dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096

Analysis

max time kernel
2s
max time network
152s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
09-12-2024 01:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

origin.apk
Size

3.5MB
MD5

60a50546ee79e6756c8571dbce141010
SHA1

59ae8063374f16100e93b49dbb3e29187d0703ab
SHA256

6a34ecd487969eb57e9558916da2af5761d6e010ef9c941aed22e4b4679e0b2c
SHA512

2de954c16d2d57aea1cbfdba73ff1d68414a3b03423d657abe8da42a52069d6acd09cb2bf2681394aa1fd8b0f0fe5b9bf015e06671bf49eff82322d820255f06
SSDEEP

49152:f7vrJFUtDJDTYxkXGGF8pfbkTQuLD3SEg7Eu78y/5dwzmsk9mt8f1lMpCP6H63A:71yt9DEOdCfbk1baR8A5C6s1t4fWRCA

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	matinlurd.com

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	matinlurd.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	matinlurd.com

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	matinlurd.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	matinlurd.com

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	matinlurd.com

matinlurd.com
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5152

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/matinlurd.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9610dc339a9507925949a6d620eb9cff

SHA1
b337f8cf4549fab456644f93e9e213a2fb46cfc4

SHA256
bddd41df6bb35b1d521c76b93ab413c71561c6d7cea9b0ca458275c9d879cdab

SHA512
a18cdad9914df53328a79e0d7cef72c99f655b850bb73c6c232c5811f9d8e096c9e481ef608287c67ef05f4ed7b0bf436ecda9703cd80220454b0ab60783bfa9

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fd1771666a846d094bf89a1956869273

SHA1
379f5bf07781de64ba5dc5bb62673641830f1b23

SHA256
c02f1b6363685e40b85ef931657840059d6e836f1fdd115a339a155a8556c2f3

SHA512
06ff6b54eab07678646a7878c718663719d9ae356b6fb642be1782043b1edf554bc9ce336b181b071781253f52a864e6531460433c130d3ab2e990097357dac1

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bf918dcea3b496568e3a476fe0f11fce

SHA1
0d6cb01260d08233de59aa8b4983de6b227fe60b

SHA256
a5c9fceca1a590cac9f195c578d14172f9459c8bcfc06460a7016231c8ba6748

SHA512
1d9387a680ea11a1e01357fa691c493111f2bd4a76e8ae6a50d11b4b536d3bdd65fdbe0141804de4b6c7d5c3b3a00d93a8513b63989d913cc2c854ac55b05148

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
80d56c0d899179081c02a4d22060c74f

SHA1
9c32c24e9c4f58d2e44c347ebc72451a7616c095

SHA256
810349db3c4228c4d328850148bb353c917563479832836d20a3bb13d8eb35ae

SHA512
d80003a7126d5a8db03a676f4ee4d588dd410dd63f3eccc63071861b332732b4f12d7e56b6a56c7e12fd04e53ec62b8552646d6f35151250f21ed9e74f8bc795

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d6757c0d985fa4bc61f4fe8f5d026450

SHA1
350dbfe8435ed3cc81b86fc0984fbcb49a625570

SHA256
26f88e993ed7c85658b9df932e3f2506b98cc0b1296d10f166d95e9d95077c17

SHA512
2ce27632fa8221c5b2010e8e4110f8ba207cb3000dd9c94e655b9f9e4b66103c6daa3283a0bc1df56a9aba1bd50eb6a5e8be2b1fef9d3c25a8083ace100b344a

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
876249047896ee3a0d0999a2ecef7cb7

SHA1
8a5f4271161a45ae0e61844dbb478abdd666b0d1

SHA256
86e2569506a3a3e47c1ea753265fcea90a9a1d642f193eca66e7b4824067f02e

SHA512
b0afeb7f5f926005560f08ac3d3f30da33319a990079f7904521c471c08bf21dbddf5530ca55e02b147f6f6ecb234682df10b62e3d73ddf9fe93005767263657

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
4156ec3e48aba69c7565ee6a1d793961

SHA1
79b49db5798d9ef5160493d75b20b29dca781335

SHA256
e570998d9b5c1054aea8af472ea989a75920f476fb492fcb9ccafeceb2f375d7

SHA512
6175043b6376e5b5325a5547c9dac3769426e7c1dd3ffbf9aaf2a5fd7fb5ebd3837cc60a312f9c5bc4edcfb81ef1e2d6db2ccdb2a139cd6803cd7726352d5bde

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b15cb4761c860020f0cb2a1370da2dbc

SHA1
79ca2c2281d4b0fe6c22281f7c51df99a63ffc76

SHA256
f61ceb6471b03aa5d8743e29fe7d0892e185fcf6ace7272d615414b09e18fb7d

SHA512
3a23d55060a06bba50112f254883e8ae4594e64b103c8924dc7e0c27de49a913f391530010cdb2991753a27a9a4b4b4c9add71d46d319f7b1ad74d79b321b806

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6cc569a9002e2e3a13859de62b3f7436

SHA1
454c46aa0a23245a72f68e96d1b387e137e2546c

SHA256
43d3fdc534be6ad9e85bb92e563067999ac34476764e8cee7c95566a7b4ff466

SHA512
874aa8aee7406e9b0d54f16a3b9211187a293360be26d80f1df463d68bef0eb625444cf40c8afb42658d1f491a9842ace9ee0d300a839ca364e513fd85c67627

Download Submit
/data/data/matinlurd.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d890b53e2f4f8609eae9ea1455e68cc3

SHA1
8908b97ae4815308c435f38cf178e55d6ac89d48

SHA256
3e993b72d8448f9e18d02006dd39424fd8f83b98ea9ac1f6193e350e98146028

SHA512
915852b1a4e0f8258e955a666dd34054a7a56f65d5c0c4ff782e519183593ce923471e6e36ff0cb1697f64ca3034500f1b3825810085ea5149b579567041ea66

Download Submit
/data/data/matinlurd.com/files/PersistedInstallation3382828567112408853tmp

Filesize
568B

MD5
83c1ba06b38cece6ed06bef0be3fc2f6

SHA1
ce4c274bbabdf1ad3c1a9173dc2ecfa005f81d46

SHA256
2a4b2586e43f002435390249e0b0f5ce9d28c98aa4ea16a1fb21640798cf7409

SHA512
2b7bb42a2222d1d3d8b58386b40ef65ce2a2aaf2914463472d96dd3ad874356b446d69901174a1f0f2892e9b6efba594eeb05960273c089727b9dfa36a32f26c

Download Submit
/data/data/matinlurd.com/files/PersistedInstallation4880994088182315805tmp

Filesize
90B

MD5
248c071a46e3079a50a19ee9c08a54a0

SHA1
83176650e88ec00d0643da8c512435a1e12567a8

SHA256
53dd5788cc011a031e8c8b4e49b085fe388c52c11e1914524b5b78b6c09888b7

SHA512
9760b721f6bd7598579aa504a392a1b77f5bcaadd378737dd74460aa9979444ac5415e8e623396f10e0fdec41067b47e89032aa135a530534dfc3b3a490ca5c8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads