Overview

overview

10

Static

static

10

ready.apk

android-9-x86

7

ready.apk

android-10-x64

7

ready.apk

android-11-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    14/10/2024, 06:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ready.apk

  • Size

    9.3MB

  • MD5

    2b3ee8561f25fdf28fa418abd68c4493

  • SHA1

    7031944d081795a27dd79ddf152688705ee1582b

  • SHA256

    e632be2e4785ed3b62729acbc219c8597035397948f35fe16688ed43e0322632

  • SHA512

    f5ae94cd49e2fa5b06bd6934862f9c6b660ac12a7b0629a4312df2d4e36c9825e9363656853c6dfd611b66de7bf21e93a6f09c991617c9577353afb04c78167f

  • SSDEEP

    98304:qYZglilMPrETkFVZXxa2XdFp+mzLzBATWak0twnpV:qYZgilMPjXZXzXDpZzaWkS

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • cassette.trail.charge
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Schedules tasks to execute at a specified time
    PID:4805

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-14.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-14.txt
    Filesize

    45B

    MD5

    25f4a7d0f55af9f4d6eb1a87dd0caacd

    SHA1

    8935a05463ca6500dbea71ae9371353fb0f33ecc

    SHA256

    1456001a87a3b21134ecb09335f25bb63e3e622ca3a3320f2d2fc0cf9c3b2985

    SHA512

    604b16c82dd642d89f43050091b5586436ae91b72f6286ec2ee5d5d237063a3e27f3b74d0dbee4a055aeeb6e44987845cb5cd655f329576322b11c3022c472ce

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-14.txt
    Filesize

    29B

    MD5

    5c0decddf469863595f7a29cbe845ddc

    SHA1

    248a01d2c192fa8851790703ddde94beb8b5b37b

    SHA256

    e51509d23bdcdb2995f091f087391c471d12d385c74e788e1d1a32542ea01579

    SHA512

    6b6e5a73cfe3e38150338bf873585f156ef2a32e394fddaab6ca98d6306481bec0b9ac96fb4aa319824acb9614ba07e7deb396392a4286bd50fd7dc7b1d556ef

    Download Submit