General
-
Target
STandoffGOLDA (1).apk
-
Size
760KB
-
Sample
231013-1p59daeb28
-
MD5
6902f2ad3987835b1187ebf93e69e804
-
SHA1
42fda334335d69fe8d7dc4d12ecede00abd68a8c
-
SHA256
d90c0971f2377c01e97ae5a5fa39b174dcbd9915e4a5044bd6789c179706ccdf
-
SHA512
7d7e9c0262623427eeeafeb96e55b80e7e3e95e4f917642500f1e3bbf314abc1458316f6978b0b16c62bef6b66d609d8ee797ee6870a0a847ccbda034b805ca3
-
SSDEEP
12288:SRjom0a1a8LzeJjph1v+c5WmpYshXZPbGwidNpgU:Sd0a1ameJb1v+c5WmD9idNpD
Behavioral task
behavioral1
Sample
STandoffGOLDA (1).apk
Resource
android-x86-arm-20230831-en
Behavioral task
behavioral2
Sample
STandoffGOLDA (1).apk
Resource
android-x64-20230831-en
Behavioral task
behavioral3
Sample
STandoffGOLDA (1).apk
Resource
android-x64-arm64-20230831-en
Malware Config
Extracted
spynote
2.tcp.eu.ngrok.io:12736
Targets
-
-
Target
STandoffGOLDA (1).apk
-
Size
760KB
-
MD5
6902f2ad3987835b1187ebf93e69e804
-
SHA1
42fda334335d69fe8d7dc4d12ecede00abd68a8c
-
SHA256
d90c0971f2377c01e97ae5a5fa39b174dcbd9915e4a5044bd6789c179706ccdf
-
SHA512
7d7e9c0262623427eeeafeb96e55b80e7e3e95e4f917642500f1e3bbf314abc1458316f6978b0b16c62bef6b66d609d8ee797ee6870a0a847ccbda034b805ca3
-
SSDEEP
12288:SRjom0a1a8LzeJjph1v+c5WmpYshXZPbGwidNpgU:Sd0a1ameJb1v+c5WmD9idNpD
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
Legitimate hosting services abused for malware hosting/C2
-