General

  • Target

    ef37672b2f7594b56baf63c90c155ee32f4e2fd74116824ea6a5e1579dda4af8

  • Size

    26KB

  • MD5

    9c79a587d849d97788da8dc1986a335e

  • SHA1

    a4b459742747c1ba43171f723945220b6d1789df

  • SHA256

    ef37672b2f7594b56baf63c90c155ee32f4e2fd74116824ea6a5e1579dda4af8

  • SHA512

    42ee888309a76fef9c656ba270c13ef80e567f53334657ed162c878291ddd7a94462aea2039d68f39a046ba2da7fdb2f2d0ac58c93979e3d6051c0b5a2fa0c87

  • SSDEEP

    768:6Bqrg5CIqG5Xw6hisvqsmf+3Z5w1Vs0RX5s87m:aqrgQIL1whsDmf+3ZUVs0RXU

Score
10/10

Malware Config

Extracted

Family

spymax

C2

[SPY_MAX_IP]:[SPY_MAX_PORT]

Signatures

  • Spymax family
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 16 IoCs

Files

  • ef37672b2f7594b56baf63c90c155ee32f4e2fd74116824ea6a5e1579dda4af8
    .zip

    Password: infected

  • cde47bed5ec83e29f6455ec35228c3f56d488393668f5b720b79fcd6cb3bc098.apk
    .apk android

    spymax.stub7.suffix

    spymax.stub7.ClassGen9