General
-
Target
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70.bin
-
Size
760KB
-
Sample
240710-11dnhavema
-
MD5
d4b063c860fe316ce49f9514e26911d5
-
SHA1
3fb93f43e3b3c3e7c26c24c529691b26e51ff8e3
-
SHA256
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70
-
SHA512
38fe61b7338f766350b06a40988932738704047d21b360aca06f2ea1d30ebafabc93a8a423a944afd889a9a0b9e9ed24393f6fe83e394a5963f785b0fb3e4330
-
SSDEEP
12288:WtUroa1a8LVeNRdkfk7YAO5WmpYshXZPbGwidNpgO:WGMa1aKeN8fuYAO5WmD9idNpl
Behavioral task
behavioral1
Sample
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
es1.localto.net:3839
Targets
-
-
Target
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70.bin
-
Size
760KB
-
MD5
d4b063c860fe316ce49f9514e26911d5
-
SHA1
3fb93f43e3b3c3e7c26c24c529691b26e51ff8e3
-
SHA256
2b7c0c172d56808966127f0052b8ad39d64f14c860690f13e83122c7f1a7ca70
-
SHA512
38fe61b7338f766350b06a40988932738704047d21b360aca06f2ea1d30ebafabc93a8a423a944afd889a9a0b9e9ed24393f6fe83e394a5963f785b0fb3e4330
-
SSDEEP
12288:WtUroa1a8LVeNRdkfk7YAO5WmpYshXZPbGwidNpgO:WGMa1aKeN8fuYAO5WmD9idNpl
Score7/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-