General
-
Target
output.rar
-
Size
2.8MB
-
Sample
240601-ar15bsbg85
-
MD5
da133c66547b687674f2d27271963507
-
SHA1
61e4c735e2a53429a45480d0d1d8983179802ba9
-
SHA256
a068e05a194c1e6088a3c003d0fc7049ea148e0d6ce091a4f1456b22f96cb396
-
SHA512
60f2bbeed3a725e48b77d5d5223e76ff6831df1176e51ffb93da9bf91ab7e797c0066b937159bc7b524eec898dfa71dcc64df774431ed9c952e78fd81a66201a
-
SSDEEP
49152:zN4iVIZnjzCXmfJWj1H7oz+fGgeLh++kM7vgnkd3Q3/fPJWRqIcvOh9qCR:eiaZQmfJ2JS1TkM7vld3QnPJWUIcWhkO
Behavioral task
behavioral1
Sample
info.inf
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral2
Sample
ready.apk
Resource
android-33-x64-arm64-20240514-en
Behavioral task
behavioral3
Sample
ready.apk.idsig
Resource
android-33-x64-arm64-20240514-en
Malware Config
Extracted
spynote
Name1442-57023.portmap.host:57023
Targets
-
-
Target
info.inf
-
Size
88B
-
MD5
c9f0ed4b5362a594482c05eb9d8105dd
-
SHA1
59bdf8ffb3921d5c54cf79ace408423611c70b46
-
SHA256
934dbff5677908fe284da51a268e08c44782d643471dfd1c4494c543e7eaf626
-
SHA512
5415edd94b41cfd0e282673448f5deb07302d654104e6ea47f1d03909b5984040608cf687a54299217d2c4bc8c63c778be2cd21cc60cebff7874e0751d64a685
Score1/10 -
-
-
Target
ready.apk
-
Size
8.5MB
-
MD5
fc3a7c6b0875d53c5da601e6c2ed321e
-
SHA1
19b3ed756c3bc4cc5e118c15eeb9a5a764db20eb
-
SHA256
6ade3f4be44a003ab964a5814e8b9ddb9c33431906383263a936382011978664
-
SHA512
973c0892067f85dca9f0e6064c811f72e817beec804116f4ca528a2b6d7151a620308aff694f414e9731b28ee2736753d4ad2671bdf2a0f1f2827f553433af6a
-
SSDEEP
98304:clYQZdxkkZ8r5Au0EEPkMSmzjzBITu0t8o:cOQnHZ8tUhz6Vl
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Requests enabling of the accessibility settings.
-
Acquires the wake lock
-
Checks if the internet connection is available
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Schedules tasks to execute at a specified time
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
-
-
-
Target
ready.apk.idsig
-
Size
77KB
-
MD5
d75fbfde3fad363c1d4651147be24be3
-
SHA1
9e8fbad9c6412b3b12a8b1b2965f30f71790a874
-
SHA256
ae1e7719cc22e7b59364b5335c6f57ee24e37d4abf4ffbded1c7733dc2596dfe
-
SHA512
b083a45fbe5775bfe3e7824816adbbb5f6495350d782f04114425bc42119f05b2e77945f3cb7c868712eca5f1236acb007ddb70231eac50ea1a7be20e1e79ff0
-
SSDEEP
768:SHHYG6dPRN1/YYOqELUp7EDjn8S52fCz8qxPZCg2:SrwhYbqL7EDjv52fxqxPh
Score1/10 -