General
-
Target
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85.bin
-
Size
864KB
-
Sample
240210-1x4erabc43
-
MD5
17a78d95223627cc48e62ce98edfedb4
-
SHA1
581d81d3f749b00ce69f2c52c4713f92de5dd70c
-
SHA256
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85
-
SHA512
edcdbf9119658ba25e22423d91b2d243b661eb93bc75ed7eaf493748acf87a94051c0b6dcca658c1cb6d3aee446a18f25685a512b65428729e4d47a8b0357465
-
SSDEEP
24576:eVHJ6sbLz/eMBnkmswjMal5WmD9idNpd9:uJ6sz3p/Tj5Wk0d/d9
Behavioral task
behavioral1
Sample
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Extracted
spynote
4.tcp.eu.ngrok.io:10946
Targets
-
-
Target
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85.bin
-
Size
864KB
-
MD5
17a78d95223627cc48e62ce98edfedb4
-
SHA1
581d81d3f749b00ce69f2c52c4713f92de5dd70c
-
SHA256
2da1a98a2881004f4a103f59ee2de75f2e4bc700f1bf8e80a2823572533cbb85
-
SHA512
edcdbf9119658ba25e22423d91b2d243b661eb93bc75ed7eaf493748acf87a94051c0b6dcca658c1cb6d3aee446a18f25685a512b65428729e4d47a8b0357465
-
SSDEEP
24576:eVHJ6sbLz/eMBnkmswjMal5WmD9idNpd9:uJ6sz3p/Tj5Wk0d/d9
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
Legitimate hosting services abused for malware hosting/C2
-