4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b

Analysis

max time kernel
123s
max time network
134s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
15/12/2024, 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

version3.2.apk
Size

3.6MB
MD5

86b9be3dfc022d5b4725756c0cc5a02b
SHA1

e899c25a2674f317b8327682553ecf6a9f436f94
SHA256

4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b
SHA512

ae5798ec1e65fa91adcd73d6f6dde480e1180725e1b6c60aa4c4d1e10e2aefd890988d5f93ea3fb49c689d67d024dbf95df0ca20f8547b70662b7a063b96aab1
SSDEEP

98304:oK4MrIdrbxVoPs14H9xx6eDo6ddgwLOKTQdGd:oK4MrIdrbPoEwv0I7IGd

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.googleFe.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4606

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
50B

MD5
ce2caab3e836f88c7e999792501e8013

SHA1
a28a0d6033576cf12aa39c17e36dc94395fd2f56

SHA256
521a6d6c7762a72698cb4e37773309f3b015773a72b40c53b0b015c6097bed9d

SHA512
21919dc956c0b0e7259afd887edaf1f014e85905b11cf579a7f9b2fd59ab66ae10925d2ddc01a3d2aee6fa9f218b1606526ed821791257f9905b47555cbebb84

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d088a1e160799aa552e113a2d8c2a66d

SHA1
ead663f90ef89c52ba8de2b5bdf078239576b616

SHA256
483384d0ad1454a32987c95d12010cfebaa9b5f944cd2e378d760fb2bf6a0efd

SHA512
5ad971d04196b1d62202a6c507bbfb46a6c6ac2764e206522905309075fb0b940251ec7ed85f0562efea7592b3ecc5eb7ee1ad12aaa55143037b3d0c0f1e24cf

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0bafdc2d1b479e96d65792f41c44df39

SHA1
f1f5db9c045d047ce769c743f397e149927dd5b9

SHA256
e44cfe62eb8083088f89007e925606ee63a257fbf971f09d03bc790830f71677

SHA512
08bff68b94f7220a6328a5f4aa9c693b8497b31f94a300b9248974ec4c191651afd4ffcee49f5ad6f0e3d21922557d5cf1cf448acec4dab3c63098e04304f00b

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a04411b246ec47a306e9991330b84b86

SHA1
e1eb0f9ff866c441bee5dfffd3e069d6edc5d18a

SHA256
2ff2c4d660ff0497355599b8a754de37502b08cba63a761e214170832a580144

SHA512
9c673224e5c0f0bae0b2febef2ebb9438e8d0e93a65bef835cc6551b143af0b7394d6ccd434cf0757f94a5ad69d3ee0e47cfb2d1260ecd9b9005cefe74cc3b4a

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
efdee110f142c6c7754d4ff71acfdff1

SHA1
8153ff5d022434af987152a10b1a3fe478185e53

SHA256
e57ed25dc08da6e04e2024c6538449506a20f5695f82601df584d24834cfec12

SHA512
a1cae92d7a231fc2fe63d8cb8342b92fc2767c20d0be99cfc181e7f6ed1a4e13c8e1b082fb1b908a96e854fea7fc80964f54614674eb3d59c489eb7584d04c61

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0ae7a69393ecb41ded446e2f59f75457

SHA1
d9f4b533c260bda2ad4ffc93058fd85bb89490ad

SHA256
4b5bdd63ae46a851ea975499b955e3fc51c17c97893ffa42c9e70c4e59f3b634

SHA512
04d3bf5ba95b6456555ff1a6119bff6c63ad34cd32adb37db007f6ab6d93fa1245e360956212cf153688daa7743acd639296cf57a0e60403dbb43ced983a0d38

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8687b13f01d02c9e59a3953ab8b370f7

SHA1
e5ac0357de03a6094093ff2e7f042b8a9e9f85de

SHA256
e26a5acc5d2e77d5e9f09465eaf1bd2b1ec69090cff3f797154738204735bf77

SHA512
620e59b926ba47617cdcf031337b2b57d300a31eb553e269cec6d49eb6fc309e62d47a8a664f7402fb2e47fd57edec6467ca40031a43e76f641f2327fabf85e5

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
79e920e5c6d45bbd3353ae84b35d8d59

SHA1
aa67fa52b8c538cc9f48a7e224648ea966a69e3e

SHA256
93ab8a0c391931c0d117fe2b0a3af5b9e3a6773818a3c9399dd3c9f796467b46

SHA512
ab23a55179d046514af07133e4e7048ff549459451af83e86440a248bd9872776b3942c653977feddf99bac7d7ac03ab73184ccec6b1a22fd6700e44f6656430

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0991ae5172f8c742d9773bba0b97ddc2

SHA1
718e0fc394595f3c88a2b12c771a9fc1ac5dd8c2

SHA256
ca7849b8a84d0d13f3f43b7ee72c7d0573164968193b41900709283211395537

SHA512
ed0552541455ada7cdc88016e06490715c2c3a85c2f3335484db27438edec47492ad32e50cf805c1d67eda7bd9aa21114b564bbbe6bd00a55a34c172fd859d98

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
499fffe1dd8fddf641da82ab949ea6b0

SHA1
59c079811d666e5c0428deb65bb93ad7ace786ad

SHA256
e112646b4bc6bf0054d02f18bf6f99ca6e0685a31536241e188fc7be33f0a54b

SHA512
0e137c6aee4bfe75ebe9c50e1de6f13c70dc76ee2b0235da1046d53f143d762bd2f32adcaaa5834557d6c2601277a068d393d4205bc378ef5c42e01e8372c0cb

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8d373e13820ec2fbe6068960bc1eef3a

SHA1
1d7a12d7b8a3d751299760299e4833a9940502e5

SHA256
df238f3a40acf8a374ab1694ebf1246d0bce4b066124795b28f41cd1a19c800d

SHA512
705826cde461d514213d50620cc98c32b73a3dcdce1051960f35839d55895c0fcda2ab1fca7263f3bf6a75921d4b07498e0242d009859745765d86d3adbe6cd3

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation2134876968387191989tmp

Filesize
569B

MD5
deb005699cf22d874914c09e4403ca69

SHA1
da5a88b4d39c057878decc3a3af87f5b07b98b9a

SHA256
f3fc360c2c5f6f12fe1b07ecc596c7fa795ec3a162a180552bb02a77c460f91b

SHA512
d7449ab13cae95979b2b91b446a0b962787c8d8f4ef62eeee5a0f2d9938ce8f4a2aa454fc36d2b1bc0d02776d3acafa81948723f1165f57d1c553350145b1a0f

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation5019512638850487871tmp

Filesize
90B

MD5
ec602c3a352f4d745d911436153393c1

SHA1
622f266e3c30aa47ebf26acdd015dbef41a16f58

SHA256
70292c83ce5ade6e309ba9569c51612e50e0f398b44fa3d55644812bf76c0e5e

SHA512
0fec1b3baf2a3a5860415500ccf53605bcc7344c8c9b4903c85c1534f308fc5e9e91cd626b0a82138bb162e0217f97806886f141f722dc7b5c42879a48e2c2cf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads