Overview

overview

10

Static

static

10

d813b0e354...58.apk

android-9-x86

4

d813b0e354...58.apk

android-10-x64

4

d813b0e354...58.apk

android-11-x64

4

app.apk

android-9-x86

6

app.apk

android-10-x64

6

app.apk

android-11-x64

6

Analysis

  • max time kernel
    123s
  • max time network
    158s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    06-01-2025 22:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    app.apk

  • Size

    3.9MB

  • MD5

    ba55d21d1a168acfa2c461a10ee4f553

  • SHA1

    a480b811d555a5dbdf18e47ee0cb5995cee1fda8

  • SHA256

    a4090386638069b3b35fa5c94deda9348f6da26c33381e31c5ed3bc95fadc104

  • SHA512

    ed7d6d5cfe2bef60e7a913348305559c584a24b32d869e6f4a7c4534bd69d1d0b3a38652f91f50b3bc8f1e39167e96f3cb38a6d566a96e6e3af974c59c483f99

  • SSDEEP

    98304:HrMDRTHvWY8ZHS7tSx1RIRYaWLIJP9nMUkaNK3/gJNYM:DjdCAJMx9nMIUYJNF

Score
6/10
evasionimpactpersistence

Malware Config

Signatures

  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Performs UI accessibility actions on behalf of the user 1 TTPs 1 IoCs

    Application may abuse the accessibility service to prevent their removal.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
    impact

Processes

  • com.carnaptious.rudistid
    1⤵
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Performs UI accessibility actions on behalf of the user
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4854

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads