d244984f3db507c88731aa6b953fa56a72e832e1ccc0c715d12e4374e63ba2b7

Analysis

max time kernel
147s
max time network
161s
platform
android-10_x64
resource
android-x64-20240910-en
resource tags

arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
submitted
28/03/2025, 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d244984f3db507c88731aa6b953fa56a72e832e1ccc0c715d12e4374e63ba2b7.apk
Size

2.1MB
MD5

95564f880a4dc204efa01fb847ef5098
SHA1

0cb00494f1b1e2fbc7123b0e0ccdc10d96bfb302
SHA256

d244984f3db507c88731aa6b953fa56a72e832e1ccc0c715d12e4374e63ba2b7
SHA512

79a5254aba019d2e45e69b44dae60f3f4d39ccf104a47eaa1946910f8a1708b3b9f242e0638f53fd4eba1542518dd41356a96d0c6baa57dfdb6371e139bc266a
SSDEEP

49152:2Q8QajoyIakKl9pPwcxDRCv7Ji9WtN8dVfbnnbbVbR/rTZ5LIGdG:2Q8Y4lgcuvtiuUfbnbb1lrTZ5LtdG

Score

7^/10

collection credential_access discovery impact persistence

Malware Config

Signatures

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.example.application

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.example.application

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.example.application

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.example.application

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.example.application

com.example.application
1⤵
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Uses Crypto APIs (Might try to encrypt user data)
- Checks memory information
PID:5158

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.example.application/files/profileInstalled

Filesize
24B

MD5
63bdb3ba2cea872225b452e85d88848b

SHA1
fba9a62eef56300f44994e1f89281b80bff2d831

SHA256
1c586a47bfabd039895276ceca63bf41509d018e7abe5a22b799ec5a7b4f1a90

SHA512
ae44086ba7da0bd3bb110c6042d021c6d17e1775289b66512996818eda1df0073e6f01353dc6873e876bc6a1b64eb3f702fba1ee7e1b363c09cd62fb1915dc30

Download Submit
/data/data/com.example.application/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

Filesize
8B

MD5
6b92a2ceb16e98cd8376fbdb2c100851

SHA1
803ad5fa534b3639f31edac9c9d22e6f16ca0e7e

SHA256
efcd934bf0a98154e661d10236c9cc9f8be28af3447aab51104aadcd3d30f762

SHA512
bcb47839f9bb75bee8fb4003f54f14f9b8431a1dbace2ab2399fb8a37ab54ab855e3fd5535c58b4fe9ffa670375112ab7ff76362c79c374813de8b2e8a543b9b

Download Submit
/data/misc/profiles/cur/0/com.example.application/primary.prof

Filesize
1KB

MD5
90afee09722a443d63e4c9c5c66b2fab

SHA1
39a8d0e9b5f830505e49919001419df9b9adcdcd

SHA256
68a65424560d8f64d38a083e4213f59420b6ec54b194cadd840c5de453efeaba

SHA512
9d09f63ab6ab67ec3c643d66c5422a8e7aeda5b7cd8fe18dea24749f21128e251c311b60ef975f61490cd2456357e127b2d4796954d7c7425a01cc2f4593804b

Download Submit
/data/misc/profiles/cur/0/com.example.application/primary.prof

Filesize
3KB

MD5
a75f1be85bbd726d79eb637cd963a970

SHA1
ba1dd7c8a72a8fd5aa57e30f876f41a875064db8

SHA256
5b631fe9a6e2716b17871d0392a2f3e03bbc3448c6e9627ead3639b76f768bb9

SHA512
966d905dd7cfd979621cf1b18e3dd44ea5d125b4543b0ce79b1e22f27e03e1a8fba12f4d07825d29d544a5070c6dc6a400731425bf36137515b7e27ba16d2cb3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads