General
-
Target
10289161936.zip
-
Size
1.5MB
-
Sample
230503-c5mvzadd84
-
MD5
be73cf0b98812556cf38d9a6db19d729
-
SHA1
9c4d71dd7c8999d1c1df8e5dcae8303030fb18e6
-
SHA256
9183a0a6ef26af59f213ae5383b5b0381627199ec327d9492197a01defefcd7b
-
SHA512
3ae47cfc51a2ac5559ea31e404718790c018cbe0a7bf6c28f079fb02c6732ca109c7d7a7129795a8b27210cb1c893032c686100a3db995359cbbde82771359ad
-
SSDEEP
24576:w3KJaD2ff5dIR3u72Xy5bIcWROtgIJk8hZ5y1Z1n05wdZKqRSK+UsF:pJaD25V72AGE+Ok8mZ1NKMiF
Behavioral task
behavioral1
Sample
2a6c38a7d59a153679b9d66a9eb92a64b0d93dea6ab2b6a84c6aeeead8a7e35d.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
2a6c38a7d59a153679b9d66a9eb92a64b0d93dea6ab2b6a84c6aeeead8a7e35d.apk
Resource
android-x64-20220823-en
Malware Config
Extracted
spynote
134.122.166.235:6677
Targets
-
-
Target
2a6c38a7d59a153679b9d66a9eb92a64b0d93dea6ab2b6a84c6aeeead8a7e35d
-
Size
12.8MB
-
MD5
fa0b01bd3c1762869964af9254796b6e
-
SHA1
e3b3159d13a5c8b3035d0b1f2cb6ab6128b29080
-
SHA256
2a6c38a7d59a153679b9d66a9eb92a64b0d93dea6ab2b6a84c6aeeead8a7e35d
-
SHA512
8bc97e43bcd753339c534aed8484b28713056ccea02bcd45c02d3281eaf00ef1a1ebeadcbb87a646db21173b5d9886d56c040af8200d2391be8f409896d5ee3a
-
SSDEEP
24576:1Y/LFV3ovkaeziHonAZqA+Msr3NH4U8Vt3rDQvVAsL9bXTSC8WC+AcK:1Y/pV4vkaeGHowEMANHqV92VxBXTSaAr
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-