General
-
Target
apk007.apk
-
Size
697KB
-
Sample
241122-jx9s4axjd1
-
MD5
aa94c4b0113158cd93257478f100ba5d
-
SHA1
2c4a80a143c493b0f5ac2c4b71d80675c14d15cf
-
SHA256
dcc386bb765ad45626e67a775c569a8a0d95b50436fe0708361a3abbad023986
-
SHA512
4aa84c56830524a3df17a2831a5303d284e7fbd3b3ae8e5f7b144ab1103a2695483a89a77e5046b5ca82355b2992d8086b13b1d0751e3cd268caa00f849a68df
-
SSDEEP
12288:OeypaI0RHLVY4bDpYSaca9F64ze8MBrR/YusT3cgtN0Fdm26Rq219gJIp5wa:O6I01hhbLH4K5F/YHT3SFdm2GNeza
Behavioral task
behavioral1
Sample
apk007.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
apk007.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
apk007.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
spynote
kgb963.duckdns.org:9631
Extracted
spynote
kgb963.duckdns.org:9631
Targets
-
-
Target
apk007.apk
-
Size
697KB
-
MD5
aa94c4b0113158cd93257478f100ba5d
-
SHA1
2c4a80a143c493b0f5ac2c4b71d80675c14d15cf
-
SHA256
dcc386bb765ad45626e67a775c569a8a0d95b50436fe0708361a3abbad023986
-
SHA512
4aa84c56830524a3df17a2831a5303d284e7fbd3b3ae8e5f7b144ab1103a2695483a89a77e5046b5ca82355b2992d8086b13b1d0751e3cd268caa00f849a68df
-
SSDEEP
12288:OeypaI0RHLVY4bDpYSaca9F64ze8MBrR/YusT3cgtN0Fdm26Rq219gJIp5wa:O6I01hhbLH4K5F/YHT3SFdm2GNeza
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the mobile country code (MCC)
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Scheduled Task/Job
1Defense Evasion
Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1