82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56

Resubmissions

19/03/2025, 08:59

250319-kxp95aylt8 7

17/01/2025, 14:19

250117-rmv6ys1mgt 7

Analysis

max time kernel
20s
max time network
154s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
17/01/2025, 14:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CHILD PORN 🎥.apk
Size

1.5MB
MD5

db341aa03a42249d00ac7beb3ec7797e
SHA1

bbceb017d81e96f0b14ca341421e474ca5d0d149
SHA256

82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56
SHA512

e8287feed5ce9350f7ae14b1d907d94e79994a3dac95fc2747bbe14e453200147b27f3bb1a11b33a40d95b44b12840d6e2394c3e414096d6c6ca1c5b96489384
SSDEEP

24576:3tev5jNfk+TRWnkyJPGMzGDnIFsuhvpNUN9xotICGWLa4HF6xdo4v5rSc+PsKWM0:QjxTRWnkyJGVMmYBNA6mWLau6dCsLN

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.video.codec

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.video.codec

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.video.codec

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.video.codec

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.video.codec

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.video.codec

com.video.codec
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:4960

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.video.codec/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/storage/emulated/0/Android/media/com.whatsapp/WhatsApp/Media/WhatsApp Documents/Sent/.nomedia

Filesize
14B

MD5
729efa82e79f51e0e9a4884e4fe13661

SHA1
70b91de2a135714bf9451efd01a7b083b23da578

SHA256
207093a0991d13b1de8a9db3ae14a8e64469bff251106cb602576b51e59adc4a

SHA512
23a1100088da94a6c2f075747794f5934ec98dfd23d12167a4bc16daf5fa868fa524ac844cc2a32fe4fce8af6b5a97b5b0134024054e5ded4eca3df53ced3fcf

Download Submit
/storage/emulated/0/Android/media/com.whatsapp/WhatsApp/Media/WhatsApp Documents/Sent/CHILD PORN 🎥.apk

Filesize
1.5MB

MD5
db341aa03a42249d00ac7beb3ec7797e

SHA1
bbceb017d81e96f0b14ca341421e474ca5d0d149

SHA256
82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56

SHA512
e8287feed5ce9350f7ae14b1d907d94e79994a3dac95fc2747bbe14e453200147b27f3bb1a11b33a40d95b44b12840d6e2394c3e414096d6c6ca1c5b96489384

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads