General
-
Target
app1701808954826.apk
-
Size
4.6MB
-
Sample
231214-pp5gasdefr
-
MD5
9edcd2b1a59467c04b22907506896100
-
SHA1
665c8ab07fe0348a873b4cebc0876ad956e9951d
-
SHA256
ecf2839925b8b193f47a082a4c4f0629fa933047a7f6a275a9c57e78192da13a
-
SHA512
d7110251f04d7440bcf1c23694daa6b8f0516c7ac03915e26665e13d7a2c1026f589daa816b75a50d2d29780b9ec81100e4b715f06addad6a6bbcc59a6d742c3
-
SSDEEP
98304:ipv4piBUXLB8BmzmzBkTg0twt4begRbvZx0SJo3CsnGg:u4picKkzdL/C6xro30g
Behavioral task
behavioral1
Sample
app1701808954826.apk
Resource
android-x64-20231211-en
Malware Config
Extracted
spynote
1.tcp.sa.ngrok.io:27255
Targets
-
-
Target
app1701808954826.apk
-
Size
4.6MB
-
MD5
9edcd2b1a59467c04b22907506896100
-
SHA1
665c8ab07fe0348a873b4cebc0876ad956e9951d
-
SHA256
ecf2839925b8b193f47a082a4c4f0629fa933047a7f6a275a9c57e78192da13a
-
SHA512
d7110251f04d7440bcf1c23694daa6b8f0516c7ac03915e26665e13d7a2c1026f589daa816b75a50d2d29780b9ec81100e4b715f06addad6a6bbcc59a6d742c3
-
SSDEEP
98304:ipv4piBUXLB8BmzmzBkTg0twt4begRbvZx0SJo3CsnGg:u4picKkzdL/C6xro30g
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests enabling of the accessibility settings.
-
Acquires the wake lock
-
Legitimate hosting services abused for malware hosting/C2
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-