General
-
Target
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5.bin
-
Size
4.8MB
-
Sample
240529-1wnb5scc32
-
MD5
971dfeaaf810b187ca84623bc169b042
-
SHA1
4490e9d822e3b5a456bb72211cba03e3b5008df8
-
SHA256
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5
-
SHA512
81dc7a55c57f3c52f293a571fbed2c3153fc0ce52c5d4ef45978667dd7644bc25a7c9d63383fbe04d8956d3131b28b090c925a29b5a743d96aba492f694043f1
-
SSDEEP
98304:AVWwF40kRtLc1HxXoCm0B55Xz5aRsBoBXPo1CBmoANXOAeXK:fi4ntG1rh5DwaBoBXPkCBfAROAea
Behavioral task
behavioral1
Sample
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5.apk
Resource
android-x86-arm-20240514-en
Behavioral task
behavioral2
Sample
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5.apk
Resource
android-x64-20240514-en
Behavioral task
behavioral3
Sample
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5.apk
Resource
android-x64-arm64-20240514-en
Malware Config
Extracted
spynote
0.tcp.eu.ngrok.io:10164
Targets
-
-
Target
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5.bin
-
Size
4.8MB
-
MD5
971dfeaaf810b187ca84623bc169b042
-
SHA1
4490e9d822e3b5a456bb72211cba03e3b5008df8
-
SHA256
3bfeffcfa2bb9489512d39f79dbb36e6bed6bf86ee99b60d00071e500e7db8d5
-
SHA512
81dc7a55c57f3c52f293a571fbed2c3153fc0ce52c5d4ef45978667dd7644bc25a7c9d63383fbe04d8956d3131b28b090c925a29b5a743d96aba492f694043f1
-
SSDEEP
98304:AVWwF40kRtLc1HxXoCm0B55Xz5aRsBoBXPo1CBmoANXOAeXK:fi4ntG1rh5DwaBoBXPkCBfAROAea
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-