General
-
Target
HOT.7z
-
Size
1.5MB
-
Sample
230414-m1drlshe74
-
MD5
e4aa5edef7a39ddc9abd9b20135a5c3e
-
SHA1
56f54ff1beeb425a26ed7021d5b2056c868f80e1
-
SHA256
fba2aa4b133352b9fe45b4c69cc926a8147655c715d1d7f0c6d1f1a3967155d5
-
SHA512
411fb040fade8831860c4a46e891b73645392964ec3e9b38f94760bcbac7604701768b621d66ff98a30d0751ddfd6f2f89fbe52729c5d2a8c4550e8e886197fd
-
SSDEEP
24576:O1yyF8T1bOv6Lv7ifXg/PLHgBkRvxZAg605K+xHl75iGyE8m8ab8iP0c1Rc4w3mL:5yyTcyLv4g/PLAB/1r+xHJgGyE83MUNc
Behavioral task
behavioral1
Sample
base(androiod).apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
base(androiod).apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
base(androiod).apk
Resource
android-x64-arm64-20220823-en
Malware Config
Extracted
spynote
134.122.166.235:6655
Targets
-
-
Target
base(androiod).apk
-
Size
1.2MB
-
MD5
8c164ce849694a91ebc0ac28667ddbea
-
SHA1
b8a79943b695f0ca9015949ff573324b5381e167
-
SHA256
ef0543f2fb0e21f9ef278e8c503943acd1fb3988ef6a000235e8209828ea26c8
-
SHA512
f6c8325610d2d2aa17eaec62ff5daa19cd3868c6a9afb7b8e015a5d7f69d72284fb8c0bd7e68fef5f7be241b9dc364782c0da4a1423ce258db3dd121453cd99c
-
SSDEEP
24576:M9OFQ/ZDkvoyOfv+lS/Giq9COKKFjZi1u4yLj6fs68CgvHDc:M96Q/ZQhmGiq9Wocu9L68CR
Score8/10-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-