89745e413fe440e12fa3e2f73a889a7545405c7495f48a84102db5ee53d738d4

Analysis

max time kernel
6s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
17-11-2024 04:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eblagh.apk
Size

2.4MB
MD5

140cb3883adbb6af12be3f46508fd64d
SHA1

c69468d7bde973770bc2fb29d3ca01fb9937b992
SHA256

89745e413fe440e12fa3e2f73a889a7545405c7495f48a84102db5ee53d738d4
SHA512

cead257622a015f6eb8e4f50792385068d6bdd9f91e5bf711ef384ef3151301ba8f60f5cfafca5e83e52303f54f96171deee074a7cea852cca8503eaf1491f2f
SSDEEP

49152:a/iYJslyM9rLQG4PK+dduC8YuUL2fbzl9SqcT5x:w/Iyaehdu7x9x9Sr5x

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4646

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
49d763636d430e79689a8f8a47fc35d4

SHA1
52f2180bf64b340b083e4e016cac34725981572d

SHA256
18ed95e844e745d65220573f8e2ff3f906de02b7a175558f36abe9d0727d94ab

SHA512
77e03d486c31d6063a50f16716286aa17b0912392f46141463d6d32fde6aa2aec37fbb9672c82bff0e6fb47675aba2b327d829b395ec22b204a6ca9195ac1daf

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
67ca2e73fa4f8e0f8a65daa03993d4d4

SHA1
e2214271f8653c7e9b5cc689a3701de77db2057f

SHA256
304e9496cd8827c9875a4c2dcdccc254e48dce91e47666ebcd30bf1c97d5ca6c

SHA512
39151929a0ada6cd29fe7f57930f6116e1ed441ef2622a1f9ed72ddc2c0be1916fe9f09c847f06a7fef237f1dbd4150fd62fcf07f9a1d17bb956ededb2881198

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
5a4387bc1f68091b2abe5c45ae4b3326

SHA1
1309e89c02ce5f88c056d86a9a01e821005bb489

SHA256
6c17e97c8fd2d759bee8179ddebdc260bed60cc21225af606b0faa573e41d3f0

SHA512
6ced124ac9424adbc08f007285e38cddfa48c58c7a9b03fca05fcb9594714f1d87e041eb1fe274609a3d22017fad9d57e91ca5070cc7ef19698e44760634a82c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a39e402ac0a26bb7b0bb8b32123de706

SHA1
042ff70789f0bdcf96e2a258c19827d37a07f70b

SHA256
f3079f4443d27ead485b48032db6aaf4b494d857d8ef98f3d623517190ba13e8

SHA512
eaf2241be0435509d55cb77a2fba1276a2f250c597e90e33d98eb893d82744d400d6312d777968bc80feff3215fee230daf6c9da344e8f5b980a1acd7ca2d26b

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ccb4c8dfb7fab9e5aeeaa95fa5753ac2

SHA1
fd2c41da4c332a6d926e39ab7574242789fc4dd4

SHA256
c3fe81c372b1cd35583a401859c9ff1b1cac15770701a18ff2e0dd393d99dba0

SHA512
28ce2a5df1b89677089d9c0722cc05298eb174a009354881ccb3e7434ae6aa1b1695aea89b9ff5e680dbd50d350a0fd283e485078e5838f9743539d7e4f8ece0

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c0f7e5c432546d5fb191e7c8209fdd32

SHA1
140f174aac752e88bff93d00f5e1723bcf8268ee

SHA256
487125aea3bf0a10311e59c86e7eb51605d53bad74f0cb746c4b6195e1e29205

SHA512
1b572900eea44bf3c6db60d38da933813ebf411d52c1e70f4487d71ef39a62ed098b809cb36c7e158a48ee8401b2da660b01055b0e00458a04b778196748943e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7a77d6f76af931c3532c821579a9d910

SHA1
f39cd6761404d629e7b21018b5a6fa24c9f8aadb

SHA256
da9b5f87a087474a25de7762d37296ceb89f223e18d0644c516236148384007a

SHA512
3f86b844fc53460eb1129673d60ad43fa83036ff4ea5084c6d97a9abce65746127f72b3242c747ed360e321e60e05b93a04db51462e67bf2083562b2b3e9f036

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d885ecfae9127c51b0b424d817e34005

SHA1
c661f091aac73d82295ac921300299e6ab3ab867

SHA256
b81c3f5014d5d15342ed66547f3b78e9dc63e8eedaccdfc8f797c03f9897c9ba

SHA512
7f9c16bded5528d383173865a7f26561c378a52bd2df81299a1f6370b3a45dee59376ac9efca272adea7f05307915e930f9ed0e1b02a9ad647790d4d6898beae

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
207563e8075741ddacc29a61857f082e

SHA1
9b7c005fc7ff807df93cf6bfb9eec759b457fd99

SHA256
ae41456489cd2ecd5b8faec7d41389fd689cf82534c5102204b25fd4047f4de9

SHA512
4d66d86ade00e541b2d12ff8e1e4dcc9bb04d5fc38dc4e18cce7ec8714f02bd97b22cf79f4aa53c2d589c35008b9e09962fe396af0e02ae66a79078d9cebeb81

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
11cbd7f7bb86f3dee88a0b3c284600a5

SHA1
34634d21bff84f823a8097a23783865b2d8acc45

SHA256
155ecd0e371ac2327ee39ed2b473ced3a8e025bc0b3adc7e7a8b2cb9682b779c

SHA512
588dd4f7e07f4d78c13aba0d6e640a2e900ba19698a6274ce212e2ba0645c92e22c4820bdd47ae1854150618a9e3eefb2ce13e602ad24071c49706c055095d2a

Download Submit
/data/data/mad.net/files/PersistedInstallation1222582267018803139tmp

Filesize
90B

MD5
8f1787f8dbec9f2b1d52561bf4ba09ec

SHA1
3cdf1722e3fc63b09d9a2c6f752dd273163d8dd5

SHA256
9bee53083cc1fba2c262ae4a23a02f90354a48c09d2155928e6539423aae7227

SHA512
f784a6643b89eed2c46a040fd579375cde21a3a51a09d10c9116ece2e06ee3b8158925e787ed96db2e12c6ce610a4afb6fd53cb298ad2294fa53fa3be8b1d548

Download Submit
/data/data/mad.net/files/PersistedInstallation7269510284638826659tmp

Filesize
567B

MD5
3c8b87da9adb06c7e0744d4e5d1d3415

SHA1
224559baa60423c8c7dbb0a4471e378988e7b7fc

SHA256
bbc15499f24aa18285b6417da7dc0aaf33c69e2e2886806b939501229dd8d1bf

SHA512
0b3e4be45b64e2b07b28b150b49cb734546dc430d6b95d0759ee69b6a608b90d1ed9a44ec37671bae6e5dcda0938346092b906d6b406bfa282508234888b7e71

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads