82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56

Resubmissions

19/03/2025, 08:59

250319-kxp95aylt8 7

17/01/2025, 14:19

250117-rmv6ys1mgt 7

Analysis

max time kernel
28s
max time network
151s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
19/03/2025, 08:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CHILD PORN 🎥.apk
Size

1.5MB
MD5

db341aa03a42249d00ac7beb3ec7797e
SHA1

bbceb017d81e96f0b14ca341421e474ca5d0d149
SHA256

82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56
SHA512

e8287feed5ce9350f7ae14b1d907d94e79994a3dac95fc2747bbe14e453200147b27f3bb1a11b33a40d95b44b12840d6e2394c3e414096d6c6ca1c5b96489384
SSDEEP

24576:3tev5jNfk+TRWnkyJPGMzGDnIFsuhvpNUN9xotICGWLa4HF6xdo4v5rSc+PsKWM0:QjxTRWnkyJGVMmYBNA6mWLau6dCsLN

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.video.codec

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.video.codec

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.video.codec

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.video.codec

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.video.codec

com.video.codec
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5160

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Android/media/com.whatsapp/WhatsApp/Media/WhatsApp Documents/Sent/.nomedia

Filesize
14B

MD5
729efa82e79f51e0e9a4884e4fe13661

SHA1
70b91de2a135714bf9451efd01a7b083b23da578

SHA256
207093a0991d13b1de8a9db3ae14a8e64469bff251106cb602576b51e59adc4a

SHA512
23a1100088da94a6c2f075747794f5934ec98dfd23d12167a4bc16daf5fa868fa524ac844cc2a32fe4fce8af6b5a97b5b0134024054e5ded4eca3df53ced3fcf

Download Submit
/storage/emulated/0/Android/media/com.whatsapp/WhatsApp/Media/WhatsApp Documents/Sent/CHILD PORN 🎥.apk

Filesize
1.5MB

MD5
db341aa03a42249d00ac7beb3ec7797e

SHA1
bbceb017d81e96f0b14ca341421e474ca5d0d149

SHA256
82d8147f37e7dc59e565b84a57f5d1d88c8e204317a35e736e2db49379d20c56

SHA512
e8287feed5ce9350f7ae14b1d907d94e79994a3dac95fc2747bbe14e453200147b27f3bb1a11b33a40d95b44b12840d6e2394c3e414096d6c6ca1c5b96489384

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads