General
-
Target
ready.apk
-
Size
680KB
-
Sample
230922-wcv6eshd8x
-
MD5
4079184334f96fa19bb904ab0b334707
-
SHA1
90781e6f3ff458db9e8f4ef3883f73251adba0d1
-
SHA256
8ccacda64d010d562dc9f121d4cfb7a6351cc7bf9f052949a888bac3d7a20140
-
SHA512
090eeeca220a763d989247e07da70b451e2ddefafd2e1d9e1558a391e425528d979161da5856be7416c24725cb0743cef2da204288913084ee7a7b71203553f3
-
SSDEEP
12288:Rwlbo9GgLRBWItYYyow7HCgI4Zf3n0dF5whzRs911hAsPlno6Rq21/g3Q750YZ:RwlfglBWItYYjwjCgI4p0dFV9DWGlnoY
Malware Config
Extracted
spynote
soon-lp.at.ply.gg:17209
Targets
-
-
Target
ready.apk
-
Size
680KB
-
MD5
4079184334f96fa19bb904ab0b334707
-
SHA1
90781e6f3ff458db9e8f4ef3883f73251adba0d1
-
SHA256
8ccacda64d010d562dc9f121d4cfb7a6351cc7bf9f052949a888bac3d7a20140
-
SHA512
090eeeca220a763d989247e07da70b451e2ddefafd2e1d9e1558a391e425528d979161da5856be7416c24725cb0743cef2da204288913084ee7a7b71203553f3
-
SSDEEP
12288:Rwlbo9GgLRBWItYYyow7HCgI4Zf3n0dF5whzRs911hAsPlno6Rq21/g3Q750YZ:RwlfglBWItYYjwjCgI4p0dFV9DWGlnoY
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries the unique device ID (IMEI, MEID, IMSI).
-
Reads information about phone network operator.
-
Removes a system notification.
-