aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45

Analysis

max time kernel
123s
max time network
155s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
31-10-2024 13:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

3.1MB
MD5

5a51b3bb0de6a69ee0f6afa3d87acf3d
SHA1

81a211db666782fbf04312c510c439e6b4c2d333
SHA256

aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45
SHA512

f5b37d7c3e34202eeda34c7c5158f1adb2b0224758adcf2596d6b7fe50678cf1f2b22fe89f5656cbd6f572382b884d669dc688d0a503ec612cfe2a41c4d8f686
SSDEEP

49152:4/71YJslBMJFRO6MdkbQ0fiYy2DsuqATeHjs+GotMHqRqQs4PG95PiuhttZ:muIaJjOFWDx7qqdUmgqBf6ub

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.Mad.api

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4974

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/2

Filesize
23B

MD5
140a24ecf018a2aa563ec06556cc2ce3

SHA1
1a4b595ea0bbe861a3152071d73cf324f6502aa8

SHA256
dc7266db6d411cbf91eda77d216cb0cc850df4ebd2038cd6f8c8e213ec0792b4

SHA512
551e3db39a2dfc5e687e06aede2f7b6f17347e9a58e3d19e0908140ec317e0ba43b49ca49f8479c7624a3b6aa3ff20a6e1989fc31936b5c07088cebb02ed8c43

Download Submit
/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
88e21f746d5277e03367546ea6dcff9f

SHA1
29051d3850951a0fa2503acb9c08914aae231059

SHA256
b3f5b5269bea9493047f48409971c4291dccf0532d397729bfe8dbd2d516670b

SHA512
52369a0f038d2e7aa13c047c5cde85234e38c5250577ecaa4d99f126f662215d406f80ee9cddcb4b8975fdbf9bedcea1fbb4bfab068bc49bf5b3fc4d1cdf8b59

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
797dddc17f6d69d61632de3a925dc1a3

SHA1
14ea77490f6bb189e502fd3af82461d1fc8008ab

SHA256
51b4897278a204e4d14f3fc2352d9a2742eb3ddb220c62214e13445ce63f634e

SHA512
e60add0691407494a9a86145a674fe6aacba3041a2dd031130cf8655874ec745a512da7dde98689cb6b7249981ea2292a4bc5b28cfaa7b547bcd51cb200ab0a3

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b9c273feffb2bcf7ce168613e52e1a2a

SHA1
25a14b5528f3463586f8b6eb2103d0aa4161fa11

SHA256
78877573ae209daa3a09997c21f72da9a3a572232cb6f83a99439d0cced30905

SHA512
36adc82a433396e77e75c0fb83c0b193391f3654d567ca20b1ea87739132981a8846977db04cd025bfcc8359f8970f6ac08d5a7fb5bc18a1ee505b4453437eda

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dc5c1dbb8df48a4373c82c550cecf5d7

SHA1
48d89673ebf86d1cccccc44a0d4972c046c1d212

SHA256
ab6b895d546a0e87a158506333ee7fcb755c6037a786be23b72689266bc331aa

SHA512
b4b4378659ffbaa2e192ee8ea4b861d92cfbfea5cd63630ddaaf7c436d595ca8498200d0a8cdd6dbbb968c95244a1537cdd4c6df9c7dc217b7baa6d5857c0e5d

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
dbe082f0e113bc2fb7cbf5deeb2386d8

SHA1
a9012748451110c36e296cdc8c788aeb5f7ce2ea

SHA256
041613c831e71279f937a5d8d03e784ebefcae2a59cc22eeedab7a2ea9ff8047

SHA512
210e9ff2ec1985a52d200c13f2e20e3e517d22b9e35ec275cf5a73672fbe28923f2561158b8e2b30bbc1fa03fc08316488994d35a59ce9c463cfa03ea9e1bfb5

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
12e61fdcd2942b964f5c45b9c8f13a0c

SHA1
137c78a4100c5596ce32ebc2035c159232c295ab

SHA256
88ae3290d02dbafaf8a79f07930012c89b0b22591f11c30b25141d07171dbbe0

SHA512
cde57e39c2d9341aa8a4e41f0b5be076f65e5cec1567ace51fd3e30cda824136661d746bab6a902efa66d00eece43d32bd7bd313b967fcb7fbf88414d1d06037

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9a9bd14a52c8d15bd1e0ec8a5cf30e0b

SHA1
4548d83a1887b61992d0bb40afc5a66646a88e13

SHA256
033e99b458f5916f31e6d8446f6c0db6f1f0e20fa92191cf0f8b91d23d48b0fd

SHA512
deed6540d89316f54528071bdcf2a1ff3859b7c6e493e7928343ffed4fb8ce464fd2903207833e2eee4cf19d78b20f2f956b3557067c2a632cf4619ec89b9de7

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
500b954e60c017d5e7ede98e93649348

SHA1
bf72d247c5c42b4e2e5a635b99968701a77b01ec

SHA256
1362e436e82dc07414087dd7c675bf249fa3d837001e513239335b729e91374b

SHA512
8bd218cf6879b434ca5357c55dc40e84f2ef8a0af9a9c06f63144591122529a9ff06798aee731c0dc74e8d98e18bafae242f274a7fb79c17ac60798f169f74c1

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
45a1a0815f4161c8221c496056ca2203

SHA1
642a020a480b1e1dfb78503e6406ee5a9491dc19

SHA256
df8ceaf93a3efe17b4d03d54a381e92dddf45601fb18c2485e824bbdadadd50b

SHA512
307e271b24a415f21de72319a54d0a2798e26d545187c2eb599c6027402095dc4f544cd93b029e53717065cbc0ac4459959f0d6f852dbd2fcfc3c16ebc6aacad

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
eeb8ce841748dddff32b556fd861a2c2

SHA1
0140e61c19c65fab5f1489624cd65050eaf57362

SHA256
a110b5a187fec69cd64dc9d93667df18794b554c7c52d060d208169308f3a294

SHA512
ca8437685d29e5ea9b3588a96db4a128542ce40ca22685865644a190fcd53ae9a51ff5d9f573c9cd10ae4bd657ef38b942cbddfe6c00f1281cb681709c9e0998

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation4864814298481018915tmp

Filesize
569B

MD5
c4a390f447b9e60c292fbe09e88e135f

SHA1
0e965d7c30d51ec817cb0be72a70e02e5eb08ba6

SHA256
936ccddc7683b236729d0728fa8e75dcee38d6bd01f94c503ee526b4c35a228e

SHA512
b71cb3db10844cf772a15d120d4926e924cfdf48a6dbfd103f197a8ef8388aa34ed8a6b9cd7f9d4ee635b4bff5dcaf1431e04db3134ea2caabed05308c9f7910

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation5574584852229258399tmp

Filesize
90B

MD5
2a17bd5374363f195a0c917be4997052

SHA1
eeb1dca2440dd87a9820b0db3beecf21f40abcab

SHA256
e7214810ad27cb741d7977de3302a2ccc8e4667fbb5a15e39fdd6cf10e6dc112

SHA512
4289aba3458f85fc810b947bd2d662cf4297e137ed566bf4fd140c42c912277464340aa2a65ed639db55629ecb3b33767cacf5e3f8ab05777b4e2a1b9f589a6f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads