General
-
Target
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa.bin
-
Size
760KB
-
Sample
240218-1xjeksfd45
-
MD5
27112924a97085b147a3f4fcdedd80ff
-
SHA1
841089dd5c52e9cb2d2b05fbc7e47776291356ac
-
SHA256
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa
-
SHA512
80212086a3ec58a049f01687ae54c992b405c9829c347c1f376dfbc64efdb47161801e1de52fc5f3084701c77316cfc2032648ff4a60eb2711794c77b96b848c
-
SSDEEP
12288:ntHB0a1a8LrerxjsQWq205WmpYshXZPbGwidNpgpgh:ntWa1a2erSQWq205WmD9idNpSy
Behavioral task
behavioral1
Sample
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral3
Sample
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Extracted
spynote
4.tcp.eu.ngrok.io:17618
Targets
-
-
Target
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa.bin
-
Size
760KB
-
MD5
27112924a97085b147a3f4fcdedd80ff
-
SHA1
841089dd5c52e9cb2d2b05fbc7e47776291356ac
-
SHA256
b6cbc9b7c4fbcf57a4d03acb39d6a7cadd9b6206ca810fdae7e4b896c3c3b6aa
-
SHA512
80212086a3ec58a049f01687ae54c992b405c9829c347c1f376dfbc64efdb47161801e1de52fc5f3084701c77316cfc2032648ff4a60eb2711794c77b96b848c
-
SSDEEP
12288:ntHB0a1a8LrerxjsQWq205WmpYshXZPbGwidNpgpgh:ntWa1a2erSQWq205WmD9idNpSy
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
Legitimate hosting services abused for malware hosting/C2
-