General
-
Target
Sing-travel-1.3.apk
-
Size
12.3MB
-
Sample
230403-m7jansfg2y
-
MD5
8000776495377ad73a91c5c0b7bbe800
-
SHA1
d46b37b660a1793e4a9c6900b41f3fe0846a3268
-
SHA256
a4f2f6be49e54d824af882b3c20d81a878db0527e09f697adca4d33d145e7ef9
-
SHA512
92191a04ebb2cd40f8a9f74f241e1b64edf74263c7eb17b755e7cc56f39940bba77fc8ee4029b44766a29e75e2468c75fc39acbbf85a24eba8c00557a873ebf0
-
SSDEEP
24576:rleAaqt/J2fCZnAJdJynXltf63Ues77gxP6BkNyEyft391/3ra:Z5/6YuyTf6E46yNxyft3T3+
Behavioral task
behavioral1
Sample
Sing-travel-1.3.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral2
Sample
Sing-travel-1.3.apk
Resource
android-x64-arm64-20220823-en
Malware Config
Extracted
spynote
134.122.166.235:6677
Targets
-
-
Target
Sing-travel-1.3.apk
-
Size
12.3MB
-
MD5
8000776495377ad73a91c5c0b7bbe800
-
SHA1
d46b37b660a1793e4a9c6900b41f3fe0846a3268
-
SHA256
a4f2f6be49e54d824af882b3c20d81a878db0527e09f697adca4d33d145e7ef9
-
SHA512
92191a04ebb2cd40f8a9f74f241e1b64edf74263c7eb17b755e7cc56f39940bba77fc8ee4029b44766a29e75e2468c75fc39acbbf85a24eba8c00557a873ebf0
-
SSDEEP
24576:rleAaqt/J2fCZnAJdJynXltf63Ues77gxP6BkNyEyft391/3ra:Z5/6YuyTf6E46yNxyft3T3+
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-