General
-
Target
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3.bin
-
Size
3.0MB
-
Sample
240101-1wvq8abchr
-
MD5
bc9a4b7c49f7a2843bb7c63eadf0721d
-
SHA1
837f19d9f53e46a33f09d4ad26ba57a024818d8b
-
SHA256
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3
-
SHA512
dd38c1efd759354acdbe60b7fb3cfbf57ff1af7bfb7855f718741b4cce124d946c7bf05977112e05bbb9c29787fb00a0713fb7132b2d46c94c995ac838033446
-
SSDEEP
49152:nDSSKOp7JsQ+52g8VxxR1c7W/kQS3jphfaIEwTxvJaw2SR9GBRUES787cGBJmlE7:OIJab6hP/+phCzijpGBRUESYwGBUlEWc
Static task
static1
Behavioral task
behavioral1
Sample
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3.apk
Resource
android-x64-20231215-en
Malware Config
Extracted
spynote
165.227.31.192:22813
Targets
-
-
Target
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3.bin
-
Size
3.0MB
-
MD5
bc9a4b7c49f7a2843bb7c63eadf0721d
-
SHA1
837f19d9f53e46a33f09d4ad26ba57a024818d8b
-
SHA256
397d80e7f2c85b8921150d568c32deb43a157944cb993225e9907452179893b3
-
SHA512
dd38c1efd759354acdbe60b7fb3cfbf57ff1af7bfb7855f718741b4cce124d946c7bf05977112e05bbb9c29787fb00a0713fb7132b2d46c94c995ac838033446
-
SSDEEP
49152:nDSSKOp7JsQ+52g8VxxR1c7W/kQS3jphfaIEwTxvJaw2SR9GBRUES787cGBJmlE7:OIJab6hP/+phCzijpGBRUESYwGBUlEWc
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-