Analysis
-
max time kernel
19s -
max time network
31s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
14-11-2024 10:06
Static task
static1
Behavioral task
behavioral1
Sample
Bypasser_V1.1.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral2
Sample
Bypasser_V1.1.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
Bypasser_V1.1.apk
-
Size
24KB
-
MD5
98b3de9ca52d3dc4c52d60c1f77859a2
-
SHA1
541200ba0ef0318adaff247e40462ff57dc9b530
-
SHA256
394a5958dbfc4d8a3fc56b0ade0f85d9c8064fe46d390d9df0044c5113e2c04f
-
SHA512
79de1964534a1b86d6daa800b4a9a4e1e52b2ddc62a38150ee19f62b43584bbba53b0ca7c59112fc577b73ca23e54a9f3b03c08bbafb5e44843dace5462b403b
-
SSDEEP
384:TwhNvqcd7vlHSQN4njfZDAchbxwQDEhN+0wj1iv5QP/s27Jad7JcD:TOqcbHSTDCWaFG1UiPU2daddm
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
Processes:
com.bypass.adlinkdescription ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.bypass.adlink -
Checks CPU information 2 TTPs 1 IoCs
Processes:
com.bypass.adlinkdescription ioc Process File opened for read /proc/cpuinfo com.bypass.adlink -
Checks memory information 2 TTPs 1 IoCs
Processes:
com.bypass.adlinkdescription ioc Process File opened for read /proc/meminfo com.bypass.adlink