General
-
Target
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d.bin
-
Size
1.6MB
-
Sample
240727-1xa37stgpd
-
MD5
8a1915010dc613819ff050f992bba0f1
-
SHA1
f3598ddff62b24c5f60854b96c3cc8a81baec359
-
SHA256
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d
-
SHA512
526d5af8af51b59cb69aa6a2cdd5cc67997b0e09acf456e27893e783cb87a5bc199e7dd972f6237830984f9ec62bd9b802e37e79ecc40905a75e56202e9789f9
-
SSDEEP
24576:cuBZR7qDsLcfhJUt49pE7oZc6HsfIHpWxNP4W75WmD9idNp8:JBZRisLcJ84g74c6qIJ4N3Wk0d/8
Behavioral task
behavioral1
Sample
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
calm-duck-46.telebit.io:6810
Targets
-
-
Target
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d.bin
-
Size
1.6MB
-
MD5
8a1915010dc613819ff050f992bba0f1
-
SHA1
f3598ddff62b24c5f60854b96c3cc8a81baec359
-
SHA256
cbaf60e7e53e9ec1a25eb3ec701581abe84748f82dabfbb8330f9c921f82b66d
-
SHA512
526d5af8af51b59cb69aa6a2cdd5cc67997b0e09acf456e27893e783cb87a5bc199e7dd972f6237830984f9ec62bd9b802e37e79ecc40905a75e56202e9789f9
-
SSDEEP
24576:cuBZR7qDsLcfhJUt49pE7oZc6HsfIHpWxNP4W75WmD9idNp8:JBZRisLcJ84g74c6qIJ4N3Wk0d/8
Score7/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-