General
-
Target
ready.apk
-
Size
9.5MB
-
Sample
241227-1x66ms1jgx
-
MD5
21e47242e89f3514f10b9a17e03b6e3e
-
SHA1
73848a2168596332b03b4e040cb3f89fc691eecc
-
SHA256
bb36285a52ca485e44d52cace147bc03b39b04554561f2811eba26efed1b2443
-
SHA512
7d15592fc22a87ba7c17c1e26348771865e81bef870a91b19ec9b2148dc2788a37642b573ae2a2a93fc50e822763c3e61d6acecf9e655ef96d70a69249ae9a65
-
SSDEEP
98304:ew7y+rCreCxmy14lIyxo2NSLPMQ+d0SmzAbzBuTs0tBg5FP:ew7rCreCgy14lIaSLPk0dzAM/2P
Malware Config
Targets
-
-
Target
ready.apk
-
Size
9.5MB
-
MD5
21e47242e89f3514f10b9a17e03b6e3e
-
SHA1
73848a2168596332b03b4e040cb3f89fc691eecc
-
SHA256
bb36285a52ca485e44d52cace147bc03b39b04554561f2811eba26efed1b2443
-
SHA512
7d15592fc22a87ba7c17c1e26348771865e81bef870a91b19ec9b2148dc2788a37642b573ae2a2a93fc50e822763c3e61d6acecf9e655ef96d70a69249ae9a65
-
SSDEEP
98304:ew7y+rCreCxmy14lIyxo2NSLPMQ+d0SmzAbzBuTs0tBg5FP:ew7rCreCgy14lIaSLPk0dzAM/2P
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
1User Evasion
1Impair Defenses
1Prevent Application Removal
1Input Injection
1