Analysis
-
max time kernel
38s -
max time network
133s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
07-11-2024 19:47
Static task
static1
Behavioral task
behavioral1
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
ac7458e2fa4fde4a6c8c3adc06a5f4b5.apk
-
Size
2.5MB
-
MD5
ac7458e2fa4fde4a6c8c3adc06a5f4b5
-
SHA1
bd30371b52fbc067bc29017c9effe30bfbd5aa89
-
SHA256
03ead8a86c4bfc846c7472972dceb853bd06bbb4c65f967a7b712e022dbad6a6
-
SHA512
dcfb2141ea62d75b02cd3060ce39c5190d22fda717e7c0740376655b7ad41861e3131167d83d7ad817e9f1419e653cdf140af0cc9d3c55f21c189f818e20cf25
-
SSDEEP
49152:FxOZOK5Q+q+XQvqqztSxliDImn66oiGDXpNpd2ZrB8HEj2Qo:oP5bbq4mn6hPBd2ZrBcEj1o
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener COM.TUUURAHIDDENS -
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the content of SMS inbox messages. 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process URI accessed for read content://sms/inbox COM.TUUURAHIDDENS -
Acquires the wake lock 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.os.IPowerManager.acquireWakeLock COM.TUUURAHIDDENS -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo COM.TUUURAHIDDENS -
Checks CPU information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/cpuinfo COM.TUUURAHIDDENS -
Checks memory information 2 TTPs 1 IoCs
Processes:
COM.TUUURAHIDDENSdescription ioc Process File opened for read /proc/meminfo COM.TUUURAHIDDENS
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
56KB
MD5d1dbe75d14cb0d7c1c03b8b01bd061fa
SHA1475dde100c084ed8977f5a55ce058d647bc395d4
SHA256e0a50f0cdb342accd233ce8e68cc6cc2a75f81538e9ee249ef4bf19873434936
SHA512cb4f71069fd8d82e3f3e57241b9075ea940e13471f015cb8df1ec4e192d4a43a756c0d91f351741789d3f264ac7c119dd1413266b0a729ccd2e3ad4a491561ae
-
Filesize
8KB
MD5ec112c32ea6c7742b21705c5a7f65d51
SHA1e89b48c6de6c13e59b98e297ef2d4ebe52947005
SHA2562340bc341a4f41fa93af045bd63fa77ea483876943a682a5b92d563f7c4dde1c
SHA512a647267f3d1b65d96e45befdb6640734725a21c38b2eeab61f4f09f8e90afd95e4643d39a9cdff6281edb9ed9a55f7476a985bcb01b34fad7907688ab5a93b37
-
Filesize
512B
MD5cd8dbdc46a06c091426d0d41f997e8e3
SHA18b006b6a0dba246e2ee85a0650fae12bb15838d8
SHA25660b42b13537889df651918a605f8757ea5f451170eaa7ae98237aa603cf707f7
SHA512b56064cd3506429ec01b64e713ee8b73a18570e99eb2d71233ffadf80237c7e6f083522b1b5fa3c0b489418b31423b785582dd82b93c39ce04f4524bce7209d0
-
Filesize
8KB
MD530e6c41cf5e1fcd1d20926707ff419b7
SHA143c0ac5700e584fe2f2ba2e57e2c9c977b3a675b
SHA256cd0e54359e227b0a944b9372c7d602a72fb5792b46893173b8c104883fd6e1e8
SHA512f1870f17c5d7e31bfc02f75969df2ee5cd0bd9666fbbeada88792cd61db8ffdfdc727186248d0344964a38614b0460c2cfa14bb932bbcff905113d0aa138d134
-
Filesize
90B
MD59cbde95d2a6bd6fd58c2574c45020ede
SHA19548e5891fe8f86c10d8d560678236d1bedb9b8a
SHA25665e9499b93d2fd9d07c41c867523933938687fc5dc737913974b3fecbd6109b5
SHA51235eb077d5d2a667f5a82ee51f96c2c362a8b5a60051f6df0c3229fa69bbe6a35131b390170debe9745006948f4e15d3347318905bb9e8b382c8c848a571d6767
-
Filesize
569B
MD50920b59843ba81fc6230524416ad2a63
SHA1c0a2b32354dabac5175021b0ffa42ff9a261b19b
SHA2565d11d0ebf8ccb3cda0457cf1da0d3a747572b2f7c1a20520fcb5997635303fa9
SHA512c2e16cbbb2c2558efab3aa903a8784d837d9e321ba2a3c9c3b03c6875130c81c29b923f6afce6f85e7b98618d1c2b03a96048f43b9ffb90ec843e79d97078cbe
-
Filesize
4KB
MD57e858c4054eb00fcddc653a04e5cd1c6
SHA12e056bf31a8d78df136f02a62afeeca77f4faccf
SHA2569010186c5c083155a45673017d1e31c2a178e63cc15a57bbffde4d1956a23dad
SHA512d0c7a120940c8e637d5566ef179d01eff88a2c2650afda69ad2a46aad76533eaace192028bba3d60407b4e34a950e7560f95d9f9b8eebe361ef62897d88b30cb
-
Filesize
512B
MD5cd2f322d151bc9271a59c005974fc6d9
SHA141d69ff112204f6386774383ccc964851c38adc5
SHA25604411bf7538a6b1d92d792338068357e3cabf61f675877fbc404a93ddde9be8f
SHA512a18ca4a248f849e4b93d3d8acbdf3537d1e95fa006f5bfde5062a2d32dd84f8db6dd38c6d8ddb2a10acfb4b66e8cfee74047f9f1caed083db847c30a10b2c2f8
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
108KB
MD573a0add638545d45ad514200362ac9ec
SHA1c11eeb4a0d7426df407aa981a42ffc35ac084c9d
SHA2568b87ca3ea3741db1084e5da2d7de0ea675c7833c5155c94597b3570323ef6ea9
SHA512f257cf0e6a4064bd847ae74c008508fba2141be10a42008a27454e813b89b38c5ab406b154cfe00205ed495dad491354567238fb25b439dde16bdcd8f68b3fd2
-
Filesize
16KB
MD53b76a5730ca9b57251e0036b395134c6
SHA1948d9ad5607b499406f44659092b1a8f91827f5d
SHA256369340fb086b7071d2927f1945d2aa544f3ed4f189c0143267589d92ea12f961
SHA51286df0674f022432141b1452dd47c77de427c0ea4f354fd81c0a8524098663ed6004dbdeeb09b20d1b41708fbdc4a01d0b9cca32c87aea7c2883f602707dfbfbd