4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b

Analysis

max time kernel
123s
max time network
156s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
15-12-2024 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

version3.2.apk
Size

3.6MB
MD5

86b9be3dfc022d5b4725756c0cc5a02b
SHA1

e899c25a2674f317b8327682553ecf6a9f436f94
SHA256

4e609c2edadf166dbcb5c492e48d8169d5a36b09a3698a1ef27cd681e9f36f1b
SHA512

ae5798ec1e65fa91adcd73d6f6dde480e1180725e1b6c60aa4c4d1e10e2aefd890988d5f93ea3fb49c689d67d024dbf95df0ca20f8547b70662b7a063b96aab1
SSDEEP

98304:oK4MrIdrbxVoPs14H9xx6eDo6ddgwLOKTQdGd:oK4MrIdrbPoEwv0I7IGd

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.googleFe.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.googleFe.app

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.googleFe.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.googleFe.app

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.googleFe.app

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.googleFe.app

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.googleFe.app

com.googleFe.app
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4927

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.googleFe.app/cache/1

Filesize
50B

MD5
ce2caab3e836f88c7e999792501e8013

SHA1
a28a0d6033576cf12aa39c17e36dc94395fd2f56

SHA256
521a6d6c7762a72698cb4e37773309f3b015773a72b40c53b0b015c6097bed9d

SHA512
21919dc956c0b0e7259afd887edaf1f014e85905b11cf579a7f9b2fd59ab66ae10925d2ddc01a3d2aee6fa9f218b1606526ed821791257f9905b47555cbebb84

Download Submit
/data/data/com.googleFe.app/cache/2

Filesize
34B

MD5
c76013d165ef454e96824b1f62118c7f

SHA1
f9e0cf89bcf722d7204165ae26c131cf01cbff28

SHA256
9890e8131aca75cf93d9b0d92da3c653ca25768f93c29dcf486793de952fa142

SHA512
9b5d264af7541b623e5ab1f1fc96d572d5cd91df876351b5941646045bc3c268c10a822c6134aa8d25d81daf59e957a6c54d66757f3c7d2bdf60755d28d78b47

Download Submit
/data/data/com.googleFe.app/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0676cb64a775ffecdf1065107cd1863b

SHA1
9578bef995ed881f703b7854c9d3c88e06b35049

SHA256
c55b992eec23d3de7124217bb0ccd3661f4072d1b31ad9dfead6ff4f9edf5ee8

SHA512
be0ec657058a7821d8ebc082a3ac21a9ff00b5723e77deeb61ec666c169ceff182f9d1a05053d083a4412850c2f57c0c5a1248d63b2b04f121a7a2cdc50947bf

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8ba5fd44cb928f3c559e555b0b34a84d

SHA1
4215f6f7df2d156f9d8529ad352966728526c12a

SHA256
3b5ad7f561f033b542af31bac46077d989b3c6b07defdd50cc624e2e5bf013d5

SHA512
ae6ce1fe358bb4250faff52d3e20897a1be6a19f4186396aecba6de3b20397dc1390cf9d6ec44ecde929c95b544db4cd16d25e192b7233d7bcb728581b271821

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4831a1604f2acc32dc9aca7b5585e628

SHA1
c0df477fc7ddf5560de3bd47454748db01c001c6

SHA256
1c93a690c587d23c85c6ae7fdb8afcc4069df92def689cfdb8b34134570a6c56

SHA512
3a94f45c96f7f08c9a4982446c9f69645a96fcd2f9318fc2139be393653ba812a0f4aed1341213c4c5b36a2baf1f93e16e90564c1276d3b42bc8823397db565a

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
060730919e0e10a53170b97fa9455b6c

SHA1
fe140ae5a9e8d5331b2bec3908ddbc06063e522d

SHA256
64d1aa7e922cc93a00ba3b31c04aa0f9c0a22f21b8002ffeb4072bf074a52dd1

SHA512
1c35141aa3989e8d372abe7223d627709a5739fe6771e524c4575e35ba9357f28a5b16b8ecb5a6a70b9db54fd468f4a4c6caa84f40d241ed3d47a4986eb6942c

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d89f698cec412410d27003f7f7464868

SHA1
d000b06fdf043cd19348ee98b808f019179f0167

SHA256
7f6662370ea69a843b09bf8e0aaca5ca08a73430002664b5586ee3ad174d7206

SHA512
a684da553fe70daaa7868caafc845ea8bacd3fe1abcb89a3aca304a2759a9eb24878e3b70f42acc037a7b44768fef154a66d166dd76ac5ad4af325fcf6a84c2e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
82404b663da685d70abae7ace9262064

SHA1
58c5f0c19bc16473defe2c47bb73e24dcdb24db3

SHA256
f59a3e402c43bf593b372226e5b0d57f6adcc720fddcc1536835265944b9efe3

SHA512
281f8fd75c5cd90536da320ffb447eec78b8d5251a62b3974febfbe58ff5116d87c0d6d6b562e1ebeb4540c2fbf77e5c51755f729c8bdff9e3f6cf9f7d42df5e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
bbad9895f9700d12166c650a4b80cc16

SHA1
9709302fc5f425cb69de5f0b1baf2e6550595646

SHA256
ece7cdd5e416f7989a8aea9e3fa0989a37ee9c669c9cbce06ad77e033ffbdc4b

SHA512
ae19aad51d244a210c75b1fae01c31a92b1286a2f92b02a9947536aadc39adbcbb0a6e33884aa774b633486ef03a45c163a3f1a6715bbf3421b6ccc21f01690e

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
84f1a189bd316ab8b49ebe423854e564

SHA1
3ae161daf4650279b315b4999702e592ee60eddf

SHA256
3e364c8a7fb774fd89863937868bdb5ba7f2a91de7e6fd83e8343d05c478d68d

SHA512
d4f28f095a842256d7e9650d3993198c1a1ffc9f98bf0afbb43e75b2c061543db7da855f99b23c26460499194e6dc19571fd7d611f2fa785d61e9a127c9f766a

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
ef4b7596435d22c316186afffd6c3067

SHA1
f224e7aa1c80cad185645a45fcb50eeec258c93a

SHA256
880ff4816b2aa95dac3401cf685ee7582824096c7ac34c229f07e71d5194903d

SHA512
44ea98572770d812cfa0096588a75be20f6284f8b0012535ceb936ece9bdadb6e514fcd9b12ee07289de1a18f30af6a33642427e0fad7b8c179ed9e891470e1d

Download Submit
/data/data/com.googleFe.app/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8465b4266ec102a8d67e61ffb9c9da62

SHA1
9bb0286a3a990b9aafdf017276666a728b9a0a8e

SHA256
ae28d9b48fc84d19952e99332bb94ab93e28e4547e07765fc77ea5ff6f8b6344

SHA512
4032875e2efff8948ed0c23200450f3dee3e75654a4a24ddc7f1d7f873b8f79f44aa701e8bb07a4a97d12cceb35e43e33cc196dec62abd5008772a0cd33c8200

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation2395302322738481764tmp

Filesize
90B

MD5
065e18ae23e1a345fc7ec8455e34ab14

SHA1
8b2e8b5c9db7efabed092c8e4fedfad894bc92ff

SHA256
a28aff6c2f1c1917a4012aec7a302d5e6ca7f6393733f3cb8455c41d5b45d04a

SHA512
37a7fafdf840f76045d75290bbc4b31a8fa5f5f08e8e925d5ede55cd8ac1e3f73f7df3da087f5e485fb85be23cdd349d7693b86b34f4275ecbfa435d6b7a5b57

Download Submit
/data/data/com.googleFe.app/files/PersistedInstallation5014976922647002803tmp

Filesize
569B

MD5
cfce6667d095328f0334e66fc9ab6d12

SHA1
7c773c764603dde96433b6c0a0473ea1f1383e9d

SHA256
558fa8e772cbafcafd11570cf779e8bbccd018b760f9e3232d5274c49dc6a35c

SHA512
7058c0d843ce0f056fae7c5a68cc3fba07b0c89e521bf989082813b3943a4e8c260392fc11f08b9138dd40fafc260e96eda6f5beb1f8730c74397d6c131f8eed

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads