Resubmissions

01-10-2024 07:11

241001-hz38na1cja 10

17-07-2024 14:21

240717-rpe8hsvarr 10

17-07-2024 14:16

240717-rlesksxeqg 10

General

  • Target

    kaspersky-aid.zip

  • Size

    3.6MB

  • MD5

    124a3499e3d12cef76bcb439981291f0

  • SHA1

    3ebd6fa388e717be4971fe6fe285d1cdb86d909d

  • SHA256

    ade4e9a428d4c9fd1c1ac4eba0cb0f3d2c84aed19a3cefec01a99faa0ff8cc02

  • SHA512

    9579231f239e85cbba44cb37dff85df16524b7d74c13ef5afc5b1c974c3d3035225230007f9404fe73d596c54b5d3d5fbf0c71a9b66064a4370567b53a26abf1

  • SSDEEP

    49152:5ftea/ZQDEqa5I1cHz81ERuQJmbIFNnjuA/jqTHAsEuH0gRhfDOEA/5Tt5/x363H:cs5A1ERuumMNjEHTE/gRBot58pN4g

Score
10/10

Malware Config

Signatures

  • Spynote family
  • Spynote payload 1 IoCs
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • kaspersky-aid.zip
    .zip

    Password: 123qwe$

  • kaspersky.apk
    .apk android

    Password: 123qwe$

    com.jersey.fisheries

    com.jersey.gybbpabtniopoetzeacrkmlxdhuvgpvnwtahmsaxmtnaltfrgf2.MainActivity