General
-
Target
Avast2024.apk
-
Size
632KB
-
Sample
240220-kbshcsed65
-
MD5
70d603971ab507ce02cbe26db1cb7cf6
-
SHA1
29facaa45501fa41c981a27b068301151f9556c9
-
SHA256
07f70595b516c21f6404d1a61be921cea673c471da3bc601c7db63eda8a03d7f
-
SHA512
89d0722f4e80c00297ca03dd4e7a97881538f68d267fc3091bd1cef15b07e1284075d5aecbf28ba9003472ae3de91888d37e4e97777a1234454b2d43984ed05d
-
SSDEEP
12288:wv6cL9LqECBnFXJQg08haYWlH2ro9K3S757a6Rq21/gGz:qJ9OjbQlqvWlHlCGNoe
Behavioral task
behavioral1
Sample
Avast2024.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
Avast2024.apk
Resource
android-x64-20231215-en
Malware Config
Extracted
spynote
185.202.172.78:3888
Targets
-
-
Target
Avast2024.apk
-
Size
632KB
-
MD5
70d603971ab507ce02cbe26db1cb7cf6
-
SHA1
29facaa45501fa41c981a27b068301151f9556c9
-
SHA256
07f70595b516c21f6404d1a61be921cea673c471da3bc601c7db63eda8a03d7f
-
SHA512
89d0722f4e80c00297ca03dd4e7a97881538f68d267fc3091bd1cef15b07e1284075d5aecbf28ba9003472ae3de91888d37e4e97777a1234454b2d43984ed05d
-
SSDEEP
12288:wv6cL9LqECBnFXJQg08haYWlH2ro9K3S757a6Rq21/gGz:qJ9OjbQlqvWlHlCGNoe
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-