838bf8405b9d356d633862dafe99ea2bfe4cbc6edbb0dcef0a7b9cee4b785be0 | Triage

Analysis

max time kernel
46s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
21-11-2024 13:34

Sharing

Report Analysis Logs

General

Target

RedBul.apk
Size

5.5MB
MD5

dba835db3da07a5c54930a4fed46e2c4
SHA1

affedcc53ed20cd53a946d6acafc426d7c8c55e6
SHA256

838bf8405b9d356d633862dafe99ea2bfe4cbc6edbb0dcef0a7b9cee4b785be0
SHA512

5121f2f7c7fe8449366ffd636aee40ee6d0cdf0c75365924582d42ae43157d318230b2076b3639fac802785912a22d4a5dd02ef0a85b483b958fa0bc961047d3
SSDEEP

98304:VfHCdsIo6TzL8OZ8iIg0rJrTWOhtyvp56MYjtdcj9Jc3z2H/vp20sGNURgLCru9:V6dlTzgZQcJ3ZMvb6MCcj98S3p20s2UA

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

Transmitted Data Manipulation

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.android.RedBull

Checks CPU information 2 TTPs 1 IoCs

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.RedBull

Checks memory information 2 TTPs 1 IoCs

System Checks

System Information Discovery

description	ioc	Process
File opened for read	/proc/meminfo	com.android.RedBull

com.android.RedBull
1⤵
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
PID:4452

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Replay Monitor

Loading Replay Monitor...

Downloads