Analysis
-
max time kernel
5s -
max time network
150s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system -
submitted
17-11-2024 05:40
Behavioral task
behavioral1
Sample
app.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
app.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
app.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
app.apk
-
Size
3.1MB
-
MD5
7ebfbe0605c081f7dc96c4edec09cf05
-
SHA1
7e60dc7ba39f7fd0718a4cba8e3a6ebf27891c56
-
SHA256
fb8eac6f4a5eb59088898f27f19c35862eec0770e0eb7565b295fc8cfc4e7bb3
-
SHA512
3a899d1bcc69ada47414144f8338995f9688c6d92c41f2ef159ea1781d312fc908405c246782eeba5f1df2482935ce06acf741b6c05955f81b077bb0164867ae
-
SSDEEP
49152:4bmP98UKolddcjZrNEwglZpakG76aJBLgKt2IeHrm1tqs3QDOCd/Tv7CX:NP9DKoFqZrNEwQ1Guo8i4SDq/p1T6
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener abee.app -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock abee.app -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo abee.app -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone abee.app -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver abee.app -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo abee.app
Processes
-
abee.app1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:4971
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4B
MD5098f6bcd4621d373cade4e832627b4f6
SHA1a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA2569f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff
-
Filesize
16KB
MD5e5318d9ae4638f82cadd69b108ced5f7
SHA18367c771ad61d79589735fbc40c7cd5fa23bbc7a
SHA256a7c94860e5d2907929d0729f723c99fef5479e90c758e1d3f93b7bd3f6510506
SHA512715d9f490003424e145e86862a7251dcb387ed4d25820912344a90c09aa405351bfc6ef7a7758b72b0bc567adb303d2d273cd0d1cb109b19313bb1568c465e6d
-
Filesize
16KB
MD5659a69744a860290946b10c2d09b1318
SHA11a0b0827265fbdb03884f9deb766132ee41dc627
SHA25692d980e983daf78c95dedc6a0724eabb6110e67567ea846439857b4f30ba793b
SHA51259726ab9e2d0871521c188076a70366375f3e0316ed83ba851ad189f3020680996b9ec1dd87e73083edb5bac41c8222a82730fdf5823ec57f66a8787cfbd4614
-
Filesize
16KB
MD5fcce6422c588c04d55c1c425993bfde4
SHA13e6f407a4c297f9b23af8ae59c96e5e46fb5329e
SHA256d1f2eed125f6920fc323cf9f9f5fae3552ec3cc7b79f90a790c4efdc623a6d43
SHA512b64bc1198be9375419d1ed2b7f04523fdd6b70ca96a2c3d00c167c5c3b9d3a2bb77d2084de1da9539bd2fd5d6a8a7e57ffafbce2569275f801dc90c0271343de
-
Filesize
16KB
MD5eb52a90bb70b76e946b62f50b6f7fb85
SHA142d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0
SHA25648472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4
SHA512b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c
-
Filesize
4KB
MD5a96305e1d1b5c790e1d2e83ae05d4411
SHA1a099d9513259a1311f0dfc7a22f50923b64aee73
SHA2562c6b61a90f20f611a0923cfa34c525a2b8f38328e312e59f8c4f9b28d93c7c8c
SHA5122448fcc721be950e004c16fdeb9899e6e7cdffa1affed4cef41104e9d1e8e3e3f65bba02eab756ef36263dab2d8863cc6bd30d0ee279ba76fa8285027c8c32b3
-
Filesize
8KB
MD5540f6adf03df8f1c4248db21fcef8063
SHA18e27a5be476b03cdbc520a3a07730d52ae4cd131
SHA25630cf9dbb4cc0d69064e650fd8638c7d75c0a59771cdd1e0e50e079091044be55
SHA5126fbfaeb1fe9ab3964c5b803415e29b548c742a73ac6e50fa4c6495dce3785cc07f32133230bd77dd204e0bb9af4f9b722713d3cfcffbb0b8e7b527147c86cd3e
-
Filesize
8KB
MD50b329d296a633d1a49edfa77eb363316
SHA1124d43809fa24341fc088620b1cbe6c201bcd6c7
SHA2561ad81c97426cc62725688a72d8b8cd7154ab94a0076756b4cfa04046d94ba9db
SHA5120ae6d7610d184f18f1dbc3bddcddb4e44596646d05d61873828356265e9c41d763c8774074137559015c9fbcc8c85ca2c47b9c7d87d022c266cce7f0c09430a1
-
Filesize
8KB
MD5571b2368cc17ba6ed21b76394159f4df
SHA16fcd7eb4a04c1e0c9cd72b22c36a346a89e1c3f9
SHA2566151c16a497c3eb296707ae7752912f3c9597adcd7a9267df334391243e352df
SHA5121e9479f0f425e3dd59b954d60b569dc1b62c240eec9474f284e556804c2f6b67401310623a6f2a0cf90de9b52f6a450b31446a34b46a997be45a10e380a4dd94
-
Filesize
512B
MD56070c09c9ff8daec8de6ec838d338928
SHA139cca7c2acb013a42de1afbbdcb1a12d7330ba8f
SHA2561f3f7300cd4d2ed68901ade5396e0fc6e900196449cdc5d9caddf8904ba29edb
SHA512cac53cb530090cadd6ea7058929ae6f371d79bc123591882471eaa64cf9d69829db77a20e63a49f6c3e16ef4f5ca13588f0ec5a66fdd1009c324e937e82f1c48
-
Filesize
8KB
MD550c2466276005439e5d9c83901f78fa0
SHA199691e31e418ec09e0bd349396841ac2c1a446c4
SHA256f9609ac8bbc43b8db2e97067eebb2bcc25255f27550adfb2bb41575493615fa3
SHA512c3315ef122045a43669e1888fa512b308112e03d0b7dd9c865d730098c224f0cc78619c546b1d40c289cc2cde5a7ad1249cb86b353fc24b3c87fa7a4e1ad54ec
-
Filesize
567B
MD5dff37d5b212c227f9c4672153b4af431
SHA1edda32a13c18963fdd723b23e6d1b64221413d10
SHA256fa1219a2583aacd7e5cd56e7b05585a8bb2b4eac36b321b71566f033abfec865
SHA5127a17eb05b4e8e0189b1851bb6b4e60cb95c73a45b65f99201af11e2a8fc04bab707ad58e156f9c146472471d15e45516ac5f3eb451891e64837c2d20b73f45f7
-
Filesize
90B
MD57095e753e7ae9a91c01b0359d23d9797
SHA1f26427b771ff1f2feb0656cf8453440b12aae685
SHA256b72637a0d9c099649a3b8592a2aad8e061f292df01cba188a4aea6025e49e976
SHA512c6f76727888dc96b1373e9bb8b472c07b04c592fca9d965480adc6730643281c8a8afee875574c7198e651d8a9e06bfd77e8f7f8b5ccdc1473d173c3aef6b27c