General
-
Target
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21.bin
-
Size
883KB
-
Sample
240316-1xmf8sdd21
-
MD5
c3ec0a4bdef44389b6fd35bab98e80d5
-
SHA1
840cf538abcc1375e786d049e9f9785e3117e035
-
SHA256
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21
-
SHA512
406e176f2d27a73eea4994f9e14dcf5c626e62b443bd1740ede9fc7e69e09a50311062f41f37ea98f5c64eb705ecf1b9ddcf31c225836ffc61e3812ea5362a3e
-
SSDEEP
12288:XA9DRa1a8Lde3JJ5Ouu5X4fw2bcN5WmpYshXZPbGwidNpgm:ca1a6eb5puSfw2bE5WmD9idNp9
Behavioral task
behavioral1
Sample
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
0.tcp.eu.ngrok.io:19476
Targets
-
-
Target
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21.bin
-
Size
883KB
-
MD5
c3ec0a4bdef44389b6fd35bab98e80d5
-
SHA1
840cf538abcc1375e786d049e9f9785e3117e035
-
SHA256
91c174ee17ae412466f5d3204425575136b2e20b6773356d38004014a407bd21
-
SHA512
406e176f2d27a73eea4994f9e14dcf5c626e62b443bd1740ede9fc7e69e09a50311062f41f37ea98f5c64eb705ecf1b9ddcf31c225836ffc61e3812ea5362a3e
-
SSDEEP
12288:XA9DRa1a8Lde3JJ5Ouu5X4fw2bcN5WmpYshXZPbGwidNpgm:ca1a6eb5puSfw2bE5WmD9idNp9
Score8/10-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-
Legitimate hosting services abused for malware hosting/C2
-