Overview

overview

10

Static

static

10

ready-2.apk

android-9-x86

8

ready-2.apk

android-10-x64

8

ready-2.apk

android-11-x64

8

Analysis

  • max time kernel
    621279s
  • max time network
    158s
  • platform
    android_x86
  • resource
    android-x86-arm-20231023-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231023-enlocale:en-usos:android-9-x86system
  • submitted
    01-12-2023 10:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ready-2.apk

  • Size

    2.7MB

  • MD5

    6dde5d8fa11308ceef69e4fb2a2309ae

  • SHA1

    da48756f5b41c954e9532e4a8c99091b65ac83fc

  • SHA256

    f2acb6740791e15b8086de7c0bb6ee90f2e00bab5bed6dc82b81684b40b83deb

  • SHA512

    371843d98087e938745b3ea9a50bd21b590c3737c98d55c17315e96bf16140a4bad487426b30154cf5b8a5539525517366b929fe9fd24f4574ed40f5849f9c60

  • SSDEEP

    49152:ebF1MIp8lMlTRaJdSIjAfZOb29BKN9dALbQ7R4ChN/3IKadGGD4aIzkq8Deix9n:ebF7p86lNauU6ZOb290GLbdChVGD4aIM

Score
8/10
discoveryevasion

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
    evasion
  • Removes a system notification. 1 IoCs
    evasion

Processes

  • heel.hamburg.garbage
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Removes a system notification.
    PID:4279
  • heel.hamburg.garbage:remote
    1⤵
      PID:4446

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
      Filesize

      21B

      MD5

      506a7cef3439687f2492547ae9796d21

      SHA1

      92efec9c6046e13eba06c1f3e04307df74252c38

      SHA256

      56e86e5c9709e621f73c7edc225f8ad49b80ef8e6043f1b9da672824bb07de6f

      SHA512

      4a2458ee608c4f4aaeb1e2f05188ffc8c9be470962e5e072dff596bfb2d8c2011115aca8af0e64e2e9ae56d056b814d856374504d283aaf6b8a9506cfc818d6b

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
      Filesize

      57B

      MD5

      a9ec0c42a43c72d73c499e5c17ccbb8b

      SHA1

      731652fbfe61eac3fdb4b9d3e2eaa010848a0906

      SHA256

      6c5309ce3f31c9af3288b0de3305b7f5ddee97be60ca4ac1184f3c334480c05b

      SHA512

      5f8ed24a51f68cfa0627aceb9190d3a7febaee61bd5a89898ab113ddaa7ce2a41f129a28c4e200d5e5e4ddff7a483abc0393dc38e870782caf1c46d2ec0df2e3

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
      Filesize

      21B

      MD5

      544c05cc3a9c078e78461aefaee235d6

      SHA1

      decb925c99afd185d8f28e251b48f121a2766163

      SHA256

      1aecbd0b366377ea3f52377762e4683938b011f31398b31ca0325e20133189fd

      SHA512

      ad869ed7967d93c0d5bc313d5f7079af5fc2e167e1e17d6a840d11c53a7fc54458e54a82cb3943cb1de3c5ead4d6b1be4645baee80a7e1d8d72def909977facb

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
      Filesize

      33B

      MD5

      6b94bea08ec89adfe4d3881d4a0f5219

      SHA1

      14e92ba374ec92e9955bd8d30ab52a66f9da2e98

      SHA256

      b860abf383a68809b1da0742522251936f569a317c82052747f83c6ea0cd62c9

      SHA512

      fa33b75c4e7fadad785fe2db27dcead6ac050ad0500ec651d3deff00cffc800af7ece3e72f93d066538587a7df398f833dde8f964f5273fd6a71f79933e80568

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
      Filesize

      276B

      MD5

      b846e76832a601f2d99807b417b46ac3

      SHA1

      c445b2d898fb38bda2fb0e4e5703aa623e2ac97a

      SHA256

      6df7788b253a5a7d51642c45313fe612830f8a83f53878739c73ba5eea667533

      SHA512

      c508bc183dd1288fd228bb03d19079ef2fdf1db23ecafbaf0a5a0de30370865f84426b492ebb258dd7dba1f876e35161a73e3cb662ad11bf08d51f5d884f2564

      Download Submit