301519810d535856ff11dd743b523c
-
SHA512
52f50f2f847628b1fb498784660050a6f189d8c7cc520c0d3a06ca28cc35ee4961d0a3daca71a540e263ab930ab629b884c3ff187d4abcd8f58549fdf87f9677
-
SSDEEP
98304:mD/SWbGiowrvH6Odp/9hBbW+te6lXhAyHtu:mWWbGjuvl9jS+oSc
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.systemservicedescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.systemservice -
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Acquires the wake lock 1 IoCs
Processes:
com.systemservicedescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.systemservice -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.systemservicedescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.systemservice -
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
Processes:
com.systemservicedescription ioc process Framework service call android.net.wifi.IWifiManager.getConnectionInfo com.systemservice -
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
Processes:
com.systemservicedescription ioc process Framework service call android.app.IActivityManager.registerReceiver com.systemservice
Processes
-
com.systemservice1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4216
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD5296213d459b8635d88bcfc6b74cae843
SHA1893cffabea38e62becad78186d9976fdccfed390
SHA256b729ebdd9b19a49574e102f60fcef24992568c0a4884686ae1d86932ab3eead6
SHA5123c7a71dac09f4768de40745afd728c0c9bdcf17dfeb1030af143cf72eec145099d00f6dea65ce39592cd364bed04aafd3e3c276fd203c03297b714e5d69b2f78
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
68KB
MD5e8211c71d5428c23ec87e7fd6967925f
SHA152b86fb6d5a09a77f53dd5d72b528a28632a3d04
SHA256ed1e01c17012d9a71facea2311d439b5b492485a497d31302595f146a3b22c81
SHA512cd3e3ec0eb51edb7099ff3401dc4439ad3aa3fb7aee68ca3591ee8fe73061d3b287c8ddff0a039cfe599ca4a5d86f866a67e92e084e5d9f2777e7831842551b1
-
Filesize
36KB
MD5045489a0639eee27bca52f48828cd93d
SHA1436e7966e7c019273c44faa4d8c5709b816dfda3
SHA2560151eae0eec786abb19ab59d7361b3291ae98411fae12cbbdfecd1612e16996e
SHA512c8739a723a8648b0e380b946a97fb6cd83d6c4769ec3679bf4bc003ad0049ff5cccfc8f75a6ea272feced0020b13d3129f792f0f22cf442f0d0127f399eba22e
-
Filesize
16KB
MD57237409e0640cfab7bdbd429bf821a3b
SHA14c3da934842f8d4835dfe2a9c275a300e5123309
SHA2565c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa
SHA512c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f
-
Filesize
16KB
MD51c5923072c07db4fd697c9cd2650d68a
SHA1502a57c341a844f63dead0c528dc3083971acdd8
SHA2566b745ca410c547bf9eafc50a2f271e8e75fd512892976d494921f67c1b762251
SHA512d2082660f70e6e0dca70040842d3817059f7dda7c406e7aa864ca62d07676c10567688a5b491f54c128dd0a0a1724b7452d702780915d2bd114bd1da42b28d46
-
Filesize
16KB
MD575eb1aae5d759ec6476e678201f598e5
SHA147e4e58864e01032b304758d0157194e5d5dc1ff
SHA256a92c9482eb476cef795e7ca79d59cdad7d24a8f14373b2a83426868bef43b694
SHA5124100749d7b467e88375be9021440d65c66f20bcb939ea50ff56ef2ce06223b22ac74768df14c97a51613359651861ea854f38be5fb3c6be414ab0d1f9a53d1e6
-
Filesize
16KB
MD5e569e9ebb37419cb325299ef569b8f82
SHA15e3897a29ad02f87155369befc438caa5a81049c
SHA256f7c363e596261e0498ac1ff688bb5cf24aa6a1390c654c01c39dda8d1c7c8329
SHA512e7cc0debee8fc0a6ba718255b32ca3342db66fe5473f8758ea367024ffdfa0665ea72f898ad79b7bcf652af8c2abd7befc1af459ae7a40410b238acb2a8ade23
-
Filesize
16KB
MD599ed781c12a191e19056e23342119cc1
SHA176cceee46a670a0ae752e65fb02c6978c91d4081
SHA2563a14629d7eca4a87efff50400c67c80c27140c5be9c71833632ed49d548a5daf
SHA512b6258f1beababd68715f04b33f069062c7957d2a8fd4ae21ee472790dfd10f767df1cdff6c34968a827445cf41f35b48bb0cb364c95f3d4c59fd086369aacdba
-
Filesize
16KB
MD5835cfc7decf507cdc5e54f602e3f9699
SHA14a55d424cb32e766554672cb2d0b3804fc47552f
SHA25629257dbf2b37d226ace65bd68d001398801235d93ed830a35435bd4bab4de852
SHA5122ab470c2200d97b545693a4cdc661100e46b0299f3d3890773681bc5f22f29eeda6b6a83a5c627fa22119726f3ce78d40021362a3f018a4f3afb4a08476c253d
-
Filesize
512B
MD53cef1f510d760daa076a5d93e86ba655
SHA12f27b776fa92b3415273b1117450d02be6740d27
SHA256875338ebf41effd33e64733909ad0b5b1d7fd24bcf1de624945c4b2cf83980f7
SHA512b53affda2f340ff569a52bdab264f21f79566e91244d8bb38e4178ecffbcf73d8f7ed8794323201cb05cd7a80388230d21d7a0b4cdf98c3fd13063fc4e77dec1
-
Filesize
36KB
MD551dd404807febd360df337fa57a0ec4d
SHA1787e42a524ac024fdbb1a32e1c747fd7177e63f3
SHA256ebcb3642ac514e4017cbcfe7309e2b4a234667860f4ebd9abecc6c89b7f74a64
SHA5124c28737e7685380b6427180f6e26fdd89680b1c2d63a77f03127a67457a0c0084192f76ec7b7132d3121454594a039321030440cbae52cfbf1f0d8cca9ef9c0a
-
Filesize
4KB
MD54b5d7320f4b33de3c4f831fb9cdb4aa0
SHA11e4760ed5f79ceaa7cf9679544bc6d17e38298ee
SHA25631e87253ebc0e661abf9800f481f70ce13d94e75305c8d39178240f52bbf5bae
SHA5126ce25900e7cdca4683ac43387dac49cca88b702eeb2eea0983f2f187c95443a7669c36bd440fb272ade7f7c4ccefee5d4e19e1009214ad391eb373e4fe95da59
-
Filesize
4KB
MD5020b7f3ba147eb94bfdca75030b1033c
SHA1dd2fb72ef7523454fa25f21c784723a10acdb444
SHA25669f9695c99f7399caa3a7872905f4484ad5af2b3763c03e27e84d966a49bd439
SHA51249acd3deb132cb65771a378c4691aa47335236c37d1d381fa275f570c2cd481de9295bd31dbc32b548aff119de4f62909ec6159472f3cf6bd8e1b822e5b3f405
-
Filesize
4KB
MD53fab8f38a63604874b152e9ac6d38a69
SHA19d9a2675725b9fe1bb496eedb2b1a55370496950
SHA2562f6d222b0315ce56cf9a0760d76c66bb93c09083bb5a6f9c765b7d2828b9fa05
SHA512ac1b88eb21b91489a8e83d5697877d0c7b00db940c6d8acaa9c42ffdcb0b48c6acd89751ce44976bd29b2421b768a3c5c4e92076a9db7816d3663b09bfc81d7e
-
Filesize
4KB
MD5562914909aa8bd497d749235f62aaeaf
SHA15899f26964e6c55b5a6bf7d4b711405ffcd1ff5b
SHA256d5cbf4fee59d4c66eb28025590f21a69f657ad220d8605291cfad2329ab6c016
SHA512703fdcf5e2760ba56ebd5075bdad9376c200b63369d765942e115ddb73403e40f5af48407d7ac54554fa7f38dd1ec73207185f1d63fe69ac3b8140e40bf5a004
-
Filesize
4KB
MD547bc90ac4062be0e65dfd4392591dd98
SHA1b28cbc7cf180b940c547a65f36c5aa770c0d5943
SHA256a83c2c9fb402993faa28d971f57478d84c683e622c23fe0d404712ffc54918b4
SHA512bbfef553f26e201a1863f4a8f3af7da06c03e298dc1e34c65c66437c664a5909205f59d949bcdc243b70b7c38541e0d56c68cfc4b536e79847c4ea021f842ce9
-
Filesize
556B
MD5cee48238ecc5dd60aa9f85dbb1c4a79d
SHA1734fedc41de21139df0f20bcee971bba178f280d
SHA2563d1b475787407c0c999f58a24b2b505c97c7eb8aa29fd6b36b5727381ee35fad
SHA51210195f6cde2511be45c588e7301f86d29ec08696ba691ca2b671b779c4ad3efedbe6630ff0c9f5aa1222ef831ed49f4af5ebe4ed43a79ce7daffc7e1a9b883c2
-
Filesize
90B
MD52886f07a56f83ee48b54ed69dd37f00b
SHA100476241c99bcb851eabe416f47427b118e8f197
SHA256b5ad5c490e5debb63d77e78af47e841d2a175748cc4e89fd0160160dd48ff2d5
SHA5121d59793e4a12ff9ef097991d84db8e621b8264d65f61eff1ed00ca21e6af0e36116791625e367fd9dc2340db9dda5f3dec665d322fe2d78330825200a5183707
-
Filesize
6KB
MD5029356eacf6c94aac497ee65b827a001
SHA17eef3426a3f024b6d7514cf110e65fbb0f6c57f5
SHA25626bf3a2977d864c322fec0f6cc6726a96a151fbe03983ef153b7e4dfbe6d9712
SHA512a5d88dd7dff920ec6f1972e0dad14efc5bcec3be064884cc2f1bb7cf82498124806bc24db6e126c8f15f8bdd0db8d13f801c6884d7df95c9a2bc4ca8a5c0ad79