c3d9705928d0fee0ca3e718ff4fa3da062d354ce7e8dc59b3ce2ab224d79ad69

Resubmissions

13-01-2025 11:13

250113-nbp9saslhn 10

13-01-2025 08:09

250113-j2b3mawqem 10

Analysis

max time kernel
123s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
13-01-2025 08:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.4MB
MD5

5af781cd5036adb21cfa6d68e845e1f7
SHA1

e24e5d4af0c469b1a52c9c8be735048215b19d92
SHA256

c3d9705928d0fee0ca3e718ff4fa3da062d354ce7e8dc59b3ce2ab224d79ad69
SHA512

841642f2cbf3fa112bf3b5e2d305cd4a4a2daabe286276b040e84d17b68c65854673110601351d014943e1a4837a00ad8663ca96bf1152af957582d8b49e54d4
SSDEEP

49152:X/8YJslyMr8CtryBNrAQ/fHTCllOdW0BgaDunD+ocahnPt:PlIyG4BNEQXzWOdW2g3nKocAnPt

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4449

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/1

Filesize
2B

MD5
81051bcc2cf1bedf378224b0a93e2877

SHA1
ba8ab5a0280b953aa97435ff8946cbcbb2755a27

SHA256
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

SHA512
1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d

Download Submit
/data/data/mad.net/cache/2

Filesize
71B

MD5
5ed78b7f423b37dd534eddfbd1a5b1f8

SHA1
20e1f34ca0c16281e1899954750fa031f3894fa4

SHA256
64d93976c18c61e8969bbbf70cc28e5cd4b40c3c94e936e272508f08b8f2fef5

SHA512
76ed4a5f5555a6b98e06a7d7b808c1ee905569c585df71883472a810aa396499c3d6f011b4ad92f7e5f2e0f3e19f53c98f42bd2ff2317be1e10a444adf1f7d22

Download Submit
/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b1401aabd992a0c9a3e902291e32e15f

SHA1
43c0fe274f3956a9724fec01d57d74ae6c6626db

SHA256
d544e24088a547141a06b2875974de54e348788b7bee2af56b468087b23904a2

SHA512
48aab604193b6d1aee0fcd824812972c16fc899d53080c6fa99f43726c445251767f8ecd4b2f9c5e038f80d481e390a9896c28d807601db66dbf0d9956cacea3

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4f8ec940ac711a6969bd9db265255f2c

SHA1
32b4dedd8ef29dbb181fe47eb835f13ae705cbe7

SHA256
2ffdc3d8bd7048453951beca35b76be309981c1e572ab709791d88a43fc49e2a

SHA512
9d92074bf799c8790f31c0cf330dffc4899bb78b6c48fb32c4b0614a4102430d0c64fc822ce29a6d3a296106ed712be14e5c186f3f1224380505770d9817e53d

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7feb1fe93acde6e88da2274fe40d4434

SHA1
1e62e2e653d95e8b9806550d46d173964e62e7a0

SHA256
d9fdaf903209fcbd3bf6902e85e5642a86d22a512a21b27870ffb449380e51d0

SHA512
ec0d748bb9a343e62207ccf1c987ab8df6014081ca773316ae62d093e24af71eeae842ca07c53970fd95c7cded681da2c035e239551d09d46c759ce1b11745a0

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ca8f56ab462a9cf641feb3be36de1c68

SHA1
a6221851946e8031f9acbc5ba1fd099e298534aa

SHA256
9983fc8d67c1e1b534c1f89119ba0947ba5467a3805325fc966ccf835d058419

SHA512
e03ab8d5acbb8bee5ca7c4ce35db9a803f9484caac98720c133664b67b6fecf599d2f189c5ccb2664a3234b83638f54b312bd53f96a30ac5e39d2a3eb9cd0dac

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
aec638d812d001786c477bfe930615c4

SHA1
0d2392f25333b29cc2cdb6263b6fae015ba341c1

SHA256
c94a809307d769907746ff04399d5368e91e6c5621f5abf1bd554de0c6b07e03

SHA512
4e123cef079c044e5b8ef8d9785914e607c7f09e117e94c3ab904a9b1038e057cc439344236652628f5fbd3ac500d7ef0a1730aa8765f533c1fe21c0474aba26

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c0c12ad0d6f963033079ea0414644e40

SHA1
66e573192005189cca32d07a7783b58c976f4e9c

SHA256
98456bf1c2b73445b4a8f226665ca9dee4952ff0e061befb78ef9b018a938539

SHA512
d48b10caf16844374a1b2973c123c6265db602650159a707ba7e5613de10ca9a8955933b74b2743dbcdc1c4dd3a87eb75ac2548144a13e0881ccad1cfbd19fc6

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
89ca31a28356a53808e579518f8c20be

SHA1
6795fc440db6f0914fa3671fc49e2e6ffa1a7fb6

SHA256
06baed55a895cff4191c47f199314ade9886c7520696812a9cbb771c38d838e3

SHA512
e8947a5e9e22f4a421fbd64618dccecdf01a64a6a8487048b7737d0d91ad71680ecda9187b4004ff806e5e4a42ed3160ee06a948f4c51614a860578fa6e221ad

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
26ae454128fc23bdb68ae72f1a9aa9bc

SHA1
cfb4c271b0a4cdc9303a328fbb7a1c1f9613ad7f

SHA256
558fc8925ae199d65a23b502e3fb780e4d30e8e51b6c9d74edc235835b86dbda

SHA512
ab09647d2f48e18e64ae27c83aff4f62198f94e1c03e35975de93ebd8c53f142591d779a772beb814a5ab8903e6c082c6e3a32d68d818e8e2fdf63ff99008faf

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ffa4946d6971db91d45296910aa01576

SHA1
5066c601e80165df589f39cb3b9234f0d7d7717e

SHA256
39c3375215d64e4357e8fc84389e3e6305d980294eec1e0d51e65651e45aee8d

SHA512
d73f17277d85c49f15ed636b2ab39b7d1ffce323cf760b573e81494aaa04b79adcb3602d789f2285998987a1c51c8c4e2362280dd692edf71a4e51ee2e15e13e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
51482eb810a72229808037e5992947dc

SHA1
7e8f1ceddaad34c2c29e3231c674194ffa892f70

SHA256
ee8265b6bed15370747eee4db7891a1b2610331eeffdbfa65f6c6dd6f664ec14

SHA512
b61888cf76483f6e8cc47fcd5f8fd24a6d7e281bfe3c7680b1eeb63e62fadaf493c99fc623e8f80797882194db78fe8cf692fee5411021271b6b5a4a728da56c

Download Submit
/data/data/mad.net/files/PersistedInstallation5629644423188448692tmp

Filesize
569B

MD5
c00b2fbac4921ca240dd964f5e06b3bd

SHA1
2a56a0f3e7f7425030dff2a8d46051dc72d2c7da

SHA256
d713c84990361ae7ce0e4319d08e64b12311253b5095bd464c3ddea3d38f8e41

SHA512
27b6055468c112d4e9323e8432f6d1c7de5bd7e3797cf90b0610be7be4f06ae6e4b842757cb4ad577df3653f016a28cd1ac3d26fcc51735415ca4dbc3ac4c879

Download Submit
/data/data/mad.net/files/PersistedInstallation7504201498899458650tmp

Filesize
90B

MD5
968e28d17d943179515733678c1d8fb7

SHA1
39bfe49799588a1a96af0e52ffb71502f67be83d

SHA256
0a849797fe18d13f58198e2af01ca5bff8d7fd57dfd404398b21302363740b85

SHA512
6a3e88fa970b1c19c0b29a33420f0c765a59b8a48d939c0e539c43d349e9f6fbbcd34dd3b868922adb672d8ee11d4751269cf3759440dcba460b888e9f0ee168

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads