General
-
Target
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788.bin
-
Size
760KB
-
Sample
240411-1wwcraed45
-
MD5
5e35c849ae452c6c58209c2e52722bc6
-
SHA1
7cc03c39ef1fc67f198acf30b727dd3767f334cc
-
SHA256
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788
-
SHA512
28a9735f5e5015a678ac0622960177c9557e91a294737e6d8a2da748a4b3aa1c72390f51b4949bd2ff368c114141e2df04e05396ee7e2cfdcd288cf524a4703e
-
SSDEEP
12288:ubyybha1a8LdeJN5w33ES5WmpYshXZPbGwidNpgot2:ubpa1a6eJ033ES5WmD9idNpb2
Behavioral task
behavioral1
Sample
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
0.tcp.ngrok.io:4444
Targets
-
-
Target
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788.bin
-
Size
760KB
-
MD5
5e35c849ae452c6c58209c2e52722bc6
-
SHA1
7cc03c39ef1fc67f198acf30b727dd3767f334cc
-
SHA256
5e25ac6030a6b50cf87a0d6e65f630d621d6a592359fb6d7ee208e36f4278788
-
SHA512
28a9735f5e5015a678ac0622960177c9557e91a294737e6d8a2da748a4b3aa1c72390f51b4949bd2ff368c114141e2df04e05396ee7e2cfdcd288cf524a4703e
-
SSDEEP
12288:ubyybha1a8LdeJN5w33ES5WmpYshXZPbGwidNpgot2:ubpa1a6eJ033ES5WmD9idNpb2
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-