General
-
Target
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe.bin
-
Size
759KB
-
Sample
240217-1y7hssbc2y
-
MD5
80d6650095d4b7208d66ea3f5b6e0aa6
-
SHA1
5da78a5ff13faed1e36e00eb6346025e1fb51b8e
-
SHA256
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe
-
SHA512
4560b211105bc41d90617dc41eeaeee4c2522c75b789950b9f4466b7ac599de9789f41460fe94388592cf7536350d28447a39ad09ec39d8c25353446e83563a7
-
SSDEEP
12288:DMAa1a8LzeoyT9YuW5WmpYshXZPbGwidNpga:DMAa1ameoE9YuW5WmD9idNpF
Behavioral task
behavioral1
Sample
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe.apk
Resource
android-x64-20231215-en
Malware Config
Extracted
spynote
tcp://0.tcp.in.ngrok.io:14672
Targets
-
-
Target
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe.bin
-
Size
759KB
-
MD5
80d6650095d4b7208d66ea3f5b6e0aa6
-
SHA1
5da78a5ff13faed1e36e00eb6346025e1fb51b8e
-
SHA256
4faad62d48c91e8292e40dfc2e7fc298ecb51745d792415c0ad3b65a82e194fe
-
SHA512
4560b211105bc41d90617dc41eeaeee4c2522c75b789950b9f4466b7ac599de9789f41460fe94388592cf7536350d28447a39ad09ec39d8c25353446e83563a7
-
SSDEEP
12288:DMAa1a8LzeoyT9YuW5WmpYshXZPbGwidNpga:DMAa1ameoE9YuW5WmD9idNpF
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Legitimate hosting services abused for malware hosting/C2
-