General

  • Target

    0a4e945931d08280f99dcce9e4005d45ef9cb5b4308acc8670d52ebf4448204a.bin

  • Size

    4.0MB

  • Sample

    241228-1x4qhstkdk

  • MD5

    9aff3845c8aa8d8bd87c49fbeac44a06

  • SHA1

    c0d449d138844ed52b60ab4a51130e9d039533b8

  • SHA256

    0a4e945931d08280f99dcce9e4005d45ef9cb5b4308acc8670d52ebf4448204a

  • SHA512

    6d9e2694e52a4eed509ccef7fa4e1a7b8c25e8abfcaa0cfb493fa03905f8e9b18db627b723dda6010922922ef809d7f799132ffcc383d6bd449648b38e12ddee

  • SSDEEP

    49152:K3qz6OIvZmkOwyzLK8pWhkadRYliusVN7SdBgLCrEW9kBaWwFdhG:K++m1mkadWliYBgLCrEW92aWwFdhG

Malware Config

Extracted

Family

spyagent

C2

https://www.moyizz.info:5000/upload/

wss://www.moyizz.info:8765

Targets

    • Target

      0a4e945931d08280f99dcce9e4005d45ef9cb5b4308acc8670d52ebf4448204a.bin

    • Size

      4.0MB

    • MD5

      9aff3845c8aa8d8bd87c49fbeac44a06

    • SHA1

      c0d449d138844ed52b60ab4a51130e9d039533b8

    • SHA256

      0a4e945931d08280f99dcce9e4005d45ef9cb5b4308acc8670d52ebf4448204a

    • SHA512

      6d9e2694e52a4eed509ccef7fa4e1a7b8c25e8abfcaa0cfb493fa03905f8e9b18db627b723dda6010922922ef809d7f799132ffcc383d6bd449648b38e12ddee

    • SSDEEP

      49152:K3qz6OIvZmkOwyzLK8pWhkadRYliusVN7SdBgLCrEW9kBaWwFdhG:K++m1mkadWliYBgLCrEW92aWwFdhG

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Queries the mobile country code (MCC)

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Mobile v15

Tasks