General
-
Target
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37.bin
-
Size
760KB
-
Sample
240324-1wp6qsca5z
-
MD5
e44816e09948150d91789351e88db1b1
-
SHA1
92dd5f1ca0cf71fc06a1497574a6f71f460c8da6
-
SHA256
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37
-
SHA512
dce7fe9badba083ae465308d6f0e37a79bc8c34f18916defd2c8bbdd2834675088fa3e762007f639b8898222098c31a0e7f96bf833014ee66bdbbe4f9f54d8d5
-
SSDEEP
12288:gZO7Goa1a8LdeZdBq70NA65WmpYshXZPbGwidNpgI:g05a1a6eZu7iA65WmD9idNpP
Behavioral task
behavioral1
Sample
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
0.tcp.eu.ngrok.io:12038
Targets
-
-
Target
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37.bin
-
Size
760KB
-
MD5
e44816e09948150d91789351e88db1b1
-
SHA1
92dd5f1ca0cf71fc06a1497574a6f71f460c8da6
-
SHA256
cd8e66b9b4596938ba23cfe4552c2fecf28333928fcad4a1d237fc1174cacf37
-
SHA512
dce7fe9badba083ae465308d6f0e37a79bc8c34f18916defd2c8bbdd2834675088fa3e762007f639b8898222098c31a0e7f96bf833014ee66bdbbe4f9f54d8d5
-
SSDEEP
12288:gZO7Goa1a8LdeZdBq70NA65WmpYshXZPbGwidNpgI:g05a1a6eZu7iA65WmD9idNpP
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-