Errors

Reason
could not process APK: could not decode AXML: sblock: string with idx 268435468 not found

General

  • Target

    48d2018f147e38d0135da27d642fa460.bin

  • Size

    5.2MB

  • MD5

    d52fa954498c13b471333008a81c8101

  • SHA1

    587b5908b1fb334bde4c0b4aa95cd3dff1b2d7ba

  • SHA256

    84c9d39a532896ed45b7f8b125ea072e056f26f928f5887d0b290549c0d0c7e2

  • SHA512

    ed941adf8edfbb710919e124bbc44c8604e30a2339cd98aab4947e2b4baf1fc3ff862bbb5877ab56e767a526c4088036ab9128755f079992e41f08a59f402090

  • SSDEEP

    98304:TJedg7P2wtNQX8sYcGv7sRxwYjk75LLAuQTX0rC4ecgi5UCaFR9:eJwtNQMJvv7swQC5LEGXgFRFR9

Score
10/10

Malware Config

Signatures

  • Spynote family
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • 48d2018f147e38d0135da27d642fa460.bin
    .zip

    Password: infected

  • 3e6cb05f40e6b8f9035ac918d07eacd3f957eac344832e26e31802a204c532cc.apk
    .apk android

    Password: infected

  • childapp.apk
    .apk android

    Password: infected

    optical.adaptor.pop

    optical.adaptor.jsfkgrvuzkoyzsinxyexbfozqmmmcdxhorksrkctahzdoxeifd2.MainActivity