ab7845e4e0081a9609c40d6e48ac0e1ccf171c6987556e37cdbb26e814bbd0d6

Analysis

max time kernel
123s
max time network
157s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
13-01-2025 06:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.8MB
MD5

c90d0c1ac450350610455c43505b6926
SHA1

fde5b2f4d4d58b66bdb898af584445751082d4da
SHA256

ab7845e4e0081a9609c40d6e48ac0e1ccf171c6987556e37cdbb26e814bbd0d6
SHA512

9f13e9e1bd48e8fd4e6e8f746eddaabd6e21fcdf3fe0908cf1e50a121bd5b14129bcfcbf2d05fe5f8f1de64a9588bb65ee969d640af49d3e3e6599ac59d4c8bf
SSDEEP

49152:i/67lUUxto6nfTDB0Ej0TNDShMkXEdmhupqBIbLFku2sOlgD6Qko8umRz9JdxH+w:4oUUxLfTl0EjEOMkXEdmYqIbLFkuSgWD

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.Mad.apq

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.Mad.apq

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.Mad.apq

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.Mad.apq

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.Mad.apq

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.Mad.apq

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.Mad.apq

com.Mad.apq
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5058

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.Mad.apq/cache/1

Filesize
24B

MD5
5b96a1e2f74418ecdf0f77c17abb1a7f

SHA1
f0b37d29453bef76316aea147f8841f5ca847cf3

SHA256
5b943c68ff720a25fab8bbcd2db228aba3b0a6f28a70a93553a8b7b106d4385f

SHA512
4ff7133aab37cc0c36074815fd784b9e2c7e318d51504ff0e3d661de5ed7a480453a1528902bd79311914560ded240a8d7562a69fa55257c6746691354329d94

Download Submit
/data/data/com.Mad.apq/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9220860c66681278d53dfb8748cf4378

SHA1
8915539e05107af4d9814b7db625cc2884e1e9f3

SHA256
1b9060dca222f870007e56c581237fe6d09005f0b5a66b972d114bb0f7b88e16

SHA512
8ead53aa527c2d59e3e56c258c1f179f4877bfb579f022ccbbde18d614b56547444bb4fcf1084403a26bfd74c0ba16be197bca19759878894d828cd544e2bfa3

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b849430872fba8c979d6273b318e4bba

SHA1
dcb282d499aba17e479742e79a6df24f4ab0c93f

SHA256
80c6b1dfcfbaa45f6d126c390ff66f9f1333cc8d2e75e0ab726a5cb645c70731

SHA512
9df665411a3b1e118e23e9906766397f9d45fbdbf8d65436a97519bb77542f1b73b312b6431e56bcfebb609b863ca0d9af878b8da3738f62429526fb0c5c4845

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0c031a5b006c5f808e663ee586580587

SHA1
5d0aa81966941e8f9129732a6825aa35d174c6dd

SHA256
e4d5beeeebd619fef9bc76fdb24ec7b28514ac6f050c74eeff6bb5a02f8a2b83

SHA512
c4e961d571d55ba8b208f09ecc4dab8c7af3c3fa38bc90af9ee4740e33ef53f72634325133a7624157045ac61ad29c79ff196ddf4e3dbae6d4e60b837276dd8b

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e36aadef65ea42d51de6915e4c64aecf

SHA1
cf9d003bf1c06797568d6426dd4b69426e1c7b44

SHA256
ad62572ded4f71bd6d4cd6423bca01951a935fd2b18a5f88982351f2f7557c76

SHA512
942e2eb00b77f82b783d68b0e324f9eb9942a53b3ed9659bc3148eb2b5f204f352e38a539b1599392d4ee2ea2da2374aeebcec22d98505bcbed8e2a0b605a6e5

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
adf6082723784327d7d1b34adf974e7d

SHA1
b1502f70eb881a1dfe41139cb719fefb877ee37c

SHA256
252defb835b04f4af7c59bde7bd119664e901928f1373171a287897e729cb2a9

SHA512
762f146c452e590e0e3015a080e9821b5488551b9cca7a212ceb11a853ddf6b1894c99d09ba20e6691f5078aaa8e17a6ed66dbbe541eaee152978fab6884e27b

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0116e578931fd851d4d638d6f26e8401

SHA1
36bb2a8b7e4a9fc260019cd655845fa4b9947fce

SHA256
7c2b8e7f5580d88b3869f52578e7bb3ad4047a8f3d159a164d9fc4f8e43c9762

SHA512
9178c834c3f0a5e25e6f9311f31d51d30f7d7f4a809ca0ae961bf6ed5f3bd3b5faa3c12aadbcfa41710eaffd02b5508111ef5b0983ff43c7645bcecdef7b92ab

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
9dab06a2e243ed933d5df19593475b99

SHA1
bf88abf9396b338f256d9a531684b708cc1c0e6f

SHA256
bb56e81065b7013a04d625cd33a9aa09a7ac0ae715c2bde5ff507e9975b13cd8

SHA512
59669cb2ef559e97caa86dceaf53d9faa43aa39c203382a6b0ba72c5ce3a83043214e2644b261e649d6c1ed5f60edb6ab3d51124ed0bcc8500e86eea517703bf

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8ef8ee92000c27952a47e2fc6677139f

SHA1
f9b09f2831182ffa6f8e323995584d97dadee8ba

SHA256
c69e8902150f91ed94d8683d69acadad8b3b3f53e11aa5553777b8c2cd03d55e

SHA512
d2ee4a30bad97a6a664ff55ed26ff8ef0947047700c88b8a191c45946980ea81f747020a2effd31bc20ca58e19972da617d79e9c89d728ea68be8602529b447b

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a78ff7a5aa93747cafba1a15bde702fa

SHA1
b608137a803831c3731be6963703041bbc014b81

SHA256
94657041b4dce61e286334c1ccfbdc766fcb7fd2cbb677263e803c6f02897c5e

SHA512
b2b44ca29b9f50daa2f51cb8c0d0baa32563554caac1b1288cd34baad529ea047524f5b6e8c8588f344c7c0ba8be5f92bb2c8296924b50624dac4a4166be3346

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
60209e11a4c1bfc2ee50e2902abe9300

SHA1
da748646d8378f55c9434643ffa185c8e1fb6126

SHA256
96c41ecd800ee0468d5cb995b9651911583dab6aae5cbcfa1941317e0987dc02

SHA512
2eac28c3958ed266f1916ae0bdfd234394ec211d2a6426f7d6fa9f5d31235757700333b9f6d38e3793372d4dc6114f460cff5cd2205b12c13f6976c91afe5b12

Download Submit
/data/data/com.Mad.apq/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
03e94d26d5f902f1041ca98d0760ea6a

SHA1
e9ebef58ceedd4138dde06c2242e7090d87d5440

SHA256
880e87a04c2f5e3a727357a3cdaa32707415e26ad5e1b9914cd5ebe1b3ba78fc

SHA512
58b0b40438506814262e1488e075c2e192d0909849c194285498c9374ba2599bb33bd757b72b6d36817ba8b7b93113c6ed4b3662bc3c82ad55710d219d3b2c73

Download Submit
/data/data/com.Mad.apq/files/PersistedInstallation3251751260522691965tmp

Filesize
566B

MD5
bb9fa477df4c381295896e9a78d49631

SHA1
36d05578b97d7abd5e0b6eac0ffcc03e92aae0c1

SHA256
08ee8dd749fd7ef2c46fcd0e240046e65b06c3945dd3b89af559b223af2bcfd2

SHA512
cb17bcaf7c55dca09b49c2c77319d539d8644247329ba45bdc7f5c61ca6381f2d3dd14c67f1ab474c6ad510e4c4d9a17a85f9fbed2edab32673c3ee029ddef86

Download Submit
/data/data/com.Mad.apq/files/PersistedInstallation3671759899858952248tmp

Filesize
90B

MD5
f139fa888dbc710a34df98b056a89cf3

SHA1
66af409f8735f918c6988bd941685243129b9ebb

SHA256
657e747899a5652baeb4d39b36a49e579392f993543985c6e08f9d5ba58b7ef5

SHA512
a0efd6c97891cddad79ae92180116f737283f62f1949034c47b3d55d5080f67f67679209c8e493c7ad645ab1614cf3936492356807a2a75af1a4d0e0a70b34b3

Download Submit
/data/data/com.Mad.apq/files/keyfile.txt

Filesize
5B

MD5
73114de8de57de8cafafd3774143a5e0

SHA1
a87809b8e35e756412baf288ed63ca5821e80233

SHA256
edf9e4bdc13c3d5c4ee104668aa8868aa7a9fd699a5c0cc8fcd7f3b67cc6412e

SHA512
61656d09546164469c18679b82df70a42cd9e75ed643f810584d273252db16f3f77ce8c4d9e041ce7ef023a0d4821c3edcacd1f17decc0cef89c4a71b2b9905a

Download Submit
/data/data/com.Mad.apq/files/starter.txt

Filesize
4B

MD5
b326b5062b2f0e69046810717534cb09

SHA1
5ffe533b830f08a0326348a9160afafc8ada44db

SHA256
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

SHA512
9120cd5faef07a08e971ff024a3fcbea1e3a6b44142a6d82ca28c6c42e4f852595bcf53d81d776f10541045abdb7c37950629415d0dc66c8d86c64a5606d32de

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads