General
-
Target
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d.bin
-
Size
760KB
-
Sample
240217-1xxl7sbb8x
-
MD5
a811878ae03c30f21d163811cde7787a
-
SHA1
991be95a14c3bc2007af10c8c2790f7dc2567f78
-
SHA256
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d
-
SHA512
49a6d6e6f2b9b5b6027422bdf5b5597fd3bcef7a3553acad8a0bc96e62ead5a1dc4e4edb46d20deeb0816769406a3c0f3f4fd3b602576a1d3e51eca84bc21c11
-
SSDEEP
12288:7/5XwtI7fa1a8LdeH5bK/i+85WmpYshXZPbGwidNpgQ:7RAea1a6eHg/i+85WmD9idNpT
Behavioral task
behavioral1
Sample
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Extracted
spynote
5.tcp.eu.ngrok.io:15164
Targets
-
-
Target
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d.bin
-
Size
760KB
-
MD5
a811878ae03c30f21d163811cde7787a
-
SHA1
991be95a14c3bc2007af10c8c2790f7dc2567f78
-
SHA256
c3978cb192be9d009a2b2750727491977996fc41bc127d7e6c8cdd316a48226d
-
SHA512
49a6d6e6f2b9b5b6027422bdf5b5597fd3bcef7a3553acad8a0bc96e62ead5a1dc4e4edb46d20deeb0816769406a3c0f3f4fd3b602576a1d3e51eca84bc21c11
-
SSDEEP
12288:7/5XwtI7fa1a8LdeH5bK/i+85WmpYshXZPbGwidNpgQ:7RAea1a6eHg/i+85WmD9idNpT
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-