Analysis
-
max time kernel
19s -
max time network
134s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
11-11-2024 16:26
Static task
static1
Behavioral task
behavioral1
Sample
Incredibox-Sprunki.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
Incredibox-Sprunki.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
Incredibox-Sprunki.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
Incredibox-Sprunki.apk
-
Size
8.2MB
-
MD5
1aefcf2ddeb7a9dd5ee0b8be18b0cfa4
-
SHA1
81b7097658f886d345ab8a458eccf1846d525dc9
-
SHA256
480202492f12938f93798c2ecbc4d68ffdb16aac0c644d63986f17180ae46538
-
SHA512
5ca3a92d1576a6ce6658bddb1b1ba238d1e21df53d1422111dfcdad9d80b79f81416fc21936d0430b3beede40c226207b680b90394919fbb27c7404a004c4d73
-
SSDEEP
196608:/vmOW2Cd6kt7DKRo/7usBbchRQ+ZTrv4vDQ+vk+4PJ:/vmARo/nBwRVZTb4Ltkb
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
co.median.android.leezlzioc pid Process /system_ext/framework/androidx.window.sidecar.jar 4610 co.median.android.leezlz /system_ext/framework/androidx.window.sidecar.jar 4610 co.median.android.leezlz -
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
co.median.android.leezlzdescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener co.median.android.leezlz -
Checks CPU information 2 TTPs 1 IoCs
Processes:
co.median.android.leezlzdescription ioc Process File opened for read /proc/cpuinfo co.median.android.leezlz -
Checks memory information 2 TTPs 1 IoCs
Processes:
co.median.android.leezlzdescription ioc Process File opened for read /proc/meminfo co.median.android.leezlz
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36B
MD508e1a93cc01e68a35685d8b30f0970fd
SHA16d0bbd1bd1b14f2a8ba6cf9ec175582ff6eb1768
SHA25620bad057a3e55ec97e80e2a458a36d4f5ac432e61d3507e5e51739391ddcdd90
SHA512938f57d703c1c6a624f8880839be05e6a29c612835679448c692f321e69e0908158b427de1f4242e7fdc1fe3d1f654b89e64713ce3c41eb6c0425da06c823883
-
Filesize
1KB
MD5ad12f43961ab46511df5ddb2c0a8c139
SHA1d5202081c0033dc2a4147c97a5255ea5b6dc1a0f
SHA256537892617ffc701ff8c306ee15bac6f81c04d427d9df47eef137dc77882a2023
SHA512955eb641704a9de4bd934a928e5fa3af2fc24f840b27117038f650905e9c69509b9b7f42306419363d6bda5e9b04e57bf9ba84b2690bbda85ae20091799018ee
-
Filesize
8B
MD5e85875a16f60660da5354c0c416439b2
SHA1d4011b30512e4a289c386e6763d1e17518910f9e
SHA256e3375a4e7eff328cc72ad0e91a188b6f702c257d44a7e1f5a0ab8534a7415228
SHA512b0c82dacf686d2e27949fab5ae51b46d3859b04cad953b4fd2dca69e3a6a8842bd0d78cc9401c469277677aeec30a81a6f4cd4818d4428c406bf98e86b1f8c95
-
Filesize
2KB
MD53f5cfe4fc19be316d18a9c517f993ea8
SHA14a86c072ef020f6dd6dad7353e9ac09a55f0e385
SHA25648fef3acaefdf80aae362810301bf24016a0c499eaf4ef1fca14a8cb6e0b32e3
SHA512a98e4d143c92842ecaf448a17bc6aeb890bc239040663bc77bb844508d5e17375371ccfb8bd555342332a485062ed96b2eea207a129d4b6c07852080869222b4
-
Filesize
12KB
MD5bdf3529e80318eb14e53a5bf3720c10d
SHA125c9ace4b1af6e80ebb2572345972c56505969ba
SHA256bbc8300dd1e9cd08de8f66560c1ac2c928615b72b51cef9649f88974f586d64b
SHA51248b9c2d01171bb651b9b54826baa51f4add48431a3efd8ceb5f7cc3bcd6f8f37edf47fabb24349dd15b3a02329cd450f90a8d164bf4f8dfae554bf3b35a8a55b