d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2

Analysis

max time kernel
88s
max time network
132s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
14/01/2025, 15:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tasker_6.4.9-beta_arm64-v8a_armeabi-v7a_x86_x86_64_mod_apkdone.apk
Size

40.1MB
MD5

a3e67dd6627319f1bf57f22d47bd779e
SHA1

785d513dc4be4cfa90f41ad18e6935ffe8d5a2e3
SHA256

d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2
SHA512

7fe2023bebbaef5fc57001430f20483b127480b9342d7edf0866b08f65eb10e6b046f782e312cf6e73fd04324be311b74d80f2eb39c95a375c9293b66d1324ff
SSDEEP

786432:clLgf64/Szm6qRr8PwCQ7I+j7P3AAUsYi2IRSPzOdmdljlVWgXijsIJe:clgd/SSCPoD7PQALX2I4Pzsmd4gSI8e

Score

7^/10

collection credential_access evasion impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	net.dinglisch.android.taskerm

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	net.dinglisch.android.taskerm

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	net.dinglisch.android.taskerm

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	net.dinglisch.android.taskerm

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	net.dinglisch.android.taskerm

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.dinglisch.android.taskerm

net.dinglisch.android.taskerm
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:4374

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/net.dinglisch.android.taskerm/files/profileInstalled

Filesize
24B

MD5
770a55e2f1a8cd2154bcd746648ff58d

SHA1
70717102539ed74528b10f33916f9a0fda2f71b3

SHA256
f52089fd8ce1ee6b86028fc956b40c19fbfafa2a79e3a88dff1bc9b0d06711ca

SHA512
c7770718e581e05a039758fdb1f9198dcaa99267b29c82898d4efb7efe765d0eb98c5972819aa4858d50a994b4f870c659bc7fbb157eda160645adc110cd59f0

Download Submit
/data/data/net.dinglisch.android.taskerm/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
d3c280d3418c1009b3a0390af7497ea1

SHA1
002a344e073f25687ab636fce696ebe555fe4684

SHA256
85be44657a6791aacf8a4a11cc07726fdc500a1d4d3fb7ef1471359028fedd0f

SHA512
9d76e06ae2f17a4dc7bd5532132ebb285cab7f0fdd009e4e20eebdb9643e6a10a7d9ce31f9e83c4449a8293d7b6ceea217f12002b7c7e40d378108dc814d4199

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
b01674157bd93aedb8b6f754f306026c

SHA1
3318d9449daa8e5ca475d353534a4b3344aecdda

SHA256
6feff7fdb75a809ca7833acb1d416656b4b99ba751d6186f78294e4b4059edd6

SHA512
206cc2f0b468aed79467d15a37462bcd289e2b3f20e88cfed0f672ed339af6fa72e161c4a0fb6c3e8af61782b11affa8f74ae35133eb998736d33ee4d71d36b7

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b81d947909eff61897061e207c193aae

SHA1
a607977a4cba094d7f09d54d6274879d7a50af6d

SHA256
202ee187a2e9627994e50ae66695c4d1dd0cd3ce4aa0143777849a4f64c831a4

SHA512
348fe5227deb6cb23a842c583a66cc9ee9fc144e24726fd31bc2e81572e220bbb1abeb72782bfc759310a88520db23d4a3ba074524f5eac3aab09c9e61462213

Download Submit
/data/data/net.dinglisch.android.taskerm/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
6835b473845876be80915d21e8ff33f4

SHA1
e3ef471adf67103ca3eda4b8ffb0a49051c356cd

SHA256
ceb1edc32000954becf8dd52366d1a9bc6e959316eaa323cbe0ddb8c024b684f

SHA512
ebef195e7e2e3879609d4936751a5b3b41a512b75115cf6ec7107ed8e4a4067c360f2c2f96e0b16c4c0385c619e38e438460687f59c0c0f8aafaa51893fd596a

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
30B

MD5
46ff7c58b31f8d1c6465be077aa8caea

SHA1
13fe5acaa412b68edd2cc730659bd5dbf2e3673a

SHA256
17c10427264db61e43f37be47631972bc16d7dc33b319006904536487fc9acb3

SHA512
5b451f026c50aaf0a62b9586bfc3046e21f110201463ef2fc9068b095e52a80b75b2ebac833cd6d2d079a30c44a314a399c2ebf53ab3e8ac77fa9d3b5757b400

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
5KB

MD5
39ce3422ffc799a895fa4cd125a22999

SHA1
602a0c56d6a333bfb2d48f85237e333713edcb1a

SHA256
4e9c37484e495510b664c71713745e7e153f58fbb94fa2d2dff33f5fbdf7f91b

SHA512
7dc7fdbed5f87728a8d3452c91e1a824d3eea22ed93352b2814a116e4988183e966b671945adb028e2a13149c2b8889114b18a22de4c0d21f86ef2c6d74f7828

Download Submit
/data/misc/profiles/cur/0/net.dinglisch.android.taskerm/primary.prof

Filesize
11KB

MD5
da2c5334699fa6016ba49c38c720a8a5

SHA1
5b617c042589476942ba34071ac64ca4bb49cb69

SHA256
0f4a6ee9886575dc39216c9ed28cb7bff859a2bf8b976aea6bf5efbbd45f4557

SHA512
3fc90cf7ba0a8a998f9f5fdfa77939cf7df4df14ffe7ecadcffa04aecc9d58890d2b617d756ed9f9cd113f59f47ffa9b4bf31287352e66cf5dfb926a5601d47a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads