Analysis
-
max time kernel
149s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
27/03/2025, 01:17
General
-
Target
ac32dc236fea345d135bf1ff973900482cdfce489054760601170ef7feec458f.apk
-
Size
1.3MB
-
MD5
93ac3627ec63373a239f4a521819dbe9
-
SHA1
ce1f752ba4f550e8439e24228c6ccb7aad56ef98
-
SHA256
ac32dc236fea345d135bf1ff973900482cdfce489054760601170ef7feec458f
-
SHA512
bd483c8bc6efb24c3f54a9c3632c842a2f7b606b7769d23b4fea455ea08be137f2a0e42632bf3d88490ea954c697db5af85b145596ccb3c1fbe5d90c2b0bc95a
-
SSDEEP
24576:N1Gk/63Nc4TlZoBP+8fQgwbigP9zlJlnP6f7I2h8r3mVZvrRa+2RplR8Qngx:N17/yZZo1Ff8GgP9zTlnP6n8rWnvrRUk
Score
8/10
Malware Config
Signatures
-
Removes its main activity from the application launcher 1 TTPs 1 IoCs
-
Makes use of the framework's Accessibility service 4 TTPs 2 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Requests enabling of the accessibility settings. 1 IoCs
Processes
-
lady.cheap.sting1⤵
- Removes its main activity from the application launcher
- Makes use of the framework's Accessibility service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Requests enabling of the accessibility settings.