Analysis
-
max time kernel
23s -
max time network
154s -
platform
android-13_x64 -
resource
android-33-x64-arm64-20240910-en -
resource tags
arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system -
submitted
09-11-2024 23:11
Static task
static1
Behavioral task
behavioral1
Sample
cb0c4fc65c556ea4fd9bd9330c1714eb904a1c21acc9badafd85a41831a8beea.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
cb0c4fc65c556ea4fd9bd9330c1714eb904a1c21acc9badafd85a41831a8beea.apk
Resource
android-33-x64-arm64-20240910-en
General
-
Target
cb0c4fc65c556ea4fd9bd9330c1714eb904a1c21acc9badafd85a41831a8beea.apk
-
Size
4.5MB
-
MD5
0844a9d8af8bc9495bae88a1fd21aa24
-
SHA1
702d51ecb2efc0cb6d7224842a2f695f175c7621
-
SHA256
cb0c4fc65c556ea4fd9bd9330c1714eb904a1c21acc9badafd85a41831a8beea
-
SHA512
630164a8891eb8bbe984a957a170e2811681b582686b2640a274ca577efe0ae72fdff3262eba00f0f14dc8cc6e6e33d674c823d8f9ce301b5c587520307c3f07
-
SSDEEP
98304:f/u6A9J3ff8D37r7wHgK1rNTPBEyhfkvB4/IcG+Sp4q5VuN:f/udff/3d/jfEj+8c
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.yonoservice.registrationdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.yonoservice.registration -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
com.yonoservice.registrationdescription ioc process Framework service call android.app.IActivityManager.setServiceForeground com.yonoservice.registration -
Checks the presence of a debugger
-
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.yonoservice.registrationdescription ioc process File opened for read /proc/cpuinfo com.yonoservice.registration -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.yonoservice.registrationdescription ioc process File opened for read /proc/meminfo com.yonoservice.registration
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD5207fe6610a0eae47ad5770941b28751f
SHA14637743c09c19d559a385f8a002451e8ae7c2fd3
SHA256a85e5ea9e33c675d0458d603f04e15e60d2ee5b449b601404a3d3b26b96574f6
SHA5120899a7777ad29a34558ccfd3f6295221e5f99b6e34eeeb6685c879f70c5b7ddf3c5d347f52018a70fd5779c7fef75bca73da6a63f1c9bd9af104c010a831b2f5