General
-
Target
ready.apk
-
Size
6.3MB
-
Sample
240714-wp9jks1fnq
-
MD5
5889f60c8bd7d908fa431ab59cc72942
-
SHA1
80c916fc2c86ca20efac6e7db17faf76cb3e03ba
-
SHA256
909d7c832f734e3ab267f31b1d2416c694e137d661c3b1fef8ce5d2a0d6f7b57
-
SHA512
bc28122894bdb49ceae5a06a6a44786e0fba792028c3c40d53a1129a5a79a6ed8a98f43cab84bf3ad4693a4b6cbe28216b2a15fafde58a7c6fd0ea7ac9aeefb1
-
SSDEEP
98304:3Im16DEDPaNTkMFlE2XGxeci2QRLV5jDhN9cNGpFxLLTiYAsHwK:EEDC5jFNXGxe8mHPhN3p3WYnD
Behavioral task
behavioral1
Sample
ready.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ready.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ready.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
serveronlineopenvpnpro254-63936.portmap.host:63936
Extracted
spynote
serveronlineopenvpnpro254-63936.portmap.host:63936
Targets
-
-
Target
ready.apk
-
Size
6.3MB
-
MD5
5889f60c8bd7d908fa431ab59cc72942
-
SHA1
80c916fc2c86ca20efac6e7db17faf76cb3e03ba
-
SHA256
909d7c832f734e3ab267f31b1d2416c694e137d661c3b1fef8ce5d2a0d6f7b57
-
SHA512
bc28122894bdb49ceae5a06a6a44786e0fba792028c3c40d53a1129a5a79a6ed8a98f43cab84bf3ad4693a4b6cbe28216b2a15fafde58a7c6fd0ea7ac9aeefb1
-
SSDEEP
98304:3Im16DEDPaNTkMFlE2XGxeci2QRLV5jDhN9cNGpFxLLTiYAsHwK:EEDC5jFNXGxe8mHPhN3p3WYnD
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1