Analysis
-
max time kernel
538681s -
max time network
166s -
platform
android_x64 -
resource
android-x64-20230831-en -
resource tags
androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system -
submitted
11-10-2023 11:13
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
ready.apk
Resource
android-x64-20230831-en
General
-
Target
ready.apk
-
Size
680KB
-
MD5
4079184334f96fa19bb904ab0b334707
-
SHA1
90781e6f3ff458db9e8f4ef3883f73251adba0d1
-
SHA256
8ccacda64d010d562dc9f121d4cfb7a6351cc7bf9f052949a888bac3d7a20140
-
SHA512
090eeeca220a763d989247e07da70b451e2ddefafd2e1d9e1558a391e425528d979161da5856be7416c24725cb0743cef2da204288913084ee7a7b71203553f3
-
SSDEEP
12288:Rwlbo9GgLRBWItYYyow7HCgI4Zf3n0dF5whzRs911hAsPlno6Rq21/g3Q750YZ:RwlfglBWItYYjwjCgI4p0dFV9DWGlnoY
Malware Config
Signatures
-
Makes use of the framework's Accessibility service. 3 IoCs
Processes:
cha2.gst.latindescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId cha2.gst.latin Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText cha2.gst.latin Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId cha2.gst.latin -
Processes:
cha2.gst.latinpid process 5032 cha2.gst.latin -
Acquires the wake lock. 1 IoCs
Processes:
cha2.gst.latindescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock cha2.gst.latin -
Removes a system notification. 1 IoCs
Processes:
cha2.gst.latindescription ioc process Framework service call android.app.INotificationManager.cancelNotificationWithTag cha2.gst.latin
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/storage/emulated/0/Config/sys/apps/log/log-2023-10-11.txtFilesize
12B
MD5a9256f55737b655c8cff95418411997c
SHA1d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24
SHA256bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412
SHA51210d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574
-
/storage/emulated/0/Config/sys/apps/log/log-2023-10-11.txtFilesize
12B
MD5a9256f55737b655c8cff95418411997c
SHA1d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24
SHA256bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412
SHA51210d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574
-
/storage/emulated/0/Config/sys/apps/log/log-2023-10-11.txtFilesize
12B
MD5a9256f55737b655c8cff95418411997c
SHA1d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24
SHA256bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412
SHA51210d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574
-
/storage/emulated/0/Config/sys/apps/log/log-2023-10-11.txtFilesize
24B
MD52b8d7b8040eeac850da29089d676474d
SHA1a9b9990809658c2c59a45f00827307c8e319f2e7
SHA2563a58158381a9621646342db5553ca01fdd0d9b7e1475c47469aa85658eca9e8c
SHA51294cf560ecff1c6328fb64e5ec394a689424131712c6bbe0dcdf5793f97b850e808cea4d41edf4c7b8bc95e51e5f4fed56a7acec1e2f98b59e8428d2d253c8724
-
/storage/emulated/0/Config/sys/apps/log/log-2023-10-11.txtFilesize
279B
MD5e4cbf762c041daf9cf6800d912c7f9e4
SHA19ebdd132e6f818f1590c154d23ff9d2c082ecaa8
SHA256da184553cebe458fe5bfa01a9f2da0f0bf0555d665a5a1330ccd96424e263bd5
SHA5125bd9bde49af8b33cdcd14f2984c37d40a050e3d703d3c8220e3e940a03c1d3aa6748e2f2b89a80f4dda6813a7d2c8ddfa5788232684b98b578f4c6462ae28861