General
-
Target
ready.apk
-
Size
3.7MB
-
Sample
230913-3smybaad65
-
MD5
f7dfc91fab08d087d59058bb30e1e2c0
-
SHA1
e5f47372fdc13e1d34756e0d748ffb5918a20683
-
SHA256
82bf4276528ea6a91113e7d1ca4424f1a82cc6d77cd3522c71f61c2c5f9865a5
-
SHA512
6761490b2f7d1352992e1edfd7d207b3da2bc3b422c0f02a9a7536526869a58544358ced5a84ecef9a92afdecd9bb8fc286cc759bec12edb79a13bb2d7379e44
-
SSDEEP
98304:6/NJOG7pe0nTFBHN4mmzPzBCTi0tQ4uFge:6//HFe0nTFBt4RzEhk
Malware Config
Extracted
spynote
fee-harmful.gl.at.ply.gg:41934
Targets
-
-
Target
ready.apk
-
Size
3.7MB
-
MD5
f7dfc91fab08d087d59058bb30e1e2c0
-
SHA1
e5f47372fdc13e1d34756e0d748ffb5918a20683
-
SHA256
82bf4276528ea6a91113e7d1ca4424f1a82cc6d77cd3522c71f61c2c5f9865a5
-
SHA512
6761490b2f7d1352992e1edfd7d207b3da2bc3b422c0f02a9a7536526869a58544358ced5a84ecef9a92afdecd9bb8fc286cc759bec12edb79a13bb2d7379e44
-
SSDEEP
98304:6/NJOG7pe0nTFBHN4mmzPzBCTi0tQ4uFge:6//HFe0nTFBt4RzEhk
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-