Resubmissions
22-07-2024 14:50
240722-r7ygtatfpn 10Analysis
-
max time kernel
48s -
max time network
58s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system -
submitted
22-07-2024 14:50
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
ready.apk
-
Size
1.9MB
-
MD5
4a357aa1ee674cbeb5619ab9d3e3c938
-
SHA1
45603708316102700c69aeb02780105ee12c3781
-
SHA256
09267c538ff13a1281b7689bd9db08467f977ce658231728271582eabf676123
-
SHA512
f38da31e0fc968b8f73a171df2d90db4c9568494e69e316b15a4abea98af00dba1020cae8fd8f8b22247a75bedec97a8deab53bfbbc724f6b69b2e99cb1e5ab3
-
SSDEEP
12288:njY3iZr6XI0bCefFFYTFHzLIV6/f6gBAJpUdjxoxZ0/nR8:nlr6Y3kFYTBLIV6/f6gBAJpFx22
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
examinations.thanksgiving.riddescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId examinations.thanksgiving.rid Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId examinations.thanksgiving.rid -
Acquires the wake lock 1 IoCs
Processes:
examinations.thanksgiving.riddescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock examinations.thanksgiving.rid -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
examinations.thanksgiving.riddescription ioc process Framework service call android.app.IActivityManager.setServiceForeground examinations.thanksgiving.rid -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
Processes:
examinations.thanksgiving.riddescription ioc process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS examinations.thanksgiving.rid
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
25B
MD5a9148d406d2aa27774f728eac988cdd3
SHA168c1e93debcda4b97e06720a3b93a434e0f0c4e5
SHA256bd8740f21d0f44f343afebfd133a234fa5210d5f4f79f2d826980a4a1bf07a38
SHA512f6f089bbf90a16061e1af9dc677451ce729fcc908218f60977862beb3f370ff69948eace2a4c995a0d65a96efc5263da307d77f514ec3a16f02133d7d9cc2215
-
Filesize
256B
MD50a7da9fcef3403006b99f3d2594eb87d
SHA179650b591371a4ed2d9f8921269e4f348ef3d458
SHA2562e7c750b58e9095dbc1cac4b47472e29ffed57d9c13d845f56bebcb05198ea11
SHA5122c68a150c7e25ec875f5b3921f93637475aa10858eb03c5206a62883694217d93e124f8aebcd5a29d1820ff86c8b86c2311ec45ec1903a73b15cc48a534f875c