General
-
Target
ready_fud.apk
-
Size
3.7MB
-
Sample
241031-jyhe8svamb
-
MD5
86764c0013841c65637779ae63309cc2
-
SHA1
955f4185a68077fecf96394fd968ce2f8922e938
-
SHA256
94c0797fb3f658b69ffd2ae83ce6d27ae48c0538d2559646c3c646d90fbb43b9
-
SHA512
2d5332ca7d6272d4ab5ab8f46cf11c035148f03d58f50a237aea36f091717be4182364b3e5153ccae93574cf3f815834c012af48daa6df83efede33a48a597ce
-
SSDEEP
49152:9zik8UzdGGcQTOomzgvDYqc0cggwUilJrqTobTd9SyxaRNhwj1+l75DRQphxuio8:iUzB7THmzgv00tOTod9Qfwj1i75ivxw8
Behavioral task
behavioral1
Sample
ready_fud.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
193.233.254.67:7777
Targets
-
-
Target
ready_fud.apk
-
Size
3.7MB
-
MD5
86764c0013841c65637779ae63309cc2
-
SHA1
955f4185a68077fecf96394fd968ce2f8922e938
-
SHA256
94c0797fb3f658b69ffd2ae83ce6d27ae48c0538d2559646c3c646d90fbb43b9
-
SHA512
2d5332ca7d6272d4ab5ab8f46cf11c035148f03d58f50a237aea36f091717be4182364b3e5153ccae93574cf3f815834c012af48daa6df83efede33a48a597ce
-
SSDEEP
49152:9zik8UzdGGcQTOomzgvDYqc0cggwUilJrqTobTd9SyxaRNhwj1+l75DRQphxuio8:iUzB7THmzgv00tOTod9Qfwj1i75ivxw8
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries information about active data network
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Defense Evasion
Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1Discovery
Software Discovery
1Security Software Discovery
1System Network Connections Discovery
1