Analysis
-
max time kernel
46s -
max time network
152s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system -
submitted
10-11-2024 13:48
Static task
static1
Behavioral task
behavioral1
Sample
xbrowser_v5.0.1.906_coolapk-15090-o_1ica49h40hn5p5h1aqsi5c110u13-uid-442310.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
xbrowser_v5.0.1.906_coolapk-15090-o_1ica49h40hn5p5h1aqsi5c110u13-uid-442310.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
xbrowser_v5.0.1.906_coolapk-15090-o_1ica49h40hn5p5h1aqsi5c110u13-uid-442310.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
xbrowser_v5.0.1.906_coolapk-15090-o_1ica49h40hn5p5h1aqsi5c110u13-uid-442310.apk
-
Size
1.9MB
-
MD5
1b098d0d4a20ba121366a188577a643c
-
SHA1
49b82f60d70da5019d07e021b3566f6f1742043f
-
SHA256
888169a18657fab2ec5e1ef35095f1cf7d7ecb7b4b46dc063050485500a0c0b6
-
SHA512
e2d018efc3e4c17a42b7d60d81bf5892448ab7314a87b2b9fb6371dcd16ec7955ce582ae5cdefbcadb2a515b61ae8abfd8ac0fb0897bb7fecfa52a7944b9a2bd
-
SSDEEP
24576:ONdpRCfTErvADz8Ic/F+aeOewuc51qKFKWYpYKJilqluhN1qDV+PhyFz3h0ODi:OjpROY7AU4aeRw38WPsDQsFz3hY
Malware Config
Signatures
-
A potential corporate email address has been identified in the URL: [email protected]
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.mmbox.xbrowserdescription ioc process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.mmbox.xbrowser -
Queries information about active data network 1 TTPs 1 IoCs
Processes:
com.mmbox.xbrowserdescription ioc process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.mmbox.xbrowser -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.mmbox.xbrowserdescription ioc process File opened for read /proc/cpuinfo com.mmbox.xbrowser -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.mmbox.xbrowserdescription ioc process File opened for read /proc/meminfo com.mmbox.xbrowser
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD56c198e1115317a25b7f73a6e0d4a8afd
SHA1df9b42bbeafcd12d77f4af8d2c2856aef39070a8
SHA25622936271be533011b751967d25159286b96c1f29d3a1d75be4ce1d7d50304ec3
SHA512463d5f69dc874d26236fddf8e11f8ca3919073c00ffb345caf60af5f0a1167bdb489b0656ad5c17507dbaba3cde0d3e93a869ac2828da620bd15060a2274d89a
-
Filesize
1KB
MD56a021fe46ec2e549d99376931283ad94
SHA1a813b4b16676b25855f58ca7e97bfc4ea43dc23e
SHA25614a62b2de34a4018138dafa8b8f5c1400a597e420acf89b38734b7497c26021d
SHA5128570131f84c7924a20d20461400f4e09ba3246c5d18a09b2fea369cacfdc5e2bb38e7c412a9061e436b61ed448b4bce8ccdd8e4c8b0d9e1759301a82061eee06
-
Filesize
690B
MD5ea04a17ecfba418fcfb11e1aa73f3275
SHA10b0532c3644fc9a8199a27f8fb357389136394a5
SHA256db8c520967ab234d44e0942ea49357e043e15d8af905c839e59a5cf729eb88f2
SHA512b985ad307039cf97780311210dfc0abf40c1ae98451ac711c641d9d7a0dbe7e5dee3092992f69a5fd3ce519c3c7c2e1e584f26e56f5c06f16766cf1d76280ed4
-
Filesize
2KB
MD5a7dcd315eaf2d22a96c679ff3d22cd4c
SHA1670d2d3d5695c3d0c64ef41f27925dd4a0ac1764
SHA2569ca6095ddbab48feef6848742cf4713e448ae15211be080bef14232dcb8b43a3
SHA5123a835728299aa789985628eb5d26ef2df1333946bba9e6af8a34dd2526fe446d3299714ac4b202f42db28d69ff112b2f80a8f6499519e3e4ddddd9d5e378338f
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
601KB
MD583d285488a277e0153c3db50ae60fd8c
SHA127ebfb9cb87155db505b82eed92fc3b8b340d75a
SHA2566bd8303f1322243ad3cbd73a9fea540cf4723ceaca2ecac1c4a3927c0ee7db47
SHA5127c2de8766f8ef11f21e8731a8c13830dde305d04b3f0b262a3157cdbff5154350370fafc2944a90645377008f0e35e8c4c39eee986e67fed91dcbc661b28db53
-
Filesize
45KB
MD5e4aabb1f44380fe39e52e762431c4814
SHA12d146272c83ae8986ae0dcabc797b1e66f17c938
SHA256984962f2f589561b6d8e50788b2681e110fb3c5a4c1c6d930b89e4fefb69c839
SHA512b8408f9827383a9e01b55bc19b4c46f48bf5333db8e75eba2fe8b684caefc5ece834b429ab639ff0031b029a5c1cb29024b451628b26d1825710e59d8323be61
-
Filesize
435KB
MD523d5857b8d05bf3d0c9c8750fd235605
SHA1625eeb501e8d43f1cd7a4ff4ee4d5dab699c79e9
SHA256a30d0ae9d217a541a2fbd647cdced0df57f5cbefea6680a770dac2af5e217e02
SHA5126a3232fb1f4ebc9a2606e85e8281790b025a53a8357aa15e860655e30489544e35b3e91853b3e8b79e8e1cea8ebd4da117a1f35ff74322120c18ce3a78a0662f
-
Filesize
3KB
MD5f57fcd5733da1d564a84db85ca3403e5
SHA1b41c82789117869ad21087ce04ceba1650292a22
SHA2563b428fe821e1372b883bd3f40f97ddd0ee4d7af32bef5ab468abddbdfe10af57
SHA512923b10469fa662f28c4c7d93fdd8fe71249aaea649cb30f164683f1f6c7adb68bc343526293a567ecd4004e1353834baa3e3cd2786923df857397a133eee3293
-
Filesize
6KB
MD5b5aab4e19ed3e6ea3849aa25454da2d1
SHA1d3cc843631438c3d1809f8972f9b6026b63e4a6d
SHA25605fd8bdfb400a017f72225e4decab68e80f49ca7c3a74961381f297928553520
SHA5123c2417aeecea23036746390f9b369d741e1e0794a21fa1c6ef6bcccf3a74b4f2e54123eea5d948129d08c88263a5685ad3e4b57eaa24e8e969be718cf79aa943
-
Filesize
2KB
MD596b99a5e8f8c95035acec8980b38c81b
SHA19539ba1e23592807ea22145d16c6ea877fadb1d0
SHA256d61a44edb71d1919947139dca07a6ad8d85071fc05cdb9e9c42c82c8ea86b50e
SHA51240f607c98f42734e1c524e15f2c7eb7d8538a5124d333227b48027deaf5cfbfe20eead5e563bdcb120b9cd92a2163a7b31a15abfdad0df624f5ce2ec2e18839f
-
Filesize
164KB
MD583840598abd34f4a724c146ec8f48866
SHA13364e0246a8fb6a4dbd441aacca8396e24ac34ad
SHA256fa0d7dbd0278b9291e9ddd41ae0e7eee86b410cb8779a42a64d874089bd6ff6b
SHA512349b67bf29368201a27df5b0610824f575bf36b29e6ed5d42d75cbcbe1759d956be5b9ea7f4a5822f0c60cd89feae71c7c962f523a14dcc07de8fa72dd95dd8d
-
Filesize
12KB
MD5bf30747d148aaa802f2f27e677688cc8
SHA140c8ebe0360f7bec195a03299ffcb7fe508e7698
SHA25635e247fd6caffd8d863f73e362315036437b06d5d5f56e7d29d5e65ba63909fd
SHA5123668cbeb6ed56970b9d64221f3caef3b4b442f93994fc320ffb6fc6bab19b31d20167df559b40108c58a64f30b8b70dec3079b16722c7f21763c7330f2cbe421
-
Filesize
12KB
MD5555aeca1dd7b2cc0f5fa2e09304b88f3
SHA17153cea312db899f3ecfa283db6f5fce6eea0c21
SHA2568d0003c81353cf26ab978f74c2e7b8233c3fc8ba1d5f2d22e0de238a10a94ac6
SHA51248e9bc0f4ca1eb3631c30e069f3af1e8ead2c11fde99c57d066d3a52aece9523dee72abb995fb64e9fe85f7e20d4124183046d9415459740de98432ed2979f7c
-
Filesize
512B
MD53c790f3afebcf9dea0c8c3d159e83ac9
SHA1bacac77c47f59a1610037a7e592d9e1aef28db5d
SHA256d56b8fa56e8eaa44e9c78200f58ef12388fdd042491bdf3b71e394518f489de0
SHA512f1652e582b4f13e1d6bd7affa88a98c15f02bdf3dc6c20e57921c03a7185271fc6635ad3df0ffc126f223212a8b093707bbf3ab654eb4b87bfff589e6096f147
-
Filesize
8KB
MD58e331ce6566af9ca81600cf79ac92fe4
SHA1284028470f1d92d3ef49986716e0c95ca807e379
SHA2564b59db84d24cfd2f0bef5baa487e908b7f8d7208f9d5d81b740742e69cb0808d
SHA512ab95c611a79f4e2e3d2778b826e040ce1bec5be44f7840561cea301fa24a025ddfafb7937ac8436e103bfceaac1f9b8f9d73bb839fdcbefc37b482ea5626dc35
-
Filesize
8KB
MD52acce95ed618a2786d15fb0d5e87b463
SHA1ef76b1176b7a98ce31dbb276ac4c1199bbfb7598
SHA2560a924e159c8331daff10633f37d33c3daeca73c6d094831adbd78d84c442b22d
SHA5127279f6a28e966da95079415a0995d8b845bf987e5f7e172a057ab963dae8a0d753ad75fc25c38ba5831db8f19df607d3f7674416c3b8eca83259b8899c8ad9b9
-
Filesize
12KB
MD57cd588cd7d85035e3996eaed8339e938
SHA105608cca9b7f94db9af2d391f253ee3017504191
SHA256f8ef371cd87a4bfed42fa0800f544fdf3bbd6ea21b69fc660442e1e955145ae1
SHA5127940e53fb40521c271690bc4b6299e3e9807c357a859a2cd4be62b8132f315f7b6b08adc0cbb8c5089d990b02a6c2224c5e782420b80bca017be0861fdc94274
-
Filesize
652KB
MD51d4d26e838a9324f2ebd9e4fb80a9bef
SHA1bace4b250a931ea1f1fb1bdfab0086542e5b6ef7
SHA2568f80dfa2ee1f9e87045c3468a7c181a9686b5fc608b6e2f43f381bea79f2ef9d
SHA51283a71a820fc873f205ea4008d8dc59d4b38d6866fbb98b1985fbbb11cafb8668790e542b265bba469af15b25a33606c52aa31231f498ce99517f2aecaf42caba
-
Filesize
36KB
MD5e4d61982263497f8744ab5d46e86deca
SHA1585348d8e1923a2a026751b5ea59d7906f3da82a
SHA25623e01b943df98b3407356336bbff29ef546f6fc689e124b6f4b0615649096d03
SHA5127a9e723572d1660046a1e480ff9ee7a0c5b5935891d5769321c853df4a319e8c8f6eb327cd0e5ee4b22e2268509ce5dd607b44b58aa1d54753fd50ea8f9665a5
-
Filesize
296KB
MD598f85d8cdaad28abb60998c1c889933b
SHA19b8e063c79fc256edce500133378915cfc811bcb
SHA2560606a34c939fd7b31cd04c6eaaa475124efe26f38e528ef8008a29239de31473
SHA5125fdc85768d914a78ea505f95d6f2c74c574c0d6881c062fa32356d396fb8fe2dab1d2ac21c0729ab9f732bdc811962d3aceb2068138d3de0013bebf1ea00c853
-
/storage/emulated/0/Android/data/com.mmbox.xbrowser/files/ad_rules/easylist-1025149380.txt (deleted)
Filesize1.3MB
MD56b346018026fc5dc2ad34d52c824fa38
SHA19e5a1009f4e584357e38d291ed26e0d04f5c6c0d
SHA2560fbe5835f447ce978d624183576f75de2c2ba1a9d92e7bcac1804805a32b6786
SHA512ad14f718b391c2f03bfc690c89c354ffbf11d1260ad6d8eb81635c5af73830a90e0d3edb8297a18732004dc7addf8b9721458f6fd5c0e27568113365343d62f4