General
-
Target
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b.bin
-
Size
879KB
-
Sample
240430-1xbdzagg6s
-
MD5
a933ef8231e6ca82527fbcf05b68a2e5
-
SHA1
56c1b0b1fe0d05be4278cffb31869e9426cdba2b
-
SHA256
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b
-
SHA512
7ed825f06481853f996dcd80b08fb47289835fe46ddf6adfcf68b0dd6812c3851e0ba46532b3a8e6b7cce1eae1157cc3affe2cdf064b9763bd2209d9340ca44c
-
SSDEEP
24576:+DI1a1a2eBmTtBlS+6Z4WDu5WmD9idNpWy:R1a1aERrS+6aWk0d/Wy
Behavioral task
behavioral1
Sample
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
spynote
2.tcp.eu.ngrok.io:10788
Targets
-
-
Target
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b.bin
-
Size
879KB
-
MD5
a933ef8231e6ca82527fbcf05b68a2e5
-
SHA1
56c1b0b1fe0d05be4278cffb31869e9426cdba2b
-
SHA256
5f8d08b4af4b00243d1a566abd25df070f94e108cff00cc2cbd8b5565ee0156b
-
SHA512
7ed825f06481853f996dcd80b08fb47289835fe46ddf6adfcf68b0dd6812c3851e0ba46532b3a8e6b7cce1eae1157cc3affe2cdf064b9763bd2209d9340ca44c
-
SSDEEP
24576:+DI1a1a2eBmTtBlS+6Z4WDu5WmD9idNpWy:R1a1aERrS+6aWk0d/Wy
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-