General
-
Target
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e.bin
-
Size
837KB
-
Sample
240411-1wzeeahf91
-
MD5
9653c90e59887e2809ce1e0ae312114b
-
SHA1
8f4085d421edce76b445aaf37cd3a66a118d3735
-
SHA256
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e
-
SHA512
a50bee86fedb392b2f7af1d0394d770a89cf7faf372612866f2fd7605feb28f84cdcc5d2af05e490b20b6e9f886dccbec0c4bdc5b7d434ed1a5193ad485e40b8
-
SSDEEP
12288:NgDa1a8LzeHqe40khBi1RxVH65WmpYshXZPbGwidNpgs:CDa1ameKe5kQPVH65WmD9idNpz
Behavioral task
behavioral1
Sample
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
0.tcp.ngrok.io:14051
Targets
-
-
Target
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e.bin
-
Size
837KB
-
MD5
9653c90e59887e2809ce1e0ae312114b
-
SHA1
8f4085d421edce76b445aaf37cd3a66a118d3735
-
SHA256
2ec25567b0ef151a14fc54e709b89676e08497e26de5dcec22a47891282ab71e
-
SHA512
a50bee86fedb392b2f7af1d0394d770a89cf7faf372612866f2fd7605feb28f84cdcc5d2af05e490b20b6e9f886dccbec0c4bdc5b7d434ed1a5193ad485e40b8
-
SSDEEP
12288:NgDa1a8LzeHqe40khBi1RxVH65WmpYshXZPbGwidNpgs:CDa1ameKe5kQPVH65WmD9idNpz
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-