General
-
Target
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b.bin
-
Size
889KB
-
Sample
240714-1yccnaxcjd
-
MD5
be63cbb6e56c74e7cb739d8964d841c2
-
SHA1
ff1bae5c7636e02fd0befdf225601c68af11bb4b
-
SHA256
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b
-
SHA512
d03781c3528437e97d162e056a14d39ef6bc2a12366af940290db52fa7e2912b1a000d848f753789302bfa60f151a9342c6f7f3ad906e225e19e1bc89d8b9fc5
-
SSDEEP
12288:wepE9a1a8LVe5b8lHvQ/LM3GO5wP5WmpYshXZPbGwidNpgKU:BE9a1aKe5b8NvEw2O5wP5WmD9idNprU
Behavioral task
behavioral1
Sample
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
0.tcp.ngrok.io:14051
Targets
-
-
Target
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b.bin
-
Size
889KB
-
MD5
be63cbb6e56c74e7cb739d8964d841c2
-
SHA1
ff1bae5c7636e02fd0befdf225601c68af11bb4b
-
SHA256
2bd0ef79a9869ab1e15b2840751a91df71c65adb859c1a120c31cd44c7694a3b
-
SHA512
d03781c3528437e97d162e056a14d39ef6bc2a12366af940290db52fa7e2912b1a000d848f753789302bfa60f151a9342c6f7f3ad906e225e19e1bc89d8b9fc5
-
SSDEEP
12288:wepE9a1a8LVe5b8lHvQ/LM3GO5wP5WmpYshXZPbGwidNpgKU:BE9a1aKe5b8NvEw2O5wP5WmD9idNprU
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-