General
-
Target
ready.apk
-
Size
8.5MB
-
Sample
240711-nswg5avcqj
-
MD5
46650feabbdb3df77e2d015bf603543e
-
SHA1
01bb98d975c587dd1f16123caa98e72eeb0407b4
-
SHA256
62da8865102bffa0ecd97ef4bd259b72f281af2674c7cc16db366e83f3627ab1
-
SHA512
daeb5972d430d45d2549b7b71701eaaed5a147fd797845347dffd07209200a6c408aadffb823903f815ae6ca5a66b420df8f11f0ad3b18ab696ade0111addd9c
-
SSDEEP
49152:TJ4AaOPb9QdkmqFVHWQRnNTHU/iLxbjWUS7MHTeLmznzdGG9QTOIZUBYqL0cgscs:PZ7NT0/iFi7MomznzByTu0tsh
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
ready.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
ready.apk
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral4
Sample
ready.apk
Resource
android-x86-arm-20240624-en
Malware Config
Extracted
spynote
instruments-av.gl.at.ply.gg:49528
Targets
-
-
Target
ready.apk
-
Size
8.5MB
-
MD5
46650feabbdb3df77e2d015bf603543e
-
SHA1
01bb98d975c587dd1f16123caa98e72eeb0407b4
-
SHA256
62da8865102bffa0ecd97ef4bd259b72f281af2674c7cc16db366e83f3627ab1
-
SHA512
daeb5972d430d45d2549b7b71701eaaed5a147fd797845347dffd07209200a6c408aadffb823903f815ae6ca5a66b420df8f11f0ad3b18ab696ade0111addd9c
-
SSDEEP
49152:TJ4AaOPb9QdkmqFVHWQRnNTHU/iLxbjWUS7MHTeLmznzdGG9QTOIZUBYqL0cgscs:PZ7NT0/iFi7MomznzByTu0tsh
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Foreground Persistence
1Hide Artifacts
1User Evasion
1Input Injection
1