34564a8fade48beddd6cc463206ac90f694466d2961350e757258c3510352f54

Analysis

max time kernel
851545s
max time network
165s
platform
android_x64
resource
android-x64-20230831-en
resource tags

androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
submitted
12-10-2023 09:04

Target

ready.apk
Size

30.0MB
MD5

f53bec3f80b63697772a831fb2b96500
SHA1

81ec1a73d0d6b3afd7e0ca6d6de6c3d91ed54cd6
SHA256

34564a8fade48beddd6cc463206ac90f694466d2961350e757258c3510352f54
SHA512

d9735ab1158e1d082c47e9c5a51f9e17c095e4ae2dfecb2e779b6c835b3db050a79aa242cd35d388b903c74ebeb0b1943211e0a5d5b79cbf33c6d486c20c3400
SSDEEP

12288:lwyMV4cXdBbyz8Y/6HBCW1Zo7HKQsBa5DZsjgE6usT3cgtN0FMY6Rq21Qg2RtWDv:lw/NlyzvW1hak8HT3SFMYGN1vrb

Score

8^/10

Makes use of the framework's Accessibility service. 2 IoCs

Processes:

com.publishing.either

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	com.publishing.either
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	com.publishing.either

Removes its main activity from the application launcher 1 IoCs
stealth trojan

Processes:

com.publishing.either

pid process

5045 com.publishing.either
Acquires the wake lock. 1 IoCs

Processes:

com.publishing.either

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.publishing.either
Removes a system notification. 1 IoCs
evasion

Processes:

com.publishing.either

description ioc process

Framework service call android.app.INotificationManager.cancelNotificationWithTag com.publishing.either

pid	process
5045	com.publishing.either

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.publishing.either

description	ioc	process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.publishing.either

/storage/emulated/0/Config/sys/apps/log/log-2023-10-15.txt

Filesize
267B

MD5
32b5f8730ba5f50d79f3121424697e69

SHA1
8b99a68d4765ba48c809b54c9c90aeed34bc8a44

SHA256
8f8e478313820efca5a61280c0631771914b1b27390b0879f76c92a1e2ff8d78

SHA512
d9c2ae7cfe6b4a11e93c404b9c526077c2c4f1aca1df9f66a4d7afdb2c4fc69f6ce178ba05fa138942e4d48cb14fb36b653900883bce6980041c2ab763db4f32

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-10-15.txt

Filesize
28B

MD5
b526759c1c5f32d1e480f73d98684568

SHA1
205b4553d10be5cabdfca65e5461d427b656546d

SHA256
891362c5fb40d06ac17d0df709f7ddd1984669e7a4a0528b5ad2fdab483a30d4

SHA512
63187d02028571c51ade3468a429a987b5d3d5b811b4b5a8bc82a82af8fa8160eadc973398cf4a5e27dec925e288f8528a4e795119a49b532cd60f265b777c07

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-10-15.txt

Filesize
16B

MD5
57cf86ab942a8b504e68b792c8568afc

SHA1
9975bdbe23191ae4c79d78e485c6ef2cfe8f4695

SHA256
75f3addc48ea11321a9f790e09e8a50cc87949e193c63f6a75b4aaea980aea3a

SHA512
7ca196472d80a59cab62d9614a42e64a943cd7f68c94fa0e18bc21120cab5104c8e41277e04440c30527b5ca003e559bf07063af1dfbfe19fe02b53b27b87acc

Download Submit