Overview

overview

10

Static

static

10

ready.apk

android-9-x86

8

ready.apk

android-10-x64

8

ready.apk

android-11-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    23-10-2024 15:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ready.apk

  • Size

    30.0MB

  • MD5

    fe30c5244d8c0dcd120bad0ae5a5a6fe

  • SHA1

    baffcc6ef4f1888b16a6c0c1d88814bd048a77e6

  • SHA256

    4b01ec065b4cd922e567193200bbaf1f22cf55a29a9d770e645a01e266e1b04f

  • SHA512

    6bf6562dadfe963aac6f76723d7afa9361c9261d7522d891905f5d759243881390757ccf956bbdf81212d2d8f1f1ef8443c2f8a179803b8ce56959ec749ac717

  • SSDEEP

    12288:tw6ngF8WhKT8IizVJ7VulZMPh585XNLusT3cgtN0F346Rq21hg0QtWDrQd:U8WhK5ipcZMPh5OLHT3SF34GNSKrI

Score
8/10
collectioncredential_accessevasionexecutionimpactpersistencestealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 TTPs 1 IoCs
    stealthtrojanevasion
  • Makes use of the framework's Accessibility service 4 TTPs 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 TTPs 1 IoCs
    evasion
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence
  • Checks CPU information 2 TTPs 1 IoCs
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.appser.verapp
    1⤵
    • Removes its main activity from the application launcher
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4639

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-23.txt
    Filesize

    275B

    MD5

    93d2a55e9c6a0ed25363fc8eebc40315

    SHA1

    e47f31bda12dcef3bf0444549d80ba7180c7ebd5

    SHA256

    30224a8f26b629c98030e5f6596c058d973e1ff7209d53f62628ef69b864971e

    SHA512

    2b14439eca960a78f466ddcbadbd54d41d029c034076b5767d88d009b6d1eb004436c7e18e84aa4c7afde2124c86e2a9596e6b12214a6151a63101ea96dfdcda

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-23.txt
    Filesize

    28B

    MD5

    b526759c1c5f32d1e480f73d98684568

    SHA1

    205b4553d10be5cabdfca65e5461d427b656546d

    SHA256

    891362c5fb40d06ac17d0df709f7ddd1984669e7a4a0528b5ad2fdab483a30d4

    SHA512

    63187d02028571c51ade3468a429a987b5d3d5b811b4b5a8bc82a82af8fa8160eadc973398cf4a5e27dec925e288f8528a4e795119a49b532cd60f265b777c07

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-10-23.txt
    Filesize

    36B

    MD5

    55126f07bbd59853268feff1ca6c6463

    SHA1

    06b854eb3aef35df9712b5bac0c0d1a576b42c71

    SHA256

    0919a5c670966b1972ce0c519cdce446f8b6772ab0305d418764d0fd38fcb3fd

    SHA512

    75fc4c3704460f9f1d76f067348fb36e2a0574008977ec8adf8960f6ff12a2e4b44d1f36ced4191beda3900133d5c96bb8bf7bb2bb7c3df859b3a6b307292e62

    Download Submit