7c1682ac90c1da712af1959f84079facb5d14d05a9d1a92a51cfab1e93f94943

Analysis

max time kernel
94s
max time network
150s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
27/03/2025, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c1682ac90c1da712af1959f84079facb5d14d05a9d1a92a51cfab1e93f94943.apk
Size

2.3MB
MD5

84d8e020aee56146ff98ae92b62f6326
SHA1

cf17ff64e93e60d44c149ba955365849e132e105
SHA256

7c1682ac90c1da712af1959f84079facb5d14d05a9d1a92a51cfab1e93f94943
SHA512

e69ae4eedd31a0265ccb68ab22ae25ec63c6b2e5be827bd2d92cef8c669a94f997799ce16d2ce1ea5b92c31316998274a7585264c170ad76b63a8357253b1acb
SSDEEP

49152:4G7Rwo07MVXEjds/E3infX50Tanuzdu3fC6/YdW4g1Z31Rj:dc7uXEJEESnf+T/zduq6/vZ31Rj

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.google.samples.apps.nowinandroid

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.google.samples.apps.nowinandroid

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.google.samples.apps.nowinandroid

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.google.samples.apps.nowinandroid

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.google.samples.apps.nowinandroid

com.google.samples.apps.nowinandroid
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5071

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.google.samples.apps.nowinandroid/files/profileInstalled

Filesize
24B

MD5
4d30c94a43d66871adc7f63a5a1f3daa

SHA1
482d428b2ed25ec7aa1dafba973ceac5fc06a54b

SHA256
6cb083ac674110715ab06110f806075693dbc9a6af522909038ce5857a48cc9b

SHA512
1d25f7384ab2411539f8094a1b787150b0f73ed4a346a24f036151b4a55300f8873ab3130be1ddb26f0ba75bdeb386c81fe2cfdd701b8907c5214a5ddb2f5de6

Download Submit
/data/data/com.google.samples.apps.nowinandroid/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
cd8dad63505f39619a92fbd4447168f6

SHA1
f193cdda3962519e68e0c21b9a058f8f57214192

SHA256
83f0ff5e58954f5b17fff6da5c1528a699792b7f12310271deb8b52bac370d7d

SHA512
42e3712158091368e5100a3ffdf3f837b8e2a55122f457ac242da3300677ba5d77503e19ac70c2afea24a262a9155cb85715dd5dffad0d026677787611bf64a0

Download Submit
/data/misc/profiles/cur/0/com.google.samples.apps.nowinandroid/primary.prof

Filesize
1KB

MD5
b195e246d489e606b50789ccc9c05279

SHA1
b27903216d362d89a3d76ff6cc00166107c21d94

SHA256
9f8d1deec3912a2a65a50747fde2b691f18cfbe97e08b2d5822f806afa6c6235

SHA512
be6a63d40c225fa103f7b10dc830fe5006c56afabf02cd248a2890b99f52b5b07aa30430826f357744d9815b5da0a70eb798f525fa267b59d0455f0549d09aa1

Download Submit
/data/misc/profiles/cur/0/com.google.samples.apps.nowinandroid/primary.prof

Filesize
2KB

MD5
7c58963357eb152693367e7cbb515fff

SHA1
fec4f7a0f1dd46a1a09283cedd8132304efa7dbc

SHA256
ac5684918095034b771b68935cb115891ffacec3a7f6b5f6c3bd817c904bdcbc

SHA512
18d0c09ebf8ef7d7a0a76b85087a578e01d3df35d37a884929989b6435bd48d59723f464f40fdb32bde1a54d92517524e12d15cfa29ad4f26b901d4c334b5636

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads