824dc53efcde85333462dc179cf530d646b5c8b57ca4ab8887510a068bf45660

Analysis

max time kernel
123s
max time network
130s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
18/11/2024, 04:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

2.4MB
MD5

3fcbe71d7d0c7fe5f8be6d1638fc8ac5
SHA1

b895f8aebb887f5cf7bd149cf05b0729827adfe5
SHA256

824dc53efcde85333462dc179cf530d646b5c8b57ca4ab8887510a068bf45660
SHA512

f460a4f00ae650b735a040dbdaa8db00f1a6c790ab362947319509c9edc27a3fbdac7d8187dc90cc385f24de7aa99b9635a3d28b8adfe9c2a6193ed1aae31212
SSDEEP

49152:N/m7+MiFN7bFLBeRjNvrQriEwuCAuAQ7O0:FTX7RLBeRjt0GUCzHO0

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4501

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bf78b6691e1a7d1f581099df5e5be24b

SHA1
9e93052c8fa033452c7f75965f9e16f9b671503d

SHA256
08c3646c0bc60fa7f634e0a2487d3b38459d76cdd04d65c591ea2287764cdc47

SHA512
2b3a721d7490de9f70345f0057d621e3a6cadf718be869a90b16227b6c04adb9e8e9498634c9c9e4b612a25d9fee0ed09f5f065d6338b7dcbc8ce338ba25c0ca

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
114abd8bfe250954690d6da81d079348

SHA1
e95914bb801d73c5553ae3221dd6311d2decca87

SHA256
617e5eaec9e5851dd2c7ce3601423698644630b2d43843d18f09ce6a884c76e2

SHA512
6c9578ecc51f7a4e0e391b93d0892622b318435ac2ac4f8ca7b942818814daa427cd119a40b37c7bcd4342094406481251a7f97e7c7ef04831dbbd86406e7592

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
067b00dacd6c96654bc815e42b578ccb

SHA1
3d67ac10645bfbfe54879030f05bb045b551b2d0

SHA256
f685f4316749ee11ac4f9228b9457c1ceff09911da725c6a96dd1effa320bfff

SHA512
2ff69fdab0b459136b5a42b16aacb2b0f1176bd4aa3b3c9fee690d629d85e3804cd2f0f7a022ce5fcbffc3b3ffbaab8db5b8626e07bac5cb54de56036aa600ce

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e25c923ccd76e8a52f713d8405f4b330

SHA1
a8118226c401274eb6fe524038d4ea0468baee4d

SHA256
7d742c5350402e172692b2ea2faba7f1d09472c24dfcf46381d9599daa5c5f2f

SHA512
2c4324b5f1a875e864b1e57de3473c247cdcf04a3d8f86f5f36aa9938052165afd3977ae7462a8f53b13fb93c28d668eb6a197499678b39faf02e95e9dbc79c4

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d22079b51a86853b20d58ef886b05aa9

SHA1
76cb69019c9e4b33550ae21e674da20444d3f443

SHA256
e7548e682da41e753a4e9ef97a4a8d87d68968879a589f050d95b0bcd203be19

SHA512
860f65e4c9336eb62a2b18fc9ad2f367ee9128e1a41f62d2a9e8a1a2daad08e38d760338fb5b50949f3511e6728e29eaeb1cc669088dd5bb970d380fd2361eb0

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
50daefdb6eb0e4e78b011f959e0cdacd

SHA1
c537fb313b8e71533bddb1a0ba69f69348b18e81

SHA256
2e51a699ee54484cf3d0e896198008342ae2d83c8d7755a4aa7fd77ebeb8aaa1

SHA512
55d6a4ae1ea74bae30838c0927da253e53416f6568746ffc0973a07d471981a3d475334d690575129927cf7acc103fe577222a90edaafee018dd1912342d1ed2

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
069a1a9f918dbb7e115e56ed08ed36fe

SHA1
9c79ded2cfa942dd97580a4573af7550e479734d

SHA256
e118f7b3c2b2647b8ec4ef54771130c038fec0e828a2f66de9d871016f3edfd1

SHA512
91f55e8ef3e0bd76da79c3bcab60a253727fc24254c09f15072c98fb580667dbeda9ad3a8ab735fecf670360d1eb0109dd3d161621bc8e6337c23a79e22634d9

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
deaf36e290eb0138deae36cded7e9464

SHA1
57afe5d55025fe18616b8bb6a55ff10d6fb4a87e

SHA256
7c603094717153bbcd5f2b7b870ae77fab7f1c2bc8f0f1db1f7c29dc872a127c

SHA512
bb69481de9ad29bd7663e10f81703654750005bf535c4d2e4235afa7b4306d6527232fdbe32aa6f80d091643ea55bbe0ce290f38633660e438d2a92ddf5366f4

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
d85f27b86b326897f934ed04b02a7e39

SHA1
6e0a1dc3e546a5fc1604fc3a673b91a4b071ac1e

SHA256
67df932abb62cafb9f78b742190c2f3036c95429fb9836c861904d8ce71b885e

SHA512
1023936d20a64e8ce63cda135d4ba287b8a27248e28921c0ff78e99f0365d6d9dd2a7ffbd44b2b4aab14905a51df94f32aa4796d9d5dfcc76f9adfc141274af7

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6d740a9ad7f52d91fc4f3e50262423ae

SHA1
67eb99de63bf29541cda6140703b48893be2258c

SHA256
1200da99fcfeb686696499ceef2607aeef73976b458a0bd466106365a33b15f4

SHA512
7eb3b70f1dc3aaac4515ccbdd969d54d4f36436a9f42ac7d850587c4982fe5efc1ac7ea6e716be21652fcfcc0b94fbf444a35c7b63e756c2f60a9aa92737ea98

Download Submit
/data/data/mad.net/files/PersistedInstallation3064546019935710847tmp

Filesize
90B

MD5
4ef218bae49a933be585eb8d8c5f3232

SHA1
f20ea6570ebc9005cfe40616f2cc2312efce70c9

SHA256
8ecdb89b49e2be1ca1bfacd0547810ad25fbb26bdc513ad83097d30dc52151af

SHA512
28719d3351045ca2a02f30d3f3aad59e8a47484c6ab39c41fab3b996ceefa86b4b44f2d956a1dd692788b59536692c2694ca07dced50f294ae1c65be27fe032b

Download Submit
/data/data/mad.net/files/PersistedInstallation5420625879835621405tmp

Filesize
570B

MD5
2bb674dff65424c3f4f7e5dae2fe79b5

SHA1
689d621bdff7b34ae12afe18747cc99c11e6b5d3

SHA256
a8ac5996ae08855300588d957279f2b94dcbc37024576fc8cf7481eaeb751f1c

SHA512
2490ffba97624f0a875d679080081a0bb264fd72248f29d6b738c6135d8159fc36085914c822c0d5dfce5fe1b8c7449804c15f0f6210f35d73aa2d5a1f677a81

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads