General
-
Target
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d.apk
-
Size
6.7MB
-
Sample
240526-blzjzshd81
-
MD5
bb0e0ea5657236c79d69b5d6b8fe2d9e
-
SHA1
93a22d9955879a6d622c0ee0380334e2cc6ea4ac
-
SHA256
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d
-
SHA512
670da8e1a7dae816afdceb10968c98aad6c8bc6ee2c9c205ac1340186d70cb9643313839653dbc1c64b3b65660b7bea5931a2a7fff0d2f798aeb9cefc40a04f9
-
SSDEEP
196608:+XYjJegABMCtOZ6xFily9ff8JAJF1R7hE0uTzZh1W:+Yj0lBtt2ofpZdhEXvM
Static task
static1
Behavioral task
behavioral1
Sample
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d.apk
Resource
android-x64-arm64-20240514-en
Behavioral task
behavioral4
Sample
childapp.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral5
Sample
childapp.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral6
Sample
childapp.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Targets
-
-
Target
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d.apk
-
Size
6.7MB
-
MD5
bb0e0ea5657236c79d69b5d6b8fe2d9e
-
SHA1
93a22d9955879a6d622c0ee0380334e2cc6ea4ac
-
SHA256
e656b5933368d7d4e24c64956d57a323c46c76007aa7bb4c400771aa06808c7d
-
SHA512
670da8e1a7dae816afdceb10968c98aad6c8bc6ee2c9c205ac1340186d70cb9643313839653dbc1c64b3b65660b7bea5931a2a7fff0d2f798aeb9cefc40a04f9
-
SSDEEP
196608:+XYjJegABMCtOZ6xFily9ff8JAJF1R7hE0uTzZh1W:+Yj0lBtt2ofpZdhEXvM
Score1/10 -
-
-
Target
childapp.apk
-
Size
4.8MB
-
MD5
92df3770e6426013880eb177389f27f3
-
SHA1
75963009c8fa3f45dc91e1b266afb10c6592e71a
-
SHA256
d8fa3466ff6f11a060ad6dff7e0c9c2e13935236eeafe265be650c7139b0b490
-
SHA512
c9263342a88243b565e8f4d105b4576c142d5c64f8f7ea09669cae50b521a3c70bcde0f49f9c5fa02f5a4d61e6b072e4352ebf20e2a4a1aa98b7a572b3ac39db
-
SSDEEP
98304:RwWhXdj89TdS4UvZhCyLvxgYNykcYv5oAVj6yhu4hgjKrlSWqpqo7al5M5+14b3/:WW9F89TdHUOyLvxgNkX1BhbhCKIvAV1M
-
Spynote payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-