4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b

Resubmissions

13-12-2024 08:39

241213-kkgr8asrg1 10

11-12-2024 15:26

241211-st87tsspgr 10

Analysis

max time kernel
121s
max time network
151s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
13-12-2024 08:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

version3.2.apk
Size

3.6MB
MD5

86b9be3dfc022d5b4725756c0cc5a02b
SHA1

e899c25a2674f317b8327682553ecf6a9f436f94
SHA256

4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b
SHA512

ae5798ec1e65fa91adcd73d6f6dde480e1180725e1b6c60aa4c4d1e10e2aefd890988d5f93ea3fb49c689d67d024dbf95df0ca20f8547b70662b7a063b96aab1
SSDEEP

98304:oK4MrIdrbxVoPs14H9xx6eDo6ddgwLOKTQdGd:oK4MrIdrbPoEwv0I7IGd

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.googleFe.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4722

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
50B

MD5
ce2caab3e836f88c7e999792501e8013

SHA1
a28a0d6033576cf12aa39c17e36dc94395fd2f56

SHA256
521a6d6c7762a72698cb4e37773309f3b015773a72b40c53b0b015c6097bed9d

SHA512
21919dc956c0b0e7259afd887edaf1f014e85905b11cf579a7f9b2fd59ab66ae10925d2ddc01a3d2aee6fa9f218b1606526ed821791257f9905b47555cbebb84

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62881d5d58f2c3cd785bcb93228ff926

SHA1
3f69c2a4fa4b87050abdfa3a845aca92a841a808

SHA256
b7c7e2782e1fd4128af585c1243262116e4f61de3f0e5b0267b3d5ae7de076de

SHA512
d33b1485b1acec2cbb3bcb64241145dc5e1c6b5daee522b12ad3d5787df0d3479755e2f721d6bac425d2f4f93d210e4eee2eab1c55f83e648b5752146a986839

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1abc51e280d0aae0d7359580ff40f046

SHA1
10b6d9ada12c6821649df0208c6ca2b7356c25b3

SHA256
5c4aa8fc72bea1f9dc6bd3e81b332b91d7664ed6e707cbd4e4c59f5abd70e102

SHA512
cafda4bc16013adab88766c86c6f9cd50edb6054b8f04557199959957287545ce52dcbee8142fe8fef5724ddf7bc959777975687599c5e503be0f45c2f247791

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8772352b3c4f83f3586608c9422767a4

SHA1
a1977215b1ce217402c93fce918d24815ba0ce9a

SHA256
97fd78d7efe777129611d7d432a11298a2dfe7eb6ed64630b546ed67867468de

SHA512
9b59c0b8e3e1b07fad35709091ccf04d95f9a63890cfb5543e29e8e087a13b4c006bb2f9a42be4d601d8a416b343ee0002ac701a5120c14594dc700fbe3af6dc

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
81e1b87881af4373df6dc3a2881f36dc

SHA1
2c3934a0e0cb93d75b66dd24e2927bc682f25bc6

SHA256
b62dc1465d6707fbd9b4e4d9f1e70e5d652b7f952887962cc2b58882eb389f4f

SHA512
945fd2e53d1db129ee001be3d661f17c22b28a09b2973e1e07d68ef1c1c11218b67f61cc4027e27fc88efe743a66014e642481c2616f95a7a3b9715ce60d39c4

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
dc61350d1b6e01c4064d2e5c303870b4

SHA1
6020791c99fa3a00ca235caa4afcb0fb6d97223d

SHA256
a852a58c2676dde9d0e0e8037d0e5eb95eb628add709bd3af51af24d5107a1a8

SHA512
9b0680daeb016b417d7c6bc14beb2058fb145d11d5ec633098367229db644f901b69ff6f7218a4bd8f11edd3c31ff4ee8fbb58fe592b8eaad643df259c77af19

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
051ff4f870e035bf85d5d0456fb9483b

SHA1
1b035296d7c989f42041b02b92132e2afe8c6da3

SHA256
74f35715ab3dc86464afd0bf389ee20d78b66caec849c3b3803fa0f212a2bd90

SHA512
11c5ee085e745183d3440c8994d806d98032ff79ea6af1e559b2462a510d76d5f7f7ac008cd839db838ff61b93593a7beefe1fc9e4cc8d5f59703e92d21f8ee0

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
6d172c9a8a39125c9e51e7bfe6c569c1

SHA1
7694d7bd7e64d43f3f313c2918ebfa8ef09ab1ca

SHA256
eb5094360d748a02ba07729e3ef46fce36c4d5ce84ef47289b848f9ae6f164c9

SHA512
cba88e308901c16161cb5cf09e7c4f0581a23700f88745056b852a3c199dcfd50e5ea31514f42c600c504c40672792d2af24c4a6311ba14c42bcc635fd7e97c2

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
98daf7e2f51bfc3f5f945f6ff6c62bc8

SHA1
d4ee204ad5976bc39c20631a1845588a5c6da587

SHA256
322d255dc78464871546f18164ded75c54d5dfbaa8ba1014fe64d73eb59abca9

SHA512
ba66222b79ebdad79f8335e116028fa8168551c625f618d4db94b0e21ed63d2cf18812681400de66b3f7cf946b34d35820d11a658e24a0be43e6f2f3c3e997ca

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
39e9d5ffc2eacef30e7e190d3cff684a

SHA1
079b2453952e836123616c213318ed3fb52d6e9c

SHA256
671b41f4f68df12e025ea3c654571b63717886b385f3a6b983dc9162f0558482

SHA512
24bef524b195fa9137dd0e1f61d60dfa9e1a521e00deec9c4223143d267e63b9c111d46d6978d7516e12400fa99c94eea4b550b2b2abefa839edfe585ade0100

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8c786b54575461509d58406107dde6d5

SHA1
b6d71497d0d0399487f6cfd58fa4a39d7f0a43ee

SHA256
6dc61b6937d3ad8da5ff5f70a0939d52fb38a27587999d2faed1aae161c3163f

SHA512
f59eb1fc42fdf39bcd943f7e9287dcfafb9b91d90390864f61854b65147805ddbde19355bb032912ddcf33849d67f2c21bfca4ae7ba50cfcd2dbd9a3970fd1d1

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation8554641480324691138tmp

Filesize
90B

MD5
cf671106902e9504fa30572f58f5383e

SHA1
6f15d00d18fc67234d45f43ca04c5f4cfe7477b4

SHA256
e9c0fa9738bcb5ba543205eeb25cf5a927c6478535e5a5de3a06c04b56e1b0cd

SHA512
3519b76d2be54bdd1e5e159ccec6fc02c5552421a26752df31f4363c4d3936cc87bce66d3c283edd452ebefa31ed035eb5412e66a183b8332e53e811e58c8737

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation923559778113699790tmp

Filesize
569B

MD5
d8d7882269ac785965009db338b743fa

SHA1
8d788d61f805308a1bad902f0929bbd34e531c99

SHA256
bf9a42f30d00e95b74c99ccafcf8839224b18c83437d3c5669b7877cf03d0c6a

SHA512
3b49e5c19de4ceefdd8f9cf6df1d2229e78348f0887c49020184a439efed6c8a01cf55c4cb6fad5bd5dd8810d8379e426576d3c97580ac21c43673ed22a0b8b1

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads