General
-
Target
961b2cf905052a992b17be2a5377fb8957b0d2109782fe8850286b89f465c58a.bin
-
Size
850KB
-
Sample
241019-1z5qla1hlg
-
MD5
29389f6a8d866bdf426c8d09a2b30dca
-
SHA1
91e02d5f27f501055d797ad98cc456dfed4cede9
-
SHA256
961b2cf905052a992b17be2a5377fb8957b0d2109782fe8850286b89f465c58a
-
SHA512
beb2d1ed84c48e6c8c078465d0cd951ad56567508da56abcb6f784a55297cc616874239e570d4d63b6de305fe41ff3cbd6f0011ba58b4bbb366824d7a5f4cfed
-
SSDEEP
12288:xG0r4sHa1a8LreELpiXbgQs5WmpYshXZPbGwidNpgm:SsHa1a2eELEXbgQs5WmD9idNpJ
Malware Config
Extracted
spynote
domain-pleasant.gl.at.ply.gg:2420
Targets
-
-
Target
961b2cf905052a992b17be2a5377fb8957b0d2109782fe8850286b89f465c58a.bin
-
Size
850KB
-
MD5
29389f6a8d866bdf426c8d09a2b30dca
-
SHA1
91e02d5f27f501055d797ad98cc456dfed4cede9
-
SHA256
961b2cf905052a992b17be2a5377fb8957b0d2109782fe8850286b89f465c58a
-
SHA512
beb2d1ed84c48e6c8c078465d0cd951ad56567508da56abcb6f784a55297cc616874239e570d4d63b6de305fe41ff3cbd6f0011ba58b4bbb366824d7a5f4cfed
-
SSDEEP
12288:xG0r4sHa1a8LreELpiXbgQs5WmpYshXZPbGwidNpgm:SsHa1a2eELEXbgQs5WmD9idNpJ
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-