General
-
Target
ready.apk
-
Size
9.5MB
-
Sample
241201-y6rffa1kdy
-
MD5
dc761cba441dc4c32d77fb3ad1f8a95c
-
SHA1
7103af9313d1e726ed98c70de3a1577114e003db
-
SHA256
edf8faf4e96ec7e2aca025a2aec8206dbbcb947535ac1d9af698a26d9691ecbc
-
SHA512
2140f765c142f9644014a98647919236707d48ffb58fd864ad84531ee6339e3e02fc6dd9620e9b4a8c9702e9f0e2a3d7654b4472a07aabff183292cc420a2538
-
SSDEEP
98304:O6y1btQDvR9+g1vG8S2Jt3jkrumzGJzB8T70txdnJi:f6bt0vE23zYpzGMkJi
Malware Config
Targets
-
-
Target
ready.apk
-
Size
9.5MB
-
MD5
dc761cba441dc4c32d77fb3ad1f8a95c
-
SHA1
7103af9313d1e726ed98c70de3a1577114e003db
-
SHA256
edf8faf4e96ec7e2aca025a2aec8206dbbcb947535ac1d9af698a26d9691ecbc
-
SHA512
2140f765c142f9644014a98647919236707d48ffb58fd864ad84531ee6339e3e02fc6dd9620e9b4a8c9702e9f0e2a3d7654b4472a07aabff183292cc420a2538
-
SSDEEP
98304:O6y1btQDvR9+g1vG8S2Jt3jkrumzGJzB8T70txdnJi:f6bt0vE23zYpzGMkJi
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Locks the device screen
Application may abuse the framework's APIs to lock the legitimate user out of the device.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-