General
-
Target
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12.bin
-
Size
760KB
-
Sample
240324-1xkmmshb38
-
MD5
fd28bc33fdad7dd66ea665dea640f148
-
SHA1
79ce4612a281229e8aea05c1e65e1387e8f14d82
-
SHA256
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12
-
SHA512
ffb43e7e3076ee636ea590d0a448b06a8f9950f102cf15af19eb71d62c94224f4c0db7fd9e06f4ed72bc43117820f1376de221ac9ad4212122fea6147048c785
-
SSDEEP
12288:N/D+za1a8Lde3zbz73HUm5WmpYshXZPbGwidNpgZ:N/aa1a6e3z73Um5WmD9idNpO
Behavioral task
behavioral1
Sample
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
0.tcp.eu.ngrok.io:17895
Targets
-
-
Target
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12.bin
-
Size
760KB
-
MD5
fd28bc33fdad7dd66ea665dea640f148
-
SHA1
79ce4612a281229e8aea05c1e65e1387e8f14d82
-
SHA256
a08c90084dbe95d8e9837977a10a04421b1ff5f7f4efac3bea2b997a91013d12
-
SHA512
ffb43e7e3076ee636ea590d0a448b06a8f9950f102cf15af19eb71d62c94224f4c0db7fd9e06f4ed72bc43117820f1376de221ac9ad4212122fea6147048c785
-
SSDEEP
12288:N/D+za1a8Lde3zbz73HUm5WmpYshXZPbGwidNpgZ:N/aa1a6e3z73Um5WmD9idNpO
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-