General
-
Target
ready.apk
-
Size
9.3MB
-
Sample
241123-xd3gkawren
-
MD5
43769086e1710e9a4323e960d3db7b63
-
SHA1
c8cc46dafcf6ce3c3793268c02a885d487c712fb
-
SHA256
3a4b82097d1b0d7ece5b90f12a9a18189353308566d663dc9c1d5455598de20c
-
SHA512
7cade6bcc9740eeaf96587e7041904d3f35db69299bbf8fe3a379e8bbe62cfc7271c3602d29335ea21121d94930d38e7df9413a92cb67feccbb4cc9363103c55
-
SSDEEP
98304:RzLrpZmjRg3MOTBbpuMDKdcEGmzizB1TK0tAmCX:dmjR+nuMWdcExz4pA
Malware Config
Targets
-
-
Target
ready.apk
-
Size
9.3MB
-
MD5
43769086e1710e9a4323e960d3db7b63
-
SHA1
c8cc46dafcf6ce3c3793268c02a885d487c712fb
-
SHA256
3a4b82097d1b0d7ece5b90f12a9a18189353308566d663dc9c1d5455598de20c
-
SHA512
7cade6bcc9740eeaf96587e7041904d3f35db69299bbf8fe3a379e8bbe62cfc7271c3602d29335ea21121d94930d38e7df9413a92cb67feccbb4cc9363103c55
-
SSDEEP
98304:RzLrpZmjRg3MOTBbpuMDKdcEGmzizB1TK0tAmCX:dmjR+nuMWdcExz4pA
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Reads the content of the SMS messages.
-
Reads the content of the call log.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1