General

  • Target

    ready.apk

  • Size

    33.7MB

  • Sample

    240726-gda5basgjb

  • MD5

    c21e7513001a019330d45f0e693a50fe

  • SHA1

    babbe31a29d26b777744dda3ef012f739340de67

  • SHA256

    f3053a7aab93967d9a9c2d3ae1dbb614ff00271b6174033823f967a5439f04fe

  • SHA512

    082b21a19029b8a08681b08640871bb2efb4fcc0f4dd03c1c8384a81c48ac7e56f9fffffd81722f19fcaa33fd9590e2ce3819282a089e3d227b0619b9a1e1e94

  • SSDEEP

    98304:d8FEVl5qpou4rLj6raRkMaHaVnymzbzBAT80tEPy/:d8DD4rLjZkMaQ9zKPP

Malware Config

Targets

    • Target

      ready.apk

    • Size

      33.7MB

    • MD5

      c21e7513001a019330d45f0e693a50fe

    • SHA1

      babbe31a29d26b777744dda3ef012f739340de67

    • SHA256

      f3053a7aab93967d9a9c2d3ae1dbb614ff00271b6174033823f967a5439f04fe

    • SHA512

      082b21a19029b8a08681b08640871bb2efb4fcc0f4dd03c1c8384a81c48ac7e56f9fffffd81722f19fcaa33fd9590e2ce3819282a089e3d227b0619b9a1e1e94

    • SSDEEP

      98304:d8FEVl5qpou4rLj6raRkMaHaVnymzbzBAT80tEPy/:d8DD4rLjZkMaQ9zKPP

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks