Analysis
-
max time kernel
12s -
max time network
151s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
23-12-2024 16:54
General
-
Target
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78.apk
-
Size
4.9MB
-
MD5
c65a69ba8afe5b4f80a04d26b8b6b78e
-
SHA1
0ab8a12c2dde9ac88e755a39fa6562bb423fb454
-
SHA256
81a8aa082b4ff194f7a77e294c22df5bb83cd43024e90fc7cfe9cde37b188b78
-
SHA512
8b587e133eacfc42e946d9e2c4c9195c1f8d2485c99ebe0ef3a45f7037d792eef7113d287ba242993f9ee68eb4aedc79d7d48881d88b841059fe902497c4574e
-
SSDEEP
98304:HPfQWnSNff2dCFZuM876xK9yx3qpA2DSaX+SAYLat7i0rJDi0:HAQv76oIx3qO2DeSAYLajh
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries account information for other applications stored on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices) 1 TTPs
-
Reads the contacts stored on the device. 1 TTPs 1 IoCs
-
Reads the content of the call log. 1 TTPs 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.arzdigitals1⤵
- Obtains sensitive information copied to the device clipboard
- Queries account information for other applications stored on the device
- Reads the contacts stored on the device.
- Reads the content of the call log.
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
System Information Discovery
2System Network Configuration Discovery
4System Network Connections Discovery
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
94B
MD5f865bc96b3aeaf82bc86aa4cdf2fc436
SHA1533cdbf38c2a247665237572a062b1eab55730b2
SHA2569454dccd9e8d07d33ddcb12891710c2d6965dd38cb81fe45bc940917b29838a6
SHA512a8d5cf90349e526165e46d158aeeb295f0f8017407911d677b4fed4240197acf8e0b0d9262993a541f08babf00bfa4671f7e745c88125f480aca66582739be6c
-
Filesize
204B
MD5357be52d1a98c0e27eddc9033b05a3ea
SHA138c1fd5da45cd3183742eacb58b3368be22b515c
SHA256dd2f4c24249d28f1ab59da472a53dddc363976195b6ef76a2a1bae446dbd4ebe
SHA5121d9e07962cb63c8fb6ee10e1fb1b6ff75f8d507c157aa7fdb9e7685cfdb2a6654dc5c4306250877169f427f4479c12edd20d8df7a85131381de4942869e3061f
-
Filesize
51B
MD5e16109cb22093888ccb027efc3390bf1
SHA1fdbdec32ea01176208e17dbf7e112eac1f52e328
SHA256a93a08c7d54ec4ba0748873dddb5fcbb40d6208f75e66586379f961656dde9b3
SHA5127f0fbac8f562233f534a34d5c5d7052b8b2c75e7bb5a4a4bcf7bd147ce575389c4ad572696c5d0a18a2026a6b8a7a2883586a55ce1fa44fdd800eef68a9c4fdc
-
Filesize
51B
MD56e8c83b07c125f48f87a2c558269c86b
SHA1cafe3b4b6d96c7e6e44943a3e0a426c18a8918a2
SHA256b263371dc1e863f2768f985f14bee39e1b5b57694fbf48e93d2612e4fa5f9886
SHA5122899594fbeaaf441cae3eca3db4c410528ab1b4bc9e7c7eeaf0892a1874531ade8b3e2b83db46abc8d75c13d9cdb9b2b83804108be7dcc94c8651fed274e086d
-
Filesize
51B
MD5dc4814f2494c12b7300877d90495afdc
SHA1a870c58d3117ce4fe5502346b7c561e7e3bafb85
SHA256ecb4d62d21749977d4c1610e99918e0bbfcbfbfd97f8947cc5ba571bde944dc9
SHA512fe91212c1c7f0075155f49152ddc4025050bef990e5cefdaf66f61dd6d8d321cebf009db93c01f6f1f51bc2a52a4ccc922055f425c28de058b44b9fbe23a84ee
-
Filesize
51B
MD5475cb61da57a241d592a3547eec53d8d
SHA10d226bcdc0de927b37aa3912faa0a59018b492d3
SHA25677183d9de774bba054186f78aadcb404d4e45b89c278b2f4181521949fc302da
SHA5124bf7f4c695d1e7b8b729e3a1ea76ffd8af9196f3161526922fcc6a4f33ab44934133ce878443c85af2c17f4663d6b01f0fd1a9266326c29bbc5db92381116361
-
Filesize
352B
MD5890da8b93d03261fe87ad89de434e424
SHA137785d41e211433a6256e135ce4f6a4778d93959
SHA256c1564294179f384cbd0eac8f81e6cbc801fa3db54ca177e5095021625954a82f
SHA5124a70a6c250e6d7203fc21319ae25491c7e0e555cee3abb9e0d7455216cbd3b00c42b6dce14fd7f2080c9ce4f41756f14f781f68a79e483c5df26cc5ebaa54fbb
-
Filesize
347B
MD51ab702dd20863a78a48253a25a700507
SHA1a8ba6281b1eb67c7eeaed8dec8d1a1211888ce4d
SHA256d3e60ac8e0aceb39362cb9fc54d5231433a90a98c64b5af22f7da44d5fdebe39
SHA5125e4a3def68686e6d6590c1a3eef429527d4159797cdb95468270d32ee917a574c7a184bc198b2c5f4131d4d587637bbc863ff869e339993b01e2e538c49f3a33
-
Filesize
256B
MD540ccab51bf8885a217e34a3a0c86149c
SHA12a4eac7ee706231278c835f9aa5ee9b741742aa4
SHA256a2420cd21c64f7969fd809d44c8b341c01169ab806953b82f6915c2bb6d3e372
SHA512c63e3eca8afd92c41f693b8d5976929828652f0c1d98d127c1b2251497de822e9121ab9623bef305b79a819c98b78b1865ea33ac729af864fcbcf047d9362f07
-
Filesize
241B
MD59b2e687e342f17f44e1d5067fb3ddc05
SHA1ee74cf75c939add68b8634f13bda93ed4caa5d88
SHA256a6e07ce17f9ce2f3327abcd7beddfc2bba3b75fd008fa92ed58fb4d6bb07d8a1
SHA512dbbefe2b4395495c931e6c789e04d7bbe01a4d50f79e112d0900332f52502b9d6258659019fb97d01ccecd5787854cc36da08e262344497ad2f1a42f24f93a2b
-
Filesize
256B
MD522d9bd1cc1dcfd47689b05bf6132b63d
SHA16d15c2b6a5d8dc4cd360a61fd3e8d4fa0fae9792
SHA256b6ef4a84238de7383ad842ffc1ba5614b9ad30310bf440e6bfa3113ba0f4a79e
SHA5129de375b73990a3b1a89bcfada1102b5508d9d62ea4f67af581671be7642c1fc9bfa02be1b904b4ee2a0dd57afa3179d5544a4c2ae14cf0a3848e74d129d74b83
-
Filesize
241B
MD538e5951d35a225bd95120315bc31222c
SHA1553327cc441ce019ae6b077b0f7e2ceab5c6c8fd
SHA256c3eeff468ce38981fb94e89104c3331812e2315b7e0bce86aacbda22aa59a37c
SHA51221f4bf378a31cb3b600b03415251114f6cbd630a8578b87d03772c971ee799d4a1aa6d1240f6614fb93c964c7dc5a2eda8b52332d150a7f2d987e918a5f962b8
-
Filesize
256B
MD54879e367940c1350efcebbd9dc2b6975
SHA1c7e91b38e4cfede0bf80f671b6e60741cc1a111f
SHA2564b954e8367f686f996d083641042d88b428405e17514f028319b09341948e105
SHA512898172b37821bc7fcc37f81a61b6eaa6685b1c6f8eb4f52b5e8b29abbc8d6f7dec17fec6a0e4038aefe4d3931410023fee33c2a3a460bfa36605c69e35795461
-
Filesize
241B
MD58997b89281306f69a08a3406ccc15f2f
SHA111eb73499270951d9a98540f55c0e7677d3a2987
SHA2567c762604e27d703540683659e439bd05669890bc5e70d2a2be2bb3b141c3012b
SHA51241f4dd3f3bb376e823b0cfe9f39b3ef7e0c216efce6764569842f00b7e4a32f0e480dbd2459bde20e9e47e0118081b05cb0c7878f390cbe78440fe601305805a
-
Filesize
256B
MD5ef85aacf0a4ae6f7c73d07bf487331ae
SHA18d7f2daead52d4297f0e129a72f545df4d8c55f7
SHA25649ddc89646612755c6a7b90feadd77bb717e733203fcf0bbda2f8df122ab48ed
SHA51273edf8dd10ad1feff2aad539ea502aa8639cc8be7a054ca88e562384c3e8ef335b7de06c97826aad17da355045d5784e12874ea264c6763b253945d3e251bb18
-
Filesize
241B
MD593f468c9463537f633d380e051389798
SHA1047909980dc1ccf947bf7157387053f1f081d5d0
SHA25634a005dc2dd4b6e3a324353eab686dedef184af657341d652768abed5fb74a11
SHA51259b62058a4731d6c3f0e7e631794b466183f64ef3e432fccdd688f7b233093c80c111a3aaaa5229593f695849ab2c009f0cf2ca5d0ef0ffeca706a66c357624e