General
-
Target
ready.apk
-
Size
2.7MB
-
Sample
231117-3q4s2sgg5t
-
MD5
a58f1babad5e36870c747e4bbf67f233
-
SHA1
11d59fe6e57544e3ac16c084cc07505b4901a6d3
-
SHA256
0f5026f939b7fe23af7eada837ea645dd2992d7514a5b0880a1679c2a908e9ca
-
SHA512
15b1c2ce03d7d0ff6795d2aed671dedfed79bd27d81c0f2215af2d9f8b0e4ff0e00a676e064c764bd98627b37f8613863520a9dafa827a4cddd38b64c2cf2105
-
SSDEEP
49152:3bF1MIp8lMlTRaJdSIjAfZOb29BKN9dALbQ7R4ChN/3IKjK6tuvLcSYHm5mR0h:3bF7p86lNauU6ZOb290GLbdChjuvLFYg
Malware Config
Extracted
spynote
language-partnership.gl.at.ply.gg:19982
Targets
-
-
Target
ready.apk
-
Size
2.7MB
-
MD5
a58f1babad5e36870c747e4bbf67f233
-
SHA1
11d59fe6e57544e3ac16c084cc07505b4901a6d3
-
SHA256
0f5026f939b7fe23af7eada837ea645dd2992d7514a5b0880a1679c2a908e9ca
-
SHA512
15b1c2ce03d7d0ff6795d2aed671dedfed79bd27d81c0f2215af2d9f8b0e4ff0e00a676e064c764bd98627b37f8613863520a9dafa827a4cddd38b64c2cf2105
-
SSDEEP
49152:3bF1MIp8lMlTRaJdSIjAfZOb29BKN9dALbQ7R4ChN/3IKjK6tuvLcSYHm5mR0h:3bF7p86lNauU6ZOb290GLbdChjuvLFYg
-
Makes use of the framework's Accessibility service.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-