General
-
Target
ready.apk
-
Size
53.6MB
-
Sample
240107-d8pz6sdffq
-
MD5
365f8c0d67cea672e30454f7a0445abe
-
SHA1
a8b5f3b3cdc1f3e5b1528cf85259c6f0a045e1e3
-
SHA256
f7a50c6741fa669e44a8817583c64de5f39f9f0360b04e68d3d6963afebf8d87
-
SHA512
f16c9e11cef3900fd78e1f4a2d2e146f94742734699b431444b3b458b163873fa8ccf505cfa954b81051b0a76106a72a39ac7f377d61cebba0ead03e554f5942
-
SSDEEP
1572864:PH5jP22elmk/fal3jPb7vkwPLn48gf8nFLik9WPZ:PE212CTPbzkwDVEh
Malware Config
Extracted
spynote
23543254365-58443.portmap.host:58443
Targets
-
-
Target
ready.apk
-
Size
53.6MB
-
MD5
365f8c0d67cea672e30454f7a0445abe
-
SHA1
a8b5f3b3cdc1f3e5b1528cf85259c6f0a045e1e3
-
SHA256
f7a50c6741fa669e44a8817583c64de5f39f9f0360b04e68d3d6963afebf8d87
-
SHA512
f16c9e11cef3900fd78e1f4a2d2e146f94742734699b431444b3b458b163873fa8ccf505cfa954b81051b0a76106a72a39ac7f377d61cebba0ead03e554f5942
-
SSDEEP
1572864:PH5jP22elmk/fal3jPb7vkwPLn48gf8nFLik9WPZ:PE212CTPbzkwDVEh
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Removes its main activity from the application launcher
-
Declares services with permission to bind to the system
-
Requests dangerous framework permissions
-