General
-
Target
240515-rl9yqaeksv_pw_infected.zip
-
Size
1019KB
-
Sample
240520-yw9h9sfg6z
-
MD5
280f63630a4f826ab0879f2d9a2d48de
-
SHA1
7d4802524b2b6f7f01ffc4a2b6820e6809e48d84
-
SHA256
4b29daa11e8ba1ef5f90529fc77edb327a6ffab75d706f165baed14b0191d3ad
-
SHA512
6cfd9c96db8372b44b32f0b44080672f3fb2ab622a607add019fca2bbebfe96c1959c4c17a58569c27c89597187769f843cec8606a845c2e7be71e9d84daaf44
-
SSDEEP
24576:iAkUjjtr3RsEUu391Hc3F/q5ny8lgQEOzepM:ZZjZ3RsJuimnpglM
Static task
static1
Behavioral task
behavioral1
Sample
005d36928b02814f6c3fb040a114a666e2aa2b976ea3c3af8a245ee41179b9fe.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral2
Sample
005d36928b02814f6c3fb040a114a666e2aa2b976ea3c3af8a245ee41179b9fe.apk
Resource
android-x86-arm-20240514-en
Malware Config
Targets
-
-
Target
005d36928b02814f6c3fb040a114a666e2aa2b976ea3c3af8a245ee41179b9fe
-
Size
1.2MB
-
MD5
00f5261cdc54cf4bbd5bafe5be01ec6f
-
SHA1
28b348b5950299a50ad611388672b2b4e4e8a7c0
-
SHA256
005d36928b02814f6c3fb040a114a666e2aa2b976ea3c3af8a245ee41179b9fe
-
SHA512
b79b809236fb8e31ab177245d8f8f43aaccdfebb7d1219eca1c1515908500f8bd858c11c7683f993dd1e6cf37cab38bdaf11d66f802db4caa701998981986672
-
SSDEEP
24576:WXrV0d5h6G4svi6q7+vwSTE1sNSFE/md/DqS0+XaLmjRvqgJPWI0a:WZ0N6VsxqqHE1s8FhqDjLGRvqgJPt
-
Spynote payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-