General
-
Target
f9fb055a022628994fcc549c0cc32ea2.apk
-
Size
4.3MB
-
Sample
240729-h46vcasdrf
-
MD5
f9fb055a022628994fcc549c0cc32ea2
-
SHA1
13943a4877a692807e95c004647b9f5095d12996
-
SHA256
9e2d3949da8f9ba04cc843d1b8770eefac3dac18705b8474604fce105f2bf72b
-
SHA512
123ef888305582fbf026582cd9588e03c839b1024b98d03402c0284144c5f727b1c3a0976cb743871cea28964fb9e55df74ebdc0b36b0bf899b8d5085ba12f47
-
SSDEEP
98304:guPGvvuJQhJJ0bqAjDUegSR3pdTCL+prpve8A2doKY8rRV:gu4vLfObuegSRnTCL+prdfddoKb
Static task
static1
Behavioral task
behavioral1
Sample
f9fb055a022628994fcc549c0cc32ea2.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
f9fb055a022628994fcc549c0cc32ea2.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
f9fb055a022628994fcc549c0cc32ea2.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
f9fb055a022628994fcc549c0cc32ea2.apk
-
Size
4.3MB
-
MD5
f9fb055a022628994fcc549c0cc32ea2
-
SHA1
13943a4877a692807e95c004647b9f5095d12996
-
SHA256
9e2d3949da8f9ba04cc843d1b8770eefac3dac18705b8474604fce105f2bf72b
-
SHA512
123ef888305582fbf026582cd9588e03c839b1024b98d03402c0284144c5f727b1c3a0976cb743871cea28964fb9e55df74ebdc0b36b0bf899b8d5085ba12f47
-
SSDEEP
98304:guPGvvuJQhJJ0bqAjDUegSR3pdTCL+prpve8A2doKY8rRV:gu4vLfObuegSRnTCL+prdfddoKb
-
Spynote payload
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Input Injection
1