General
-
Target
ready.apk
-
Size
8.6MB
-
Sample
240508-j4v9aade34
-
MD5
73d4e736c8beb60aa0cfe57607ec22fd
-
SHA1
ccaf512447714b6e71a3406646976114af7c217b
-
SHA256
402672cc817ce411ec9617e94b404e382d3c326934092c1b5cdd43124ee6bb30
-
SHA512
e65d6bd734df8022d062a1adc0387da7d3ba15e3dd151ade875a72d6ed805986de056a3a259ae52e24447913dcd127fbff8a18617a29fd05c72070b4d785ac20
-
SSDEEP
98304:lamYNOyQossaAgqZ4dRHHZsWwmQmzfzBTTh0tQw6:lvqQoeApuPuEzp+O
Malware Config
Extracted
spynote
s7vety-47274.portmap.host:47274
Targets
-
-
Target
ready.apk
-
Size
8.6MB
-
MD5
73d4e736c8beb60aa0cfe57607ec22fd
-
SHA1
ccaf512447714b6e71a3406646976114af7c217b
-
SHA256
402672cc817ce411ec9617e94b404e382d3c326934092c1b5cdd43124ee6bb30
-
SHA512
e65d6bd734df8022d062a1adc0387da7d3ba15e3dd151ade875a72d6ed805986de056a3a259ae52e24447913dcd127fbff8a18617a29fd05c72070b4d785ac20
-
SSDEEP
98304:lamYNOyQossaAgqZ4dRHHZsWwmQmzfzBTTh0tQw6:lvqQoeApuPuEzp+O
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Acquires the wake lock
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-