4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b

Resubmissions

13-12-2024 08:39

241213-kkgr8asrg1 10

11-12-2024 15:26

241211-st87tsspgr 10

Analysis

max time kernel
122s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
13-12-2024 08:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

version3.2.apk
Size

3.6MB
MD5

86b9be3dfc022d5b4725756c0cc5a02b
SHA1

e899c25a2674f317b8327682553ecf6a9f436f94
SHA256

4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b
SHA512

ae5798ec1e65fa91adcd73d6f6dde480e1180725e1b6c60aa4c4d1e10e2aefd890988d5f93ea3fb49c689d67d024dbf95df0ca20f8547b70662b7a063b96aab1
SSDEEP

98304:oK4MrIdrbxVoPs14H9xx6eDo6ddgwLOKTQdGd:oK4MrIdrbPoEwv0I7IGd

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.googleFe.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.googleFe.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.googleFe.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4936

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
50B

MD5
ce2caab3e836f88c7e999792501e8013

SHA1
a28a0d6033576cf12aa39c17e36dc94395fd2f56

SHA256
521a6d6c7762a72698cb4e37773309f3b015773a72b40c53b0b015c6097bed9d

SHA512
21919dc956c0b0e7259afd887edaf1f014e85905b11cf579a7f9b2fd59ab66ae10925d2ddc01a3d2aee6fa9f218b1606526ed821791257f9905b47555cbebb84

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
71f5f24f66be8127e5fcd7358bfddd38

SHA1
c8e19c65d007aed2b5546ea0af1999970b51343c

SHA256
c9e52d3c46b793c254d822a1890debcc9094969a6b49974c2642e851b8a3e7c0

SHA512
03282f919ae880c1029563776ad4f95e31f4b62bd244949bc16b245167832472f2be8f30566c9effb340894c3e3506b9ba6c30d9776eafbad2e9f79b543c2adb

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
edcb91a4757e473a2f85a2fb976273c8

SHA1
3dccf3d7d7a76d0c30ef945e47abc32dc36a2f2f

SHA256
888c3caa749c9c8d35a06a645da90b4d2226327cf2f7d2df712c17c38ec2c6bb

SHA512
395b2cbf00079accb687037e1e45336fe93f5893c31286e9d5bacfaa1665346d4d205be356041ea35e7c174820793bc4b0f8a4fd1a075a55e3bcac9e23cb88a4

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
96bb81047c13d349d05d2f8924344b30

SHA1
4329c39ecc38e947b0e4710c598a44e4a196cbe5

SHA256
0ea16a14f485df4a0f721b6e2de171bad87a9ec87a164d57ece6cf269dbcc609

SHA512
c8234ae194d0e8baae8ef6efc1c3e097362f29ee6491a0b9ffc8ce4bec771d7f005cb207c59bff3cffd911bf94406040fc42be222fd43a86cb6b8d48b020754e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a7fe9ef50c68712c5f37ff7584fbfefe

SHA1
4fb0745ca880bd9a882b5453757e59e56a783a95

SHA256
668a4275c11d6f762070e7ac91df1c3b584f20d06fa50f8c21ab14b54fecafcf

SHA512
806556a2406046fe569df318282d4add9f17934ef38839b872fe753cd578a55c070c005f3ea5059fb5600d02414bbb83d4d87f85aff970850b46d103cb9ab37b

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c532c68a2343d78840699590c67ddb76

SHA1
f606d966846c9b7aaa5140a5200c79518f271555

SHA256
0cebffe1709d35fb8c264663e704ffc5a45ea71d031096460831bb654ab7681d

SHA512
ae1692ce51505f8291534aaa4bf0a83b2e63e9b90b7c8e23e2cf76256b23bd95545d37143728aa4db9adcabaf1e470041ff555ab369c8d6a5e59389cf5cd5522

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
f196d271eedf50560922e2ccff5b07c5

SHA1
da93b5971e3c385bd50b80c6db8b6cd271528fcd

SHA256
b27e7f56b1e7275f558becb6e8214380541a0087757bc3023171d2417916e581

SHA512
d13fac0a18a5033ee52a07c4058b232ce16f1b3d5a8ce98743bf7e7f6c22edc83a9f413367cea1502a041def76e592d92a9c5186bdc73fad6092c573bc5cd9e3

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6c36d848bd67ee5f8d89a7916eb86a4a

SHA1
5315c282f22ee4b5280ad435fecf28211e0bb8d6

SHA256
ba3840fcbc69a49e151211ff690fc9577fec2c0ea1667585d744aa6f5df465ca

SHA512
61e754802f4d106a38b463967a39bfa4a68059c6f53877f7142fc63b2429c934d145a33b0eb83077570b94d7ddcfd911598c00cb4264f7d8ea9728e5ad295e8d

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dedb77b1edf8479666e129acdc34e3fc

SHA1
ec399e0b5cb6fa5f465bae8a1ee26e859d9ec04d

SHA256
9004802e77ad7f2a755a749b4c28275d54e2fb3f4f40599b12ab115bf39f5b76

SHA512
2931602a2c6f9a2fd980b9a04d2fe1fbecaa65350a3ad54929ea48d368566a8da5cd0b9e37802d4f4412b333900ebe297f457ad99fb7429fb7cb53792fb5dff4

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
b50a9b777d25fe6e1aaf0b863aadb49b

SHA1
3f239cdb6b7082d91fece50c32203fe029f660e3

SHA256
cfc1747e0ae29260ffbc50bb992efba719ea41c5047372c96f5c339b068b96c8

SHA512
005d3b4cbfd072b9547e76f0ce9e10404ea158a07c7a8cf02443e8e07c7c4cfea9ce7e89f2b7afd8f54e2651dd285a05c4c453b1458bf8c491fccc3acf2d0bfd

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
91c53dece77b047b21af66503f669375

SHA1
b4b6e3dff7f25c61e6c900f8ef1b674391709f1c

SHA256
659633b59c71e23ca441407f0e4d8a4d91c80d83c54f029a231062c58317de85

SHA512
6e947782c77dac06f63d7d93afc94b8fc983d074a1832bac1ef951f988ecd3adf2f44399c8fe8f4c0fbd50a2414bd5d929e9962c7f7773ba06b0c7bd7f7f944c

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation1090371513502437930tmp

Filesize
90B

MD5
5e6fc1d4bc846087006f29b70e6e4d3a

SHA1
487213fd39870a80dc8f1962c8a00e1663b80ec5

SHA256
ddcc6211b27174e22a41efeba91405c51d452a2b28560da179130c050cfcbc8f

SHA512
75b5bb558d126d6c691113b113345aed46219a4453856464d65bdbf86aedea14956162e06045b65fcbc855cc770bf4b99dac0196628806e4fd24b9d300985fc4

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation4021912078888206776tmp

Filesize
566B

MD5
66c1adfbd9a5bffb877fce53fccd49d0

SHA1
9bb26ac32239c14371386f4f396d34bee9887f6f

SHA256
282a5941b492e7bdb513f22be7d97fafa770770372bc0ed9493e26129fbe8fb5

SHA512
8ecc644d5f8fda6de1b952975f1138738bc8bb92b56e102eb302f12c1386b2d5c123f98ca55a4c7fb08c29e58c1757be578676b71b842ccfafca5429cc48b727

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads