Analysis
-
max time kernel
42s -
max time network
59s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system -
submitted
22-07-2024 14:56
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
ready.apk
-
Size
1.9MB
-
MD5
0194ee91dea3b5e7a0a5842b2ef0210a
-
SHA1
86a1e120197e665e988ec0ce07c3dc9dab1ad9e3
-
SHA256
3424dc83a016ea7ba8ffbc923f13ffd1ebd51164a0234a55ce73aaf82a494477
-
SHA512
6f363d28805190d7a4a0fd8280544fc4eaeb2f07ae444a117ee739eeffc5449479ed49b82fc25154f55feff328461312d954d37e571a84dcb12c5fc470ece230
-
SSDEEP
12288:Q6uTiPYLpV7IRlceg3o+HmBqqLDI+y++SitCDhelor+nRZ:WiPIRIRvX8fqLe++SvelvRZ
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
Processes:
evident.attending.spokedescription ioc process Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId evident.attending.spoke Framework service call android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId evident.attending.spoke -
Acquires the wake lock 1 IoCs
Processes:
evident.attending.spokedescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock evident.attending.spoke -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
Processes:
evident.attending.spokedescription ioc process Framework service call android.app.IActivityManager.setServiceForeground evident.attending.spoke -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
Processes:
evident.attending.spokedescription ioc process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS evident.attending.spoke
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
25B
MD5a9148d406d2aa27774f728eac988cdd3
SHA168c1e93debcda4b97e06720a3b93a434e0f0c4e5
SHA256bd8740f21d0f44f343afebfd133a234fa5210d5f4f79f2d826980a4a1bf07a38
SHA512f6f089bbf90a16061e1af9dc677451ce729fcc908218f60977862beb3f370ff69948eace2a4c995a0d65a96efc5263da307d77f514ec3a16f02133d7d9cc2215
-
Filesize
256B
MD50a7da9fcef3403006b99f3d2594eb87d
SHA179650b591371a4ed2d9f8921269e4f348ef3d458
SHA2562e7c750b58e9095dbc1cac4b47472e29ffed57d9c13d845f56bebcb05198ea11
SHA5122c68a150c7e25ec875f5b3921f93637475aa10858eb03c5206a62883694217d93e124f8aebcd5a29d1820ff86c8b86c2311ec45ec1903a73b15cc48a534f875c