c3d9705928d0fee0ca3e718ff4fa3da062d354ce7e8dc59b3ce2ab224d79ad69

Resubmissions

13/01/2025, 11:13

250113-nbp9saslhn 10

13/01/2025, 08:09

250113-j2b3mawqem 10

Analysis

max time kernel
2s
max time network
750s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
13/01/2025, 11:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Application.apk
Size

2.4MB
MD5

5af781cd5036adb21cfa6d68e845e1f7
SHA1

e24e5d4af0c469b1a52c9c8be735048215b19d92
SHA256

c3d9705928d0fee0ca3e718ff4fa3da062d354ce7e8dc59b3ce2ab224d79ad69
SHA512

841642f2cbf3fa112bf3b5e2d305cd4a4a2daabe286276b040e84d17b68c65854673110601351d014943e1a4837a00ad8663ca96bf1152af957582d8b49e54d4
SSDEEP

49152:X/8YJslyMr8CtryBNrAQ/fHTCllOdW0BgaDunD+ocahnPt:PlIyG4BNEQXzWOdW2g3nKocAnPt

Score

7^/10

collection credential_access discovery impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	mad.net

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	mad.net

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	mad.net

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	mad.net

mad.net
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4586

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/mad.net/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8e2417744549c4fbdc29bf5bb71d3a5d

SHA1
511eb55914ed56690979cdb58445ff0369db67d4

SHA256
8a8875b3bd7aef231e5269b00a24393948e0c26540cf5e25793262cd13ff546e

SHA512
b376071328b760f68ef2139deda448823df589bdf131002bc70c4a25b882cba86920f671be806c047114e33a83e7d9d49849d6e3724986bd42b8ccb317fd0748

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f8b5bc0730577714f1a2984935f4014d

SHA1
85b115423a5801ba80e194362db077c0499977c4

SHA256
5f61f437011c03abdd266a91b32d2c11b7ff145cb45a13f1bfb1f443422ff4c5

SHA512
cefa450378aeca37740a08ba962fad00e88b782c2eff1f5545e719bbe73b2b0f5702eef308e5a8083ac2f8baa0e91aa9dd57f08398d8508fe535bd1e097315fd

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6369b5362a473d578cb8350b7d10ff3c

SHA1
8cef4993afba7b4803661655c7834822af692aa4

SHA256
df7c5de2befb62d2393749de8781e3a294f85a79877ea9d80a59bcb16c6d94e7

SHA512
92cde38b72c82b72851cb62a79a2263fb1bd74bf74960ba20ecb1a473101d545794c038eaa8cb2dbbf8f09cb971f83ca41912d01cd0ac327fe20451c4aa6993e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
df063fbda37211ec603469343443bc52

SHA1
eeb65b30c3291da5df158e222086caac7ecf745e

SHA256
a2d7c8aed58b928e8967b5a965a88a42111b1fcd4e3957854afd075b447b15b9

SHA512
d46a821fbef4cd1435e23fb1782baae03f7347beb518e0150b2390c271f6d4f650753800d77dd8f7f3366ca03977699608ee9a8b5daf60511ae7deed393c523a

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
de82e2c94d2718988804b035a46d17b1

SHA1
705f5ff19093ad209f2a666085d6ccaed3bf58a4

SHA256
29110e626f8f49171d14a819b34492d094120f21ed7a963007fe95439d771d39

SHA512
68f5f88e638e76cb5036dad6b320896f1735f64067ace152e0baea81e9ea0d153559f53bd5c608b397281369dafd14c5f5965f92f567dc89db157414a699023e

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d9cf75fdd1c2292d986f6c3d5d60f2c8

SHA1
07ecb1d3a26d952ae5fecf54f36699ab498510b1

SHA256
2d227e9b7a044c8e10294f6a831fb92d81ea9582381796d87f35bd268e37538a

SHA512
442c96e4b4c79b8d1c64dd3a6d6088ae1dace441e78d830dfb3190ee1c0fafebc606fb432071b4a1ad1a4ba9b68c7877b0bce520ccc88708feaf82bbc474e0cb

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
4131fb5ac3725c923b3807a9528c7aee

SHA1
e078cfe78e7656629c6e5f7ca2205ac4c2becef8

SHA256
a28c71b0c5836d18d25a99d770241de20edb68ec277983f118078f0c94fa74a4

SHA512
ce1c0b2bc74de8bbb2dba02f702e2bf25e1ce3c99ae42c2227afb31d7316d4597a92c6ae980aadd4b04b827273113a9157e11dbda701b30b3c866cff160b7f34

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5275f05ab5031d1f490f8256057da31d

SHA1
0f036da8107207606c0aec1ff35ee7c3674b677b

SHA256
fb8852a9888a4b4ff13b16ed063269e220a2f9af220fdac776f9ef339ff273d3

SHA512
887b2f59bd9786b062ef75aaac29234f71820d6804bbb470f4829daf08f99e475485029bf4bd80ee425094a134b37175a10f063b42fa6d5dab01aef2658c5273

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a006bf45c8ffaa06ccf222459ad87555

SHA1
c90eb48c70d639c9576ded84b3e7dbe455c5b480

SHA256
7b8bd3386163aa6ef45b27d8fffbf1949d8a62d47133659692a22294bcd30cd3

SHA512
4b8aa87824e889a5109dba7f0a7f9d5e8100e6fc030067be3cbe758bbe3570941f44fa2755950ab193212c1b198e72486a04da7b4d831910dc309f413b3ab034

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
2713dca991be77fff291d4b4271cf028

SHA1
06cba3961488a092ad62a041c7954de2899a31ee

SHA256
c8f4d6a31a34789b7e1f9d5b59efa6fcd9b2981b01ebebc8eff11310ff4962d7

SHA512
181de28f947c1f4ab2c125e1e2e7f79ccb0dd60ec93d698782d341ef744660842d854e94474e36557ceab47b3fa288dcaab8247773ad412a28eb6ce562f632d6

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
c0c03ce0a99c0989a05175f673c2387d

SHA1
4b5fe3f893a99f370d4ce1841a2a954931350bcf

SHA256
ee01d444cbeb49b23d4a0a2bbff10576c85fd4c180945f3ce0cd8dd7c8982c55

SHA512
5ac0bfc4e3724242bdb78867e14fbc17b007d638815118e38d1284ecaaab58018c07e39367645efe17cae8939bccfff486fc4712aa2b4438f1b423c9e7db46a9

Download Submit
/data/data/mad.net/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e07fb6bf81ae99a2cf08938f076519ec

SHA1
149ddabee5cd0d5e97fc7ccd0827873d4676c3d2

SHA256
f84fc4c6571712d116f60cbd76a311bd022eee2435290cb04e4ee2b04934f934

SHA512
a75986a306c93ce4d2d947a4f6ca70a4f1b2fbbd33b198aeb9411ce85d7c95389c15a821d7cc34e310cade090ea940e014e1c999148e761d4b3f9991e7871b49

Download Submit
/data/data/mad.net/files/PersistedInstallation204103057729514085tmp

Filesize
567B

MD5
415f5e7751d4330c6623b160ec89ea62

SHA1
67b341e20efd0507439aa52139fdb1d8864679eb

SHA256
470569df34d03c764386799feeb403b0a544082a27d21575cb46383b61e78b38

SHA512
c4ecd4b6281548a65b9268b1d060a8a975f6bc3fa7980807a615e2cac11bef0c98f3091962652cb82339f37414c3105ab74d32efb4c498e7700ce425f8dc5dc7

Download Submit
/data/data/mad.net/files/PersistedInstallation3152789070320448370tmp

Filesize
90B

MD5
0fab4ac1e29c0dd259c568d7469acb2e

SHA1
e3a0322de65bcc9c97d0cc9cc6e43ee74a2f5aa5

SHA256
f2f821c24f688b6a280636f52a06fa946c04d19039344d3cd65d6c3855233a90

SHA512
01dc029e61a0467597253cb73087e7ec8d228e6cc048656985bbc0e68670705489d17f8b37d97c19387db123ac16e0add14fb686ac2dbb0369568e33f866e71a

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads