General

  • Target

    ready.apk

  • Size

    9.3MB

  • Sample

    240731-z3676aycld

  • MD5

    f405d82f9b6af159117397f6116c5d7d

  • SHA1

    5e8ac14f5cf37ec5f6c1f819653afe654913709f

  • SHA256

    92f8a0269d44ee1a343c1b808915e568c2ab01b6977bb73ca7c9e2af2e3f0e55

  • SHA512

    a3422a80b7224d1c4441bf4bbfe4256789c0355fb68ac1a61d29a624c52f0d427278d08235e56d3f8e66405176d90d03cbe12aee9a53ca10640a49ba2452e679

  • SSDEEP

    98304:4L6B6PkF1kE0X15JyJKUcyht0SyMfGmzzzBgTQ0tglag:s6Bgwu1UcfSrxzi7e

Malware Config

Targets

    • Target

      ready.apk

    • Size

      9.3MB

    • MD5

      f405d82f9b6af159117397f6116c5d7d

    • SHA1

      5e8ac14f5cf37ec5f6c1f819653afe654913709f

    • SHA256

      92f8a0269d44ee1a343c1b808915e568c2ab01b6977bb73ca7c9e2af2e3f0e55

    • SHA512

      a3422a80b7224d1c4441bf4bbfe4256789c0355fb68ac1a61d29a624c52f0d427278d08235e56d3f8e66405176d90d03cbe12aee9a53ca10640a49ba2452e679

    • SSDEEP

      98304:4L6B6PkF1kE0X15JyJKUcyht0SyMfGmzzzBgTQ0tglag:s6Bgwu1UcfSrxzi7e

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Reads the content of the SMS messages.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks