General

  • Target

    FluxusGoldV7.5.apk

  • Size

    57.3MB

  • Sample

    240715-pm8e6stend

  • MD5

    ddad702e1a6f1f1528203a681a1b2223

  • SHA1

    a5c9fb18432a19d0a403dd443aa6d233652d1e3b

  • SHA256

    f24ebec71b9e605edd8713ec457963f09ea7c64b289251d2f02e9b5134213c43

  • SHA512

    d5cc345d948b26a6aa2f77faaf85e1fd069e7e3ef8257f1c9970ac4f10330d481e89e6b1e8736dca8a97d73daa0eacb3c1d5b5b00992302636e6eb65d790e9ca

  • SSDEEP

    98304:D/0O7Ujwpt1EU7aswfKccGeUO1DImmzvzBITZ0tss:DcsyatuU72PcGed1DEzG2x

Malware Config

Extracted

Family

spynote

C2

192.168.1.10:7771

Targets

    • Target

      FluxusGoldV7.5.apk

    • Size

      57.3MB

    • MD5

      ddad702e1a6f1f1528203a681a1b2223

    • SHA1

      a5c9fb18432a19d0a403dd443aa6d233652d1e3b

    • SHA256

      f24ebec71b9e605edd8713ec457963f09ea7c64b289251d2f02e9b5134213c43

    • SHA512

      d5cc345d948b26a6aa2f77faaf85e1fd069e7e3ef8257f1c9970ac4f10330d481e89e6b1e8736dca8a97d73daa0eacb3c1d5b5b00992302636e6eb65d790e9ca

    • SSDEEP

      98304:D/0O7Ujwpt1EU7aswfKccGeUO1DImmzvzBITZ0tss:DcsyatuU72PcGed1DEzG2x

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

MITRE ATT&CK Mobile v15

Tasks