General
-
Target
ready.apk
-
Size
9.3MB
-
Sample
241123-1cyzjatner
-
MD5
903af1c4fc5b3957d28a1db6aa1229d0
-
SHA1
d4ea436881ebc7594fbe631da784b3c85763f01a
-
SHA256
dc05e5c867cb5961d8cb7960e5252741dc2ec8ce09bffef810ab9579f0a185ae
-
SHA512
d79478a5267f0e7e571ea0e4da6d60f9b81dfd0af61dc7fd80939824348129ca8d0982a9a9fb87ab5603669362f33b4b913ee047d3d47ebdd2ec0dd504a222ae
-
SSDEEP
98304:DP2tIHY6Oi1DQdPf9d6QfhWyWUVia8j9dU+mzZzB2Tw0tpb56:D2oSmAH9d6aoyW8iaQ9WZzqb6
Malware Config
Targets
-
-
Target
ready.apk
-
Size
9.3MB
-
MD5
903af1c4fc5b3957d28a1db6aa1229d0
-
SHA1
d4ea436881ebc7594fbe631da784b3c85763f01a
-
SHA256
dc05e5c867cb5961d8cb7960e5252741dc2ec8ce09bffef810ab9579f0a185ae
-
SHA512
d79478a5267f0e7e571ea0e4da6d60f9b81dfd0af61dc7fd80939824348129ca8d0982a9a9fb87ab5603669362f33b4b913ee047d3d47ebdd2ec0dd504a222ae
-
SSDEEP
98304:DP2tIHY6Oi1DQdPf9d6QfhWyWUVia8j9dU+mzZzB2Tw0tpb56:D2oSmAH9d6aoyW8iaQ9WZzqb6
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1