df0730236595e7f7366a5925c13cbc03f2796d0bb1a9448a4508d2a229f63d9e

Analysis

max time kernel
87s
max time network
160s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
28/03/2025, 22:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

df0730236595e7f7366a5925c13cbc03f2796d0bb1a9448a4508d2a229f63d9e.apk
Size

2.2MB
MD5

ac915308fd837012e6e009f6bcedb966
SHA1

57ade9abc24d2094b0c01129bc7b9f8561261c94
SHA256

df0730236595e7f7366a5925c13cbc03f2796d0bb1a9448a4508d2a229f63d9e
SHA512

2440529d2ce92ede7c2c3b0fa924b649860e78d11a83768e4f22bdbca12f5ddc2e397f965443bce5c3ee70a0af38519fd88fbc80c90be27683d7a69749586795
SSDEEP

49152:O7VfbnnbbVbR/rTZ5LIxC0wcxDRCv7Ji9WtN89z9p8jV6aHw+FgBPd8:Oxfbnbb1lrTZ5LLcuvtiugk9wegdd8

Score

7^/10

collection credential_access impact

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.example.application

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.example.application

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.application

com.example.application
1⤵
- Obtains sensitive information copied to the device clipboard
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:4787

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
bf187b098913646d9bfd3a38543f2703

SHA1
5ecc1855baf34540b2018d68af3514456411b65d

SHA256
bcda2df7fd1d88c422f8d057e7e3bbbabfb9631927b4f5f8c7e0d6e4110c1a4d

SHA512
4be6cae8f5d939d03681ad1ef533d30d93d7da8e9b1773c2e4837d7adfe02d293a224067376c4fdd07d83b472cd1cbfec26f3816a2624a085778f97c8591622a

Download Submit
/data/misc/profiles/cur/0/com.example.application/primary.prof

Filesize
1KB

MD5
d966bfcc7ddd827139c16c3370a12def

SHA1
78b60147bd3567fe3c6e9ffae15671ccd465e8c3

SHA256
6fc227ef47250ada46ea8e28158503c936ddd89f2eb8e4a2aa44ac7cf994be66

SHA512
b5eab5577e7f6b5d5d489bf96a3a59ea8d6186c6d7e47c1a960a6085f8c1bde5e0119bc8afd96a348050e18bb05fd5ef2f774d95a33baaf986a58ebd3919c631

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads