bfaf5a89c27e0a1b7eafc47fb9c408d98a5214275168d72e2e9749b4e7aeb3cd

Analysis

max time kernel
6s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
18-11-2024 10:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eblagh.apk
Size

2.4MB
MD5

d19af56235d6c03a465f2095a86a6da3
SHA1

3e4fed9caa3f3eef68148f2519c42c1916dacd12
SHA256

bfaf5a89c27e0a1b7eafc47fb9c408d98a5214275168d72e2e9749b4e7aeb3cd
SHA512

f648b8b5770bf77f1b0f6aed59e8068737cd52fc491be5b31ff94528f4550111675b06c80269a0e51d912637041b28eaa17b9e87af6e14dbd96d617088bec6cc
SSDEEP

49152:5/iYJslyMdUVjtKuLm3crRnJOu5Ef8TPxs1fY7WYKI:h/Iy+CtKoNlDxsGCYn

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4483

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
10f8573114fce22058ed02f1c1fa5a81

SHA1
ecf13a98a2a26552dfc6241f38f7c1019df141d1

SHA256
2ba510365e96c3df62679b1c657cc768d9e5ce2a169a24566b954098a82a8022

SHA512
3a3417d7b51977836419f054d8d227e0d750a5c912539175649e883cebd9b2c01017ef0d242454341545b1f0e844033e1d2d16b815c2f356cf752734fd132474

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fef85e0161d67c735b08d43478d594d7

SHA1
c1886a2cdc81d72a1ab5f5ee6cb0f4a662bad44f

SHA256
56e1088fc8396bec71d59708593e6cfa7104940bc4bb304f2daa025f3aa1a11a

SHA512
3ec467b50946a1c90a21e796fcc51095a2dc296839d7bb264b8af5f60b1c5c7d8bbf710d198323d0a573fc969fa21af84518a2db9c09c03e039830e8d06b4e93

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bb6ed367728452d48cba1216de35b3dc

SHA1
680b00a04c0bc3dcdec7a399c2c3a9c5872443a2

SHA256
7221eae988a5a97942bbb4e53f4e7016cc9c62b4cccc01581aaba0a1106f6db8

SHA512
814d5e98f84d016acccfcec062006cb6fbaac46665b64d08140f6c2739d4b4423624aee36bc5275a84d8dcf7914b897a75b9b44d3fbabe7cffd3bdfafd6bc76c

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
36298c56b1c3a365d2344137839a034d

SHA1
543360d2311eb504425bf989d9517b0912ab49be

SHA256
1ee557df38df22cde2757566941448286b477b98917e22d975b8d598a0742cba

SHA512
1870c40afa3bda438dd696779a07e39d401804f8102ef90ecbe1425cae1079d4f754bec131b83cc058e6b48feabc1d7c01045051a153b21afde8292e4db6ffc1

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
3a0ba834c3d3cc030e390278d803ab0b

SHA1
5f2b68e22233c55551133e648c5597807c55ae7b

SHA256
a15ce600fe49ab4d031c21b9326c0c2929cf3a400fe7c666168bf332f36b7803

SHA512
c5f03f43dde2d10befab963a7f0bcc0ca0e7b750746147ecc9865ca27a5b23cd8134e6d2155fe796ed2d916272dde8a427c3a768bc21ebf59e0beea8ce39c8fa

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f6a6e659ecbaa93b3edbf56d25fd7de4

SHA1
6b5100e3cd0f0a155f5fa3d3ae505dee578965c9

SHA256
4967cfdf19ce71fabbc9a8540c744f8c4b9a50d4c6af86b399b9e70d86f32aae

SHA512
1aa6c5df822fa6b05f10ae173c08febd7435b5c0d5cc8e268d7097be0f4ed19659b7f9b89d5e013514085f9c43281ff1e870ba8c92c079b0a9936ce9eecc8541

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
22b3b4767cb67cab59a047ce657c2656

SHA1
b68d34927749a7dc9359fb91ef89b0cc40028765

SHA256
218adb736ec03da4ac425a0945e1c985c084f63ef8defc9edaccd2a0f0bf3384

SHA512
11e790880d9340aa28cce161a2d5dfb9abcd9708ac4a70f4fcd6ae4fe7499560798b4f4b2d5924ffbcd12719854a36ac68bae45dfc5a2e1980db9b6bc84170ac

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3e868f7aa04093b1fcf43ee70cf18492

SHA1
44d1e380142f828624780a442920afced41d3694

SHA256
29267cddb7279253c4da65d75f47247dacfc1c355143a45c213043431caafa97

SHA512
cbf8a7681a01122cd175558b1c9c9e384c23c9a67a431182e9d94a63c1db9f8f6ab32a032b87de15d9096f918b8fc8607a9a94ba387c209d70522772093a598f

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c96d6a28e0cc51c739738fd8b32bf614

SHA1
66b9f8e61c6b7b730bac9361c02c9de2dbc0b14e

SHA256
76340b13f4c6a8e240ce43b2b83dec5d697efb1ee2c8e0597ce28530451f085a

SHA512
a581f423a8808db9ea0c8a6d83c68c42560deaa3bedc8f91781e1d780343d2901aeccfb49cbef9218defbef758cb2c9ddcf1c386b04ebbea4019b942c79b3829

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4cbef1c2076e02101f745a946e1cd09f

SHA1
2d8270a098b8dc08a3408e666070244cf8c63c52

SHA256
946841575479440d78f6165ddd8a46634dface79e67b623271133e3c47b12f2c

SHA512
82967717314ab7b71dca9c931527ac5215fc545ad853901896fc3ce02caca80404a3f2a9e1ae5180919f80b99a11d3e5e5fbb7be555391fc1cee7946df355a8b

Download Submit
/data/data/mad.net/files/PersistedInstallation2829920343178885450tmp

Filesize
569B

MD5
f4933ff11afae96661f3c68902bf48e6

SHA1
9748b1d5ca02ef61c3167cb17679304f35bf2d04

SHA256
d0b58f50aa6913a4e3a778cbc38c9e2ef1f57bb9d1b33ce15b71abe2c495f186

SHA512
4efffa07dd8fd0050792ba95b127c962ba3f860e5dba80550e8dae5e083a80ed045656bcd957d0cb336c18d9801e8d448fec0dcfecea0a2794e39a7cc49f902b

Download Submit
/data/data/mad.net/files/PersistedInstallation308268582706676170tmp

Filesize
90B

MD5
5dff510672e493693b6ee71000981021

SHA1
2eabfca73d1f9387bf340a1afce2dd3538f42677

SHA256
6dca71a9eca02473fa1b51d9cc728d5791ab8d5801e238f880c9da6a4f3a3159

SHA512
a6bf05993dc4b9c25627fecf4b81ed9a712f59fe58b3b4546ff7b388144b9b56c76f3965bb740259f4443b67116147170a9c52331e28c4c8ce239ee325b2eb9a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads