General
-
Target
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09.bin
-
Size
760KB
-
Sample
250106-1zlbyszlgx
-
MD5
a14b6eef72ad42a3db32fa3f8d29bc71
-
SHA1
8f3cbc4c16a8c1b00678e5c3c51e53c17e3f958e
-
SHA256
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09
-
SHA512
36c14cf2ab4c44bef8fd85fa532801d8eb6ddc469d6e3fb99e8f89347079adede7e6e64cf0b8925904b503f2bf7f52a2b73b5f3bbf4f53f4c5a5b38cd80d30f9
-
SSDEEP
12288:drOGBMGOBa1a8LdemPUHEQXJd5WmpYshXZPbGwidNpg5m:dqGBua1a6em2EsJd5WmD9idNpP
Behavioral task
behavioral1
Sample
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Extracted
spynote
0.tcp.ngrok.io:14051
Targets
-
-
Target
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09.bin
-
Size
760KB
-
MD5
a14b6eef72ad42a3db32fa3f8d29bc71
-
SHA1
8f3cbc4c16a8c1b00678e5c3c51e53c17e3f958e
-
SHA256
db967abfd710040e812701ddafd05bfc0de07fcdb19641ce424b06f9dabccd09
-
SHA512
36c14cf2ab4c44bef8fd85fa532801d8eb6ddc469d6e3fb99e8f89347079adede7e6e64cf0b8925904b503f2bf7f52a2b73b5f3bbf4f53f4c5a5b38cd80d30f9
-
SSDEEP
12288:drOGBMGOBa1a8LdemPUHEQXJd5WmpYshXZPbGwidNpg5m:dqGBua1a6em2EsJd5WmD9idNpP
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests enabling of the accessibility settings.
-
Tries to add a device administrator.
-