eef734dac634e7f5b69f1ab4bda8b7526fab7149900f36518beaec97e067a61e

Analysis

max time kernel
146s
max time network
159s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
27/03/2025, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eef734dac634e7f5b69f1ab4bda8b7526fab7149900f36518beaec97e067a61e.apk
Size

2.3MB
MD5

e9d7d5b922108818a39b97499f8ff279
SHA1

da8119e038c4c7625204fc926496f5986407512d
SHA256

eef734dac634e7f5b69f1ab4bda8b7526fab7149900f36518beaec97e067a61e
SHA512

f6ffdfa4d9214decfcec0059518479e63326526b095cfd828ccab48346232c9b465c8d50fc28ffc2fcbd30bbc18de0da6597834dd71014b01beb3421acada320
SSDEEP

49152:2WDRvFm7nFl4Uk2agh1Y+ijuzdK3fC6/YdW4g1Z31RN:5DRdUFIgh16izdKq6/vZ31RN

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.google.samples.apps.nowinandroid

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.google.samples.apps.nowinandroid

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.google.samples.apps.nowinandroid

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.google.samples.apps.nowinandroid

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.google.samples.apps.nowinandroid

com.google.samples.apps.nowinandroid
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks CPU information
- Checks memory information
PID:5111

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.google.samples.apps.nowinandroid/files/profileInstalled

Filesize
24B

MD5
4aae1473c66e9b529b479b2dd90ca278

SHA1
1e118dfa9f8cb97d9cf30c72c6ee5394bdb5adc6

SHA256
32b8f3fdf44b34c70e006f5310d4170ed45dbc5d94aded7adca1e91dacd37478

SHA512
a462816ac68e42c1509768189655c78628c40d47381427b88e7dfb4aa4177e94638bf8a2c6673459099e9b90c6c1398fcee1cfcb5bae3596723b0b4da5de4673

Download Submit
/data/data/com.google.samples.apps.nowinandroid/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
335aabfd052853cdfdcd0ad22229657f

SHA1
f00cc971fcfd8105e253ec22e3e3b9e9b4a4a6b5

SHA256
19ebe9f9f79d6621b402f56d4a5dcba2e52f1da76129f4319266533845765ba9

SHA512
a9221b97069e010d5bbf2fcc5e7f46ba163632ca70fe8bc39176c53aed3f08f7df915ddd36c2255995510cf7b05da0b9f8297deae88e8ce05acdc32df00a52b2

Download Submit
/data/misc/profiles/cur/0/com.google.samples.apps.nowinandroid/primary.prof

Filesize
1KB

MD5
6b6c1663ef3516b9880b84f91fb32e1e

SHA1
42de77d1e883cf35b2b00c3e99e17d0750fd1e3c

SHA256
877bd3fc96d3c3096c5e070ccea8a7b99219a1f030fa1e88e9addcb87effe49d

SHA512
53584b28ac5f20c19bac83757ebddaef2c6c2880d623aa99fe9a412ded099815cf5864cc52fc88e7ad4b5df6788dabd1be7cfcccd0650878765e726620a62773

Download Submit
/data/misc/profiles/cur/0/com.google.samples.apps.nowinandroid/primary.prof

Filesize
2KB

MD5
6dc760fcacddff49b578b67295552767

SHA1
5ce278a11ed2b8cd220deaf81b2b1f8a8266b5e9

SHA256
3a906aa672abe71c49e757535e83c3c2069da6203bdb626deece0721a3fa667e

SHA512
2c77ac218890585c4a6aa7c0a6a8866e14700bece2cfb6dbc58cc908d6912739402d39ffaa5572f0b0bb345ef0e69c6e2bf8b83d6516d9bfcbcf29b045f3cdc9

Download Submit
/data/misc/profiles/cur/0/com.google.samples.apps.nowinandroid/primary.prof

Filesize
2KB

MD5
263289635dac1f02e0980ca20ffaf6ec

SHA1
468d5fb94e8dc20eca723b3aec8ade02b518d043

SHA256
2d7e8f0f1d2cb05bba9250a72e5dde5d60e91a882b250ad9a289486d2dba16d1

SHA512
63ac68027f2ac36c6dec5c2b73961f85631d0464db664f1c25584c0eb1415b2c858e95b254d166cc6f24f5697f5b974cb33e57c2941d406f3db4e0c918d1cd5a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads