General
-
Target
ready.apk
-
Size
57.5MB
-
Sample
240331-qz3acsdc54
-
MD5
b85c789a80b3f6bd5910c4aed1c01716
-
SHA1
563e68b24deb3f8bb6dff3c46cc861a48ea2bc73
-
SHA256
7e575c15d833e5a86c3a8f15a184ab75ded1cbfd62fc564758d5a2afe5f2b9a3
-
SHA512
897fc624d30d212b23ee61c8a47bbac741e466d7efe56116c8a9d4cd99dcbab40ff0f17254517710fdf2055a0a767dc6b12e4c962d1e3f1370c2a7bb174301e9
-
SSDEEP
1572864:ebmKR/R2InCUVZbWEB7e0Uyxr8a3MAPfSbJ77m6x5:eXR2jU36DRyJOLbp7m6j
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral2
Sample
ready.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
cofira2508-23793.portmap.host:23793
Targets
-
-
Target
ready.apk
-
Size
57.5MB
-
MD5
b85c789a80b3f6bd5910c4aed1c01716
-
SHA1
563e68b24deb3f8bb6dff3c46cc861a48ea2bc73
-
SHA256
7e575c15d833e5a86c3a8f15a184ab75ded1cbfd62fc564758d5a2afe5f2b9a3
-
SHA512
897fc624d30d212b23ee61c8a47bbac741e466d7efe56116c8a9d4cd99dcbab40ff0f17254517710fdf2055a0a767dc6b12e4c962d1e3f1370c2a7bb174301e9
-
SSDEEP
1572864:ebmKR/R2InCUVZbWEB7e0Uyxr8a3MAPfSbJ77m6x5:eXR2jU36DRyJOLbp7m6j
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Acquires the wake lock
-
Declares services with permission to bind to the system
-
Requests dangerous framework permissions
-