Analysis
-
max time kernel
46s -
max time network
163s -
platform
android-10_x64 -
resource
android-x64-20240910-en -
resource tags
arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system -
submitted
28/03/2025, 22:03
Static task
static1
Behavioral task
behavioral1
Sample
16b95094844c9ac015ce84f248f7b6035576f58a0954d8f95c9e97143bf90f84.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
16b95094844c9ac015ce84f248f7b6035576f58a0954d8f95c9e97143bf90f84.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
16b95094844c9ac015ce84f248f7b6035576f58a0954d8f95c9e97143bf90f84.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
16b95094844c9ac015ce84f248f7b6035576f58a0954d8f95c9e97143bf90f84.apk
-
Size
2.2MB
-
MD5
aa4d8fb468e45229d83a26dc1d4c8703
-
SHA1
d9004f2cd953f28e68b847858dd04eb351cd4f51
-
SHA256
16b95094844c9ac015ce84f248f7b6035576f58a0954d8f95c9e97143bf90f84
-
SHA512
1979106bd7aea593d4c7b5d7234a87e81531d45db242e4cd661abea9d625c419a147a1f316b6241a8e4c65dcec17c64d401e463558b2f9b6313240f8c0850b72
-
SSDEEP
49152:NKVfbnnbbVbR/rTZ5LI6ONwcxDRCv7Ji9WtN89z9pf/Y8HejFdP:NWfbnbb1lrTZ5Lqacuvtiug/YvjFdP
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener com.example.application -
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
description ioc Process Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone com.example.application -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.example.application -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal com.example.application -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo com.example.application
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD5558a351d332dba8ac7156683c77bf974
SHA1731fe5bcd876dc10725bb30f90f72c93dd82de2f
SHA2567130900cf7b66dba1220639370d520898128550272f68a4e81cd406ed22b78d3
SHA5122ae00f84800d667058556e70e52d58ead32c5669f71293b2f25005414818c09a0621f1c259782b8ba456100960efa19cedb6fccb9b32a0acedd0ffc42a8790e8
-
Filesize
8B
MD546402f2df107beacd27a3c3e3b44d5db
SHA1c17fadc9b150d2b912978b64b104ea89fec5a763
SHA25690df901f50bfb70a79c8ba5baa137474c9134a980e90600780fdf1e665243c0a
SHA512d56d5050a0796e1803cc92a53350adf4ca506d11550c9202b8d33a1829af9979a4d49f9876952f2d2dab8babddd100e56f6364ff3e51a1cf8ef85558c5386ee9
-
Filesize
1KB
MD51bc8aa036ac98e088b9d047135b84240
SHA112fb95a97ba6d52231ed33de4dd48c24c6d4f7a2
SHA256a502eeeebfc5a83b83b7804338a9dc9f0a3901f01858eb01ce2abdae5102249e
SHA512d0ffcf2330a474ece0610b570fa818ab3ec7723cc7fc4f9c4144c309dede3888107000e5f31127da961b1e8d8a69b0c084b95cd4cfda11a653bb282819f4a40e
-
Filesize
3KB
MD5cb9a5bb810a85c3a00500c3daa5d4299
SHA176761fc20afc071ec7875af4ccfca53a341570d4
SHA256754a37f9790dfccd920705a587e011691673865db61f67742c7213d557b0a033
SHA51299d80e2a50cc78e6ede3d73c9a9c2af23971ca6bc2fa5b82fd7dfb3680880cc6f6cecc9a4a203f3bd62126d1936bbbaa1acf5eb7f6f6f32db395ec95253b77eb