General
-
Target
d85bf3d25944faee6ec2328d5971de9de6e6c459477aee0d6bb8675f7fb039eb.bin
-
Size
760KB
-
Sample
241026-1zrhzaxqcw
-
MD5
380d7ad659b42a1ebf3a16ea472518a1
-
SHA1
af37ff609dbba05ff6a928cb4a53ccf912ad2ff6
-
SHA256
d85bf3d25944faee6ec2328d5971de9de6e6c459477aee0d6bb8675f7fb039eb
-
SHA512
7f0f1d10fdafecd4988e1472832c6b7b1e7227e72d7e66d5db7ad1f1854a25e2313195af97a7ee4ddbed92d02189992c78989c713268e9f7f8965f6ad58168e6
-
SSDEEP
12288:T1bnCKa1a8LVeZP1lVmC85WmpYshXZPbGwidNpgJ:T1ra1aKeZPVmC85WmD9idNpe
Malware Config
Extracted
spynote
41.98.88.73:14051
Targets
-
-
Target
d85bf3d25944faee6ec2328d5971de9de6e6c459477aee0d6bb8675f7fb039eb.bin
-
Size
760KB
-
MD5
380d7ad659b42a1ebf3a16ea472518a1
-
SHA1
af37ff609dbba05ff6a928cb4a53ccf912ad2ff6
-
SHA256
d85bf3d25944faee6ec2328d5971de9de6e6c459477aee0d6bb8675f7fb039eb
-
SHA512
7f0f1d10fdafecd4988e1472832c6b7b1e7227e72d7e66d5db7ad1f1854a25e2313195af97a7ee4ddbed92d02189992c78989c713268e9f7f8965f6ad58168e6
-
SSDEEP
12288:T1bnCKa1a8LVeZP1lVmC85WmpYshXZPbGwidNpgJ:T1ra1aKeZPVmC85WmD9idNpe
Score7/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-