Overview

overview

10

Static

static

10

com.baniiz.kedra.apk

android-10-x64

7

com.baniiz.kedra.apk

android-11-x64

7

com.baniiz.kedra.apk

android-13-x64

7

com.baniiz.kedra.apk

android-9-x86

Analysis

  • max time kernel
    299s
  • max time network
    305s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    10-11-2024 14:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com.baniiz.kedra.apk

  • Size

    8.1MB

  • MD5

    8c68ca54245f1e1513bf1b15dea5e794

  • SHA1

    657ee46f5f7a14b22fd9c1b6933dfe103a61efe6

  • SHA256

    6b83c98557eb4ff3de7b140f71af4f797cbedb39629031aa8fb12320dff1f01b

  • SHA512

    b2e3d7ac106a3e4e1d0db03ea205d84386e081c00c46492567f392ffc6f830385d4ce0d3fb4e3f8dd6ddd428b5f182202b1318c234202dca3fc34d7146f41a8c

  • SSDEEP

    196608:hLt7gHSGEhfejA5jg8sfzDaLEcyDKD+Dks:T1GEhhjg8e25yOiws

Score
7/10
collectioncredential_accessevasionexecutionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Requests enabling of the accessibility settings. 1 IoCs
  • Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

    executionpersistence

Processes

  • build.ledear.zrpah
    1⤵
    • Makes use of the framework's Accessibility service
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests enabling of the accessibility settings.
    • Schedules tasks to execute at a specified time
    PID:4349

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-10.txt
    Filesize

    41B

    MD5

    73ca8d6af8fdcb567754847440dbfa88

    SHA1

    b1472b764ff81d8165ddfd2958a67aa0d4abddf4

    SHA256

    2296954497d649bc19a7b3213d05d51fc1a68ff71e7de01a7edd56ca0828f14d

    SHA512

    7fb52bb85e0e34f6a3ba928d5e88c2f004344bbd6ae3c163088e6aaaa59b5ce60484c78f93c10deabc6051323f7bbc0c87983ad260ebcb03cc42e49dc7b0019f

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-10.txt
    Filesize

    25B

    MD5

    fd8ed43ac31bbf329c395582c15753cd

    SHA1

    3c76ee3fa79dde645c0447d6b23d6f435efb3b72

    SHA256

    049d51bf61bf26d7b9e55391560cc23ec59d2240453ac81b87f2e81153b0fcaf

    SHA512

    77bb10d1eeeea15fc35f7232af698c951d3f47a5fff56682bbc32f6bea9ebecc997d89ed88c6dff9c226c09446261f184ecbac9697f95799753d73a71e6c4d37

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-10.txt
    Filesize

    13B

    MD5

    de2c41a51ee9246eb1708f65b511add0

    SHA1

    2f442d634c8a18760a232c8829d4b5d74a52f074

    SHA256

    ad2d914ca347cd1930e32f21c6d5448c34104bea181b93abc85ec518985653ab

    SHA512

    7cdfbd001594503644e9ed80ae852f90ef9e841a8382e2eec6979e149a2c400a3b83055d205b4d1d66e1600e5127482932d5127eb5800d35a4ee5673fe34d84a

    Download Submit

  • /storage/emulated/0/Config/sys/apps/log/log-2024-11-10.txt
    Filesize

    138B

    MD5

    33decfc10531cda4b93af7245a4a2d58

    SHA1

    8c185d417b9ad0d560cfbf41a596379e73a2a9bd

    SHA256

    dfa4864bbea8c585838bdd72cdebc2da32e9efffdbc1f2d4f34fe5b0cd192c42

    SHA512

    d810e441243287f5aadeac847106c337e890c24cf806bfee2847cc3a01618a15088b27c76f27308140574083938381d3427eb52949cb12f13d22f4858058f118

    Download Submit