General

  • Target

    HOT.7z

  • Size

    1.5MB

  • Sample

    230414-m1drlshe74

  • MD5

    e4aa5edef7a39ddc9abd9b20135a5c3e

  • SHA1

    56f54ff1beeb425a26ed7021d5b2056c868f80e1

  • SHA256

    fba2aa4b133352b9fe45b4c69cc926a8147655c715d1d7f0c6d1f1a3967155d5

  • SHA512

    411fb040fade8831860c4a46e891b73645392964ec3e9b38f94760bcbac7604701768b621d66ff98a30d0751ddfd6f2f89fbe52729c5d2a8c4550e8e886197fd

  • SSDEEP

    24576:O1yyF8T1bOv6Lv7ifXg/PLHgBkRvxZAg605K+xHl75iGyE8m8ab8iP0c1Rc4w3mL:5yyTcyLv4g/PLAB/1r+xHJgGyE83MUNc

Score
10/10

Malware Config

Extracted

Family

spynote

C2

134.122.166.235:6655

Targets

    • Target

      base(androiod).apk

    • Size

      1.2MB

    • MD5

      8c164ce849694a91ebc0ac28667ddbea

    • SHA1

      b8a79943b695f0ca9015949ff573324b5381e167

    • SHA256

      ef0543f2fb0e21f9ef278e8c503943acd1fb3988ef6a000235e8209828ea26c8

    • SHA512

      f6c8325610d2d2aa17eaec62ff5daa19cd3868c6a9afb7b8e015a5d7f69d72284fb8c0bd7e68fef5f7be241b9dc364782c0da4a1423ce258db3dd121453cd99c

    • SSDEEP

      24576:M9OFQ/ZDkvoyOfv+lS/Giq9COKKFjZi1u4yLj6fs68CgvHDc:M96Q/ZQhmGiq9Wocu9L68CR

    Score
    8/10
    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks