052fe0ddc8faff67d8a27366c0e643cae2fff21e65794d2d7265407f50f2150f

Analysis

max time kernel
6s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
18/11/2024, 05:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

base.apk
Size

3.2MB
MD5

1eb27cd5e5b35f30634bf3708d41829c
SHA1

a66699f9e3933017483edfd538aaa09f57819c22
SHA256

052fe0ddc8faff67d8a27366c0e643cae2fff21e65794d2d7265407f50f2150f
SHA512

3275845143ee9cd45fe7b6b27261cfda9b770d0ffbb3e1908b6c9a169900ccf0e06400ef4007397300490e770d734a182773ed1a79039c0652b91db5bbe22857
SSDEEP

98304:x/+9H56XSZIUaAJanXmyD7JWynPOj9zniN:x/iH5ekJa1nXmyNPOjto

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.api

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.api

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.api

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.api

com.Mad.api
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4480

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.api/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c9cdc40534dcb89be3aef499d4378879

SHA1
6dc476d9b3139b43d02d2e63234e4ceca4a92a76

SHA256
52ba26e437fb30a77a9c7776d46fc41ebc789d033f9440b72f2b071bb85a5d7e

SHA512
53ba9f82f0bc8b4d45c725a3d0471780411561dffbe61a788e7d5f6b27e4c024aa23d0fea33f92f73234a9dd6d207d8bab654f101d22ef43d143aaa16cefca42

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6266011ed41d6de95da88a2a7029e596

SHA1
dbf0692a28560b63ac83642d348ff01689e08163

SHA256
d506c5a7103801b2d6d706279f783c262b2258e25d1b2d5401d45baf5bf420e0

SHA512
bdf5138e6fe995899b979d4297714c712995cd0bee1cbaaf450b0d71bff2839670f15f58296e17a792e56ceeb0b807f0dfe674284783f69f6d2700dbd5bc3437

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
59230d611a3b091f3131fe97b2c61c30

SHA1
8e5277b48c580c82c7e54c71e8145458fee02f5a

SHA256
c0538fb420438064d7d57e75d7951d4ddb995ac471b1d0adb90ce35f5f7cfd1e

SHA512
9031431e76fca43c381c450974f1132b44a9a1ef7da81e0e21da4515be18a4029c43984e7535963524adf36c642ca94227bfa321740781197f2dfc95b33b9f35

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f7e223cc9d144a99902a9fabed8aeaf0

SHA1
11d116c5870c02955009ef0d9b528fdce85d338d

SHA256
711f0dce3d383eec51e87e650987929d4e08cdf5a70432c852db9a2f6b39b3a6

SHA512
c6f8718ea9f2f385e001b983c631e41455d01ff9f3472e75e2557ec09de11a29d2373c84f7ae3951b3f336227656ebdf052b4c2b47fb292270d5f60006fc1e65

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
bcaaab96964b7fe745fafa874a060505

SHA1
b3009b976b11fc207574546baf9f6f701a43476f

SHA256
e0e2059893f49c333d04768bd29ddd6d865a5bcf06dc28883639f57e6c9708c4

SHA512
95b97b2bd5dded79c79e01e95d3b48b1df4ab9236872c67ef792467524d4e07cfde632c777c12192a082b321f0c6046d0de5031b826021c4962f0dac872b3efc

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
344bb7b3b4a2235c1349be89dbb8d9a5

SHA1
2ab41a31bfebf732c49d194ca1ca6d77664ba8de

SHA256
fc1844098bbc8732a9a9d9211ed1587121a8ec7e422c342c270b787a9088c1b7

SHA512
132f312c1b290a219a8770c1cc3dd92a82c66be69fd1bf7062bb247b7a561353553996d66bc77271a06b24b2dc2d7156f6667fe724f83addce27cc7461959be9

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
928dc3c6876989f1ea2a30442d54a8a3

SHA1
86ac84bc17457d87f5bc8f60150d85ac451e64ef

SHA256
7154418390fcfef9a37a7e93aea01551f8389ae6cccaaec910d8c4b5319089ce

SHA512
a96078be9d962a6349c0b7e7eed9dc3b5aec938f50b33d33cb8dcb9884601933cac3984f6d30410e9a8170fbb826093a2604b9d362b7bdb033a0342f468a6a62

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7726e426cbfbdd709ef771a1a7710a3c

SHA1
0c85894fe96d0af9c9f8120acbc29ee1a346fcdb

SHA256
989d6da087fc9f757048059435a9eaaf8a7f2b0e97e672d88506c4fb99da3554

SHA512
39165ba9dff6c0abc193d43cc79d41f46a5335df688ae74920b655a067430ffa85b60f54a4e67f26806447c5ca20dce6e8f21bb2bad3103a119876972a33f67d

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c2dd61704290d1df7a3e546543d05c14

SHA1
3f6aff4720304f6d50d088cdb19d279bc2132ca4

SHA256
676601f448fe0577433a41fba19ee0e6406b1bdb9b71c42da970b0f59559963a

SHA512
8ee7fd6f0a407f0b0f6aa543804affe7329d3de8ae12838cb63a86328959210967e6a9695c0445919fef85aab388acb6efc0af7d7f4471bae7232cf7c696368b

Download Submit
/data/data/com.Mad.api/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0e1e16dad8bc8d536c4b55f64f4b01e1

SHA1
0d0e56d4836eceab8bd4aa1c7c445303298e85df

SHA256
3292515862694f409605a6132688a56f299e6ef0d5eac10b1ea9a8888b5fd116

SHA512
d318dcee9ea8501b2d7aca9287195cf309f9ca2623cc3dd9311c6f9190223b944ceb7bc0db20c6e345c485f0a45eb1699324bc9bc9b0f9b2507bedd515e19047

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation7270706597628377450tmp

Filesize
90B

MD5
3402fe51a148d1acaa281bd44cd6485b

SHA1
f3d26dc212813b8c006410ab0fc374d0f13e682d

SHA256
d927df0821d64be64683fe89978ff225c42ef7e4b8230aea90512665c43a4fbf

SHA512
8d962b1669e3ae168f8de9e35dc7e2a3f102eb615e693d735bfc2c64ee017ccf3faa4ac83734b5df4e2c104f3596558c61fc24d03243e48d01584d5659c8dff2

Download Submit
/data/data/com.Mad.api/files/PersistedInstallation7513050455855637172tmp

Filesize
569B

MD5
305ed76b41b7c377269b09aa865d2bab

SHA1
e6bdc81bb8a39e3fcefd3237efec991d8b9f9b68

SHA256
2673318eacad8ed75416b83660f6edd9c03ef7832217dadbd45b2f18f53e5420

SHA512
5bd2739390c8ef9d78f2c41b18eb8ddc887e2d847dd874f46aeb3b9131fcb56efb631bdfdfdbd99eee4d6575a8a5a6769ea1d8e319cc0bb6708ffe30867b4a70

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads