lucaandrearusso.com.focusesstherapistf24
xyz
General
-
Target
Avast2024.apk
-
Size
632KB
-
MD5
70d603971ab507ce02cbe26db1cb7cf6
-
SHA1
29facaa45501fa41c981a27b068301151f9556c9
-
SHA256
07f70595b516c21f6404d1a61be921cea673c471da3bc601c7db63eda8a03d7f
-
SHA512
89d0722f4e80c00297ca03dd4e7a97881538f68d267fc3091bd1cef15b07e1284075d5aecbf28ba9003472ae3de91888d37e4e97777a1234454b2d43984ed05d
-
SSDEEP
12288:wv6cL9LqECBnFXJQg08haYWlH2ro9K3S757a6Rq21/gGz:qJ9OjbQlqvWlHlCGNoe
Score
10/10
Malware Config
Extracted
Family
spynote
C2
185.202.172.78:3888
Signatures
-
Spynote family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 16 IoCs
Files
-
Avast2024.apk
lucaandrearusso.com.com
lucaandrearusso.com.judyocommitteesk3
Android Permissions
Avast2024.apk
Permissions
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_ACCOUNTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CAMERA
android.permission.INTERNET
android.permission.SYSTEM_ALERT_WINDOW
android.permission.RECORD_AUDIO
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_PHONE_STATE
android.permission.WAKE_LOCK
com.android.alarm.permission.SET_ALARM
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.SET_WALLPAPER
android.permission.USE_FULL_SCREEN_INTENT
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.REQUEST_DELETE_PACKAGES
android.permission.PACKAGE_USAGE_STATS