General
-
Target
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919.bin
-
Size
793KB
-
Sample
240423-1yb2wscc3z
-
MD5
618ae6af1fae6ad9409f443556c06f35
-
SHA1
7ebd34c1e2a02eb3bcbfda01f2b5d2f081b5cf65
-
SHA256
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919
-
SHA512
231faf4bd64b2dea0ed067e3a61a5e290f87f4b51fd8ccb28ad0aa1a4bc4f0655f464f34adb9626a212e4d24aa25dad1b441db4ec47fcaa1c1f68b6d92bf3de5
-
SSDEEP
12288:0CC36VJ6sgRALzT2+vODcgjTV5WmpYshXZPbGwidNpgw:0n3wJ6s7LzSQODhjTV5WmD9idNpb
Behavioral task
behavioral1
Sample
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
192.168.1.3:5214
Targets
-
-
Target
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919.bin
-
Size
793KB
-
MD5
618ae6af1fae6ad9409f443556c06f35
-
SHA1
7ebd34c1e2a02eb3bcbfda01f2b5d2f081b5cf65
-
SHA256
fbf8c793cf0a534e8c5a45af6b50519f59a56e31640cf11b33aefa69f9c66919
-
SHA512
231faf4bd64b2dea0ed067e3a61a5e290f87f4b51fd8ccb28ad0aa1a4bc4f0655f464f34adb9626a212e4d24aa25dad1b441db4ec47fcaa1c1f68b6d92bf3de5
-
SSDEEP
12288:0CC36VJ6sgRALzT2+vODcgjTV5WmpYshXZPbGwidNpgw:0n3wJ6s7LzSQODhjTV5WmD9idNpb
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-