ce99d7fbdef651bb9437b967b032c30f03b2cc8bec55064b674bbce9afe57448

Analysis

max time kernel
19s
max time network
153s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
17/02/2025, 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Tasker.apk
Size

13.2MB
MD5

b1961e4398eea1d82b1fb47f0fc0add3
SHA1

79714435027ebac5732b836045ee95c2f7100504
SHA256

d882b7df6418f1e7e80ac8bb70c2456f10360d1533bd34dc795dd6fee19196e3
SHA512

5a44f0337f939f6a01de3bd7e40f7ac608c4b2c1b703ec3594b128fc8cde78f4f902973fa364be8311c4101a41b73ae4d1659443e99060924dfdbddf579e1a18
SSDEEP

196608:+xzhvwTQLxeffSTHbdNTluzn2DmZke8GBAWTAjXuOd:+x9vwTQVQuVuz2qJ8Pwob

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	net.dinglisch.android.taskerm

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	net.dinglisch.android.taskerm

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	net.dinglisch.android.taskerm

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	net.dinglisch.android.taskerm

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	net.dinglisch.android.taskerm

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	net.dinglisch.android.taskerm

net.dinglisch.android.taskerm
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks CPU information
- Checks memory information
PID:5239