f2acb6740791e15b8086de7c0bb6ee90f2e00bab5bed6dc82b81684b40b83deb

Analysis

max time kernel
621292s
max time network
162s
platform
android_x64
resource
android-x64-arm64-20231023-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231023-enlocale:en-usos:android-11-x64system
submitted
01-12-2023 10:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ready-2.apk
Size

2.7MB
MD5

6dde5d8fa11308ceef69e4fb2a2309ae
SHA1

da48756f5b41c954e9532e4a8c99091b65ac83fc
SHA256

f2acb6740791e15b8086de7c0bb6ee90f2e00bab5bed6dc82b81684b40b83deb
SHA512

371843d98087e938745b3ea9a50bd21b590c3737c98d55c17315e96bf16140a4bad487426b30154cf5b8a5539525517366b929fe9fd24f4574ed40f5849f9c60
SSDEEP

49152:ebF1MIp8lMlTRaJdSIjAfZOb29BKN9dALbQ7R4ChN/3IKadGGD4aIzkq8Deix9n:ebF7p86lNauU6ZOb290GLbdChVGD4aIM

Score

8^/10

evasion

Malware Config

Signatures

Makes use of the framework's Accessibility service. 2 IoCs

Processes:

heel.hamburg.garbage

description	ioc	process
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId	heel.hamburg.garbage
Framework service call	android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId	heel.hamburg.garbage

Acquires the wake lock. 1 IoCs

Processes:

heel.hamburg.garbage

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock heel.hamburg.garbage
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
evasion

Processes:

heel.hamburg.garbage

description ioc process

Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS heel.hamburg.garbage
Removes a system notification. 1 IoCs
evasion

Processes:

heel.hamburg.garbage

description ioc process

Framework service call android.app.INotificationManager.cancelNotificationWithTag heel.hamburg.garbage

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	heel.hamburg.garbage

description	ioc	process
Intent action	android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	heel.hamburg.garbage

description	ioc	process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	heel.hamburg.garbage

heel.hamburg.garbage
1⤵
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
- Removes a system notification.
PID:4418

heel.hamburg.garbage:remote
1⤵
PID:4696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
Filesize
21B

MD5
506a7cef3439687f2492547ae9796d21

SHA1
92efec9c6046e13eba06c1f3e04307df74252c38

SHA256
56e86e5c9709e621f73c7edc225f8ad49b80ef8e6043f1b9da672824bb07de6f

SHA512
4a2458ee608c4f4aaeb1e2f05188ffc8c9be470962e5e072dff596bfb2d8c2011115aca8af0e64e2e9ae56d056b814d856374504d283aaf6b8a9506cfc818d6b

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
Filesize
21B

MD5
544c05cc3a9c078e78461aefaee235d6

SHA1
decb925c99afd185d8f28e251b48f121a2766163

SHA256
1aecbd0b366377ea3f52377762e4683938b011f31398b31ca0325e20133189fd

SHA512
ad869ed7967d93c0d5bc313d5f7079af5fc2e167e1e17d6a840d11c53a7fc54458e54a82cb3943cb1de3c5ead4d6b1be4645baee80a7e1d8d72def909977facb

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
Filesize
21B

MD5
544c05cc3a9c078e78461aefaee235d6

SHA1
decb925c99afd185d8f28e251b48f121a2766163

SHA256
1aecbd0b366377ea3f52377762e4683938b011f31398b31ca0325e20133189fd

SHA512
ad869ed7967d93c0d5bc313d5f7079af5fc2e167e1e17d6a840d11c53a7fc54458e54a82cb3943cb1de3c5ead4d6b1be4645baee80a7e1d8d72def909977facb

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
Filesize
33B

MD5
cccac2c2a5ccbbc19de1e65f4a713fde

SHA1
8f81bdc29817ff1359ce9cf1f86a6e5ca6bd4839

SHA256
b0a40190c703a9589642e774b871e2c82ccc0d47351d225d3cd39073b0ad4570

SHA512
1356bc74b373ea3bd39fe7220019d85734ebcf632f30dfce7af89c80c744a1567ef2ec50d3476394665d302aa5ddee7debdbdef66ff5bc5b66ed7db3d6fc39d3

Download Submit
/storage/emulated/0/Config/sys/apps/log/log-2023-12-01.txt
Filesize
276B

MD5
eb0196d9f46503ae71b20932c5b8c17c

SHA1
c12c404996474a1eb325d5658b09c03e88d5ecdf

SHA256
a82f4451a9844bde3fe5f8fd59384689d422817a00a635d8d3de2a1375275def

SHA512
eefcc609e91376dd00420173a89d8c4118e9387ce37320ad51c8b7f23125c3dead6f9ede87a93f1ad5687068a222cf80d0aaa4894245b8b65629a39c6b3428c0

Download Submit