General
-
Target
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9.bin
-
Size
750KB
-
Sample
240712-1zdl4sscjq
-
MD5
d5c424341ebf895a29bd402b3749a5bf
-
SHA1
3188c817fc141ad91ebf089efca1556c33026569
-
SHA256
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9
-
SHA512
a060aadc178e01f506cc0d2d4be536f6a8b7c1ce680922e079e7135e15aa6613a16d6f8cbe54717be1b9b325dcdda54bcb0d6c6af9d8c6d044466bcc90272ae7
-
SSDEEP
12288:N8xzyRa1a8LrenJLzQsq5WmpYshXZPbGwidNpgj:N8xzya1a2en5zQsq5WmD9idNpw
Behavioral task
behavioral1
Sample
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
0.tcp.ngrok.io:4447
Targets
-
-
Target
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9.bin
-
Size
750KB
-
MD5
d5c424341ebf895a29bd402b3749a5bf
-
SHA1
3188c817fc141ad91ebf089efca1556c33026569
-
SHA256
ecffd24b74eac797eea22e1a658231b14d65ded39bfb1dd9998875d47eef7bc9
-
SHA512
a060aadc178e01f506cc0d2d4be536f6a8b7c1ce680922e079e7135e15aa6613a16d6f8cbe54717be1b9b325dcdda54bcb0d6c6af9d8c6d044466bcc90272ae7
-
SSDEEP
12288:N8xzyRa1a8LrenJLzQsq5WmpYshXZPbGwidNpgj:N8xzya1a2en5zQsq5WmD9idNpw
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-