General

  • Target

    ready.apk

  • Size

    9.3MB

  • Sample

    241123-yzrsma1jbq

  • MD5

    ebf4a4eeb50e5a1096d559ca68366235

  • SHA1

    81409a526a5e5628c5b80acbc8ae5782dd456b64

  • SHA256

    720c90a2a9c05939dd9b895285c1063caef22e064938ea793b80cf8753cdfb7d

  • SHA512

    f57e4937ac92981e724891f846686956a0b15cdca85be511174e7e00b9d27a91f7b15b1bb31697d42eb61682a77cab149158cd1f91db1e3d1a768060ec1418c0

  • SSDEEP

    98304:GnOIayq6edce/Hd5TNFDk9UcSMmzhzBITY0t5K9Am:GOIaBtdce/1JcUZbzQDkJ

Malware Config

Targets

    • Target

      ready.apk

    • Size

      9.3MB

    • MD5

      ebf4a4eeb50e5a1096d559ca68366235

    • SHA1

      81409a526a5e5628c5b80acbc8ae5782dd456b64

    • SHA256

      720c90a2a9c05939dd9b895285c1063caef22e064938ea793b80cf8753cdfb7d

    • SHA512

      f57e4937ac92981e724891f846686956a0b15cdca85be511174e7e00b9d27a91f7b15b1bb31697d42eb61682a77cab149158cd1f91db1e3d1a768060ec1418c0

    • SSDEEP

      98304:GnOIayq6edce/Hd5TNFDk9UcSMmzhzBITY0t5K9Am:GOIaBtdce/1JcUZbzQDkJ

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Acquires the wake lock

    • Checks the application is allowed to request package installs through the package installer

      Checks the application is allowed to install additional applications (Might try to install applications from unknown sources).

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks