General
-
Target
ready.apk
-
Size
21.2MB
-
Sample
250329-qdmmsavpw9
-
MD5
4d31fe451d4ba30a8baf3fdd4b7e56f5
-
SHA1
78507678cc5a59f152493cd8406b927d26ef87c7
-
SHA256
476170fa62e5a3309f7011c80358b73a63d9c9d18e3382c709a95a34ed76e673
-
SHA512
4022bdaa5ff851e81c6bbade50aa52e0be0247042ab6079cd352a41d0b0f88b1c6000dfecda853b60475ef630e1416fe0818b3ca8c279d98bebd24851a7e972d
-
SSDEEP
393216:44rSRVS4VFV+IT2ZguQx1HqXrPzqhnRYgRGVm+XfsIEGuPRB+6:FSRr+1ZGb4rPCnRnCX6GuPW6
Malware Config
Targets
-
-
Target
ready.apk
-
Size
21.2MB
-
MD5
4d31fe451d4ba30a8baf3fdd4b7e56f5
-
SHA1
78507678cc5a59f152493cd8406b927d26ef87c7
-
SHA256
476170fa62e5a3309f7011c80358b73a63d9c9d18e3382c709a95a34ed76e673
-
SHA512
4022bdaa5ff851e81c6bbade50aa52e0be0247042ab6079cd352a41d0b0f88b1c6000dfecda853b60475ef630e1416fe0818b3ca8c279d98bebd24851a7e972d
-
SSDEEP
393216:44rSRVS4VFV+IT2ZguQx1HqXrPzqhnRYgRGVm+XfsIEGuPRB+6:FSRr+1ZGb4rPCnRnCX6GuPW6
Score7/10-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Declares services with permission to bind to the system
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests dangerous framework permissions
-
Requests enabling of the accessibility settings.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1