aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45

Analysis

max time kernel
123s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
31/10/2024, 13:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

app.apk
Size

3.1MB
MD5

5a51b3bb0de6a69ee0f6afa3d87acf3d
SHA1

81a211db666782fbf04312c510c439e6b4c2d333
SHA256

aef6833f387c0f692b5299479f8926b16fc44b81485c98703db9663c1f1c5b45
SHA512

f5b37d7c3e34202eeda34c7c5158f1adb2b0224758adcf2596d6b7fe50678cf1f2b22fe89f5656cbd6f572382b884d669dc688d0a503ec612cfe2a41c4d8f686
SSDEEP

49152:4/71YJslBMJFRO6MdkbQ0fiYy2DsuqATeHjs+GotMHqRqQs4PG95PiuhttZ:muIaJjOFWDx7qqdUmgqBf6ub

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.api

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4488

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/2

Filesize
23B

MD5
140a24ecf018a2aa563ec06556cc2ce3

SHA1
1a4b595ea0bbe861a3152071d73cf324f6502aa8

SHA256
dc7266db6d411cbf91eda77d216cb0cc850df4ebd2038cd6f8c8e213ec0792b4

SHA512
551e3db39a2dfc5e687e06aede2f7b6f17347e9a58e3d19e0908140ec317e0ba43b49ca49f8479c7624a3b6aa3ff20a6e1989fc31936b5c07088cebb02ed8c43

Download Submit
/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1848b5a283c3e994faf2d63495a20f31

SHA1
bde4d1290ca6e6632a09d40f2c39886ffcc3269c

SHA256
f1dafd22d5c9a49c9289b17e0a34e78d9cad74fa5fccc35c9540fdaddba5c208

SHA512
2ac700f187b6855960f1b4e5e79b6eb0b0ca801e1243fb137e2214f1f3e28599b576831fa575838945de017412f74dc5f24b820a3cfac4b089229914e0e6fa0d

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
36f0706f24c1d57d907ad608568b8193

SHA1
4a9f967e5bdee5dc08497d4ecd293239ed9ec8e7

SHA256
92677b1b62bbf0e8c725e6c8b9da522c9980b014b3aafdbacb98c8b3e3fe36a9

SHA512
10405762a373e38ea2e0807faaec12ef23b8841e5c4d695de568c85286ea7c3fa1ebc980a22d5ab8b60214c5f74fb7ba1c31e335475e7324f95d4bd7458e4023

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
acb0f2d554e738c56bc767067e19a93a

SHA1
c75772276f19c4bc1ca17d4f34f058adfab0a79e

SHA256
1be4ccb6e78fa013225d64685fe04841824c99bf97428d0280d49e39c88293cb

SHA512
ac9369a373549d491e8adebf131e74d3185b577fea02131271372f324225e746d2e10e4d1802380c3fd1819c103387fe943537fb679897d90dc8d23b13e279d9

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0601feeab06ccca74bb6ed8cf07e9a56

SHA1
fcd3009859cde7e994d150a8867f9b18f3b024e4

SHA256
1340b0c7f0eed51eb9b67097d4a329632236ecd964ba25067a729c8f1ec4b638

SHA512
d6bdd2ded50fd779284b4fe3d1f43219998a926f8031a959250dd641a65100dab1ddc61fa1dc13ecc650c1f6cf515791d2fad10a502a0d681d0f54ab5379ccaf

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
3ade0d86f21cfb97ab83836375d2506d

SHA1
f1936df966d0a3d10073927d212b17e9cb6a39da

SHA256
92df87498d1047e6e4f6d405239bd688d33c704508616c92c136c80e723ed338

SHA512
5710aadec6aab0ae5496164e0a53150fc1a25dd50ae5811f5d1e47afe829337db7bd37a9c9d914f919252148c0e51cea060a4ec7ac5b88487f920815cc767d8e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0822ad1472dffc729039d30bf5ef8641

SHA1
804100be1f0891c7e7f531b0aa181167edd47933

SHA256
70203f8db541a3d35a20085b1f658b6b320ce3257fcca0c70cd535ca8092f3ad

SHA512
140e79fff51d6386eba063137fa9736c472e4e4917b87d45b006aa7a6e256a825869826bef0687ab29fae87a3bfbbe6c7dffbede328d461c505b66d5b342ff82

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
665e38af8daa070ec460fc6a737b93f7

SHA1
29b17183fea70eeb6a108790d1ac7e98ed3be13e

SHA256
ef1d3995ecf1ea49fbd692cc0edb0cccec32f208710275c02aaa4636bc8259ee

SHA512
94baedcd0bd1f022b7c629f450ef35091478f98484c309bf1c0a0f2a4b061071e9b54ec21c02429bd38f65aa47becce9a31ef270203cb1850b92c33a55448e5a

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
341c432639d9d317da6181b18b09626f

SHA1
7b4996c2a4f4523726ebf0a2db769f009c8e5f6a

SHA256
5bdbad4dafc2082dca0a54c1062cc7bf50adbd388cc84e69ee751b7e6725ad3c

SHA512
ea5071a2fc8ad8989bbe9990e5ef7e8f6bd4aea8d11a91d012228397789596740fff37ee80784a97b59290f88cf0b4764f25769374fe9a8c220aaeaf2c4a1dd8

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
79b24042d2156051f95625e09b74cc1b

SHA1
daf38a7654330907f719b01e9635329902fc8c37

SHA256
85724811092563c3b430f6692f459889d32528b7d85f0b8e0c5ea7e9bf57599f

SHA512
4037aba978c34f4f7d95b2ff4cfe4eafe3d442aea9bcb89719504301ec002b12fb17a10c5d8bd3e572d64b93c286620cf48a7260f6442e242dafcc67da665a8e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
120f3237eeede36427827607f8f61be3

SHA1
d818548816957fba29d9ff0243eb698aa04ac9d5

SHA256
80e6170ba59084256b2a0ef744ce38119133eb8d201f2b4bab85211c0e2ed731

SHA512
902c9e5edce64a28e7a10789e34ee3dc47c1705a6ef937ca56442e11e294c79cc242a48e472e8b4bd6348ea3aa0a9a7b5090049e6bfb60200bb55a83da230f31

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation3781639776147964307tmp

Filesize
90B

MD5
afb7001edf2189eee70fcae4c2a8ec23

SHA1
b393a7de0e32abfde13976b403e950025bb8bcad

SHA256
233dc6e1a5849b710d860d78d6c779241b6c90bdafdd53622f409ef879e8e33b

SHA512
675d28b046b27586e9afbba4731e760e55bb99d88b7c261a8f286b85bccd80c22228998c54f305f7afa6ef726c1c164ae8a924d4831e99b5f02492fac8f5ed07

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation4047069409644884244tmp

Filesize
567B

MD5
5fd685ff5258a124a7e50182ed44c32d

SHA1
0a08a2c779cf593c381b9a0920d39b32a9222808

SHA256
101327ca6b3eedc4eac01c91998faae9940b0122eb1635ba0cebc3434cb3ee15

SHA512
d410aa05645a35c3194e68cfdc25540be530dd01b8410b8ad37d9d59b4f5aeaa56a0eb77c96d65bbec940879fc13c2e32b88d3bded0e47ab48954039d13a6cac

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads