7d69e0d82e74059115486fae5dd5ac6463c7fccd91dbbcaa9587117c7d201ddb

Analysis

max time kernel
6s
max time network
152s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
15-02-2025 18:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

77bd99fc14c25843d7ce183443119b5d7a1f524c00f5a9e2dcccc22f8dae6042.apk
Size

2.6MB
MD5

40981142bcde486676e5eea7bcdfadbb
SHA1

b61860a7ef0ec87174b92c59c6b68265a32619c4
SHA256

77bd99fc14c25843d7ce183443119b5d7a1f524c00f5a9e2dcccc22f8dae6042
SHA512

584e8dbd93b9d89c29d3b7180f524a1d3077cad2fc10542db15f8a604290f475ddd2ddcbabbf5a406f048d224bcadd00348abfcce39f9885a569ef6e2a9ec090
SSDEEP

49152:J/G52p3JiUhiZu/Rtzr52jvAOpPK4Nc5hFV3MM0b9kpYgs6V/Dce7q5px671:Rvp5piZmpCvBpPKr3r8MIWpYMV/6pS

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	Madsal.com

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	Madsal.com

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	Madsal.com

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	Madsal.com

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	Madsal.com

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	Madsal.com

Madsal.com
1⤵
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
PID:5156

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/Madsal.com/cache/~test.test

Filesize
4B

MD5
098f6bcd4621d373cade4e832627b4f6

SHA1
a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

SHA256
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08

SHA512
ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e7c13bd8327da2326772fafce60a6673

SHA1
179a395277bd68b3b5c869cffe94f386d8548085

SHA256
7e4f5d3f077d27808aa272b4cc5a45fd3a1eeffcc9476ddf233b18428bffd36c

SHA512
154c2bb66ee459dacfbcbc6e1422a6a745007b33072139fffda90b387b94b2a93995c76ea3baf99eaa1c175925b63678b87b55998bba2b7f45e1b386970ba9f6

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e1fa95b4968ce52a0f33f5ac1d837b24

SHA1
1cf734fd6e51a21296ea2828f04e961fa1a5f69d

SHA256
7f1d33adaf09d9ca69582ef46c59dddb3967acc1f5a934b3da4745f0a873025e

SHA512
4d429d9bffe85cca20b8adc8b0fbc6bcc18b46046e4a9c9dda287d8f653105f739f0c81981bcc075a34e4abdc469c6d2050daec14c3efa08a3b743dd874e1f39

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
4c57fc2f12e49a0b93e8e021be59edd0

SHA1
e4620d2a79b8c71c17f793babb0a55c85ea02204

SHA256
79855b58b7b3696564b67bec491321dde5ebabc51e3cf70d1f8baf90e8a6595a

SHA512
ecf72da1d7288e9e0344ffbc9f043f5d0ff1274f481e487486942d10d28e3ef3d2642124a9962fb8766e8bae72f4782bea8d6cddc8b54a93af4767f32e90eb24

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
11495c4fb734e3271ebca5d6c188cb5e

SHA1
4c555962d28b17eec4be31c5d70c3348a7dd6fd8

SHA256
f2e7c9da0ad67148d876fe922bc0e81f3c89757b6ee1df32c309904368cb98a4

SHA512
d953f9a3d3a1d03d020b559c225b056050340cd127e556ca4fa257a7b3412dbb28c790f336afb62fa5e4a9caa8ccd03155191d7d50e3480767653f9babe99a94

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c8b4aff4ce8670475e693f435b95b372

SHA1
c2fc61bda2037a95c36dfdd83c9db0f62aaef72b

SHA256
ded1f18c92860e7314f62f38ae27658e32daca986a26a04580c16dde28a169f3

SHA512
3ddd899ba1e681d8f6cbe556caa0097b5165f3992eb181f701ced65e3651aefdfff4cf63fc1c1b08afcfb02a3ed33fc9857c8f357b31b4139520df073f8cb199

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
e654ddc911e218ea966a1a939803bf5e

SHA1
4fd8a2f7a6b8412f3bcd482e6bf51324a8a5fad6

SHA256
b33f2be8a1ea030e23bded051e8dafdfc2d558bfced693f4a34c6973e2e5a662

SHA512
994c7ba9e12976e896d945ad0a08feb620135af9b0530e633e97d0bc2a1d6c385a0ab2fe54a8bac8c93a776f20033b01aab6f928e1cebf4347d51c6c0b1b4cd4

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8661cbd08170ac132347c7c1947cae1b

SHA1
cff44331b4ab895809381957bda07e948614641a

SHA256
f7b219c80375b727e40d6c0b8e3a47e8ce620b74125f5b4d8d6671377d3f5cdd

SHA512
566f6d3643c4f861503cb13a2b1fc93853932eaa2b9b8ec132483ea62d3b7895733bd6829545c0fe60c5bb2eca250914534268cab3e8ce7c49010d3e5123f669

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
e68c25b8a14465a87792c7f69c885302

SHA1
a6bc55553d605fced24ad96977c8c4d782f52904

SHA256
71c43bea7bfde7bf9e44c45e85456976e41027d40ce8b0818f32bd9397fffcd2

SHA512
0c9818c160eda5f1ef26aa660c21b420835fff1cfa5790b57c9d564fc9c832df693438e13d70557ec51c7d3cb19b03714e522ae6039c44a8ebedf53c1c791bff

Download Submit
/data/data/Madsal.com/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d480b4842112a827ed401d5dcd1cd768

SHA1
a17807a2b57b7a299c28bcff8d60e87493bade66

SHA256
ea0ead93f853f79fe4c77c0f00241aa1191468e4093e37b0538737fba8dc5a44

SHA512
a5387ea0d10b39b2a38df517d30465c53c2e4a40aa3d28f54067b5c8aa9b3f99e456742bb44f82c9f23fa550e05a81c615f6c92665d1c40a2f76739575bdd222

Download Submit
/data/data/Madsal.com/files/MrAventer25413652.txt

Filesize
21B

MD5
0c1e3840fbec04cddaaa9ede4033f2f2

SHA1
82b7f73ef5d71cfefc1645b528ed20a2aed07df2

SHA256
481a2a8e5761a29c6939f2bf541ca7f06c1c8d671612b5a7dad02bb889051df3

SHA512
bec4bf1b315544e5d9862d476ee3e85a89803fcdb471833cb4bf04f31bbf4276fa02aeb6f9da36ef4c68de824e676a506c46ca45fe72a834a1451382e0ebba5b

Download Submit
/data/data/Madsal.com/files/PersistedInstallation1584728080236093887tmp

Filesize
569B

MD5
e46deaeedb4c29c467b4273fa04a56a3

SHA1
fa437b1e94849dedfc87677e0a2423ba290649fd

SHA256
cb0acc2ac0e614a7eacb2985d04ba3257386001d280032f5054214eee7cf5f0d

SHA512
92a4491a85c42a6fdf03110d81ceef7e6be4de969a006928cefb83efc46743bf0d0829d0ef394309e32a54bc33426109ba57ceae19b17be124e56dfa7484c107

Download Submit
/data/data/Madsal.com/files/PersistedInstallation8243457574410524932tmp

Filesize
90B

MD5
380b0954b304f6f45964190e8504df9a

SHA1
130321d49e9a8c04ed1dcf356fa31ebf5106aad8

SHA256
8b82f81c319008d96156b1228ecebe9469b98f9445b07bcf4981a144487e310b

SHA512
2a6eea51401aa897b41c8bda4ccb86f3a59d676536d9468b20967fe0cfba31dea46f305b6384bb81e00d0c1f9e34adde9dd504106d63416220a0b32483706224

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads