General
-
Target
6d8d0402b5b190c321bccedc7f910518d6c87f852c081b97cf6e24443550cdb2.bin
-
Size
777KB
-
Sample
250215-1xbdzaxjb1
-
MD5
89c0019307257f65e39a7950d2cdc99d
-
SHA1
d9f1b153be6b5723db46b08b4df4f72185699367
-
SHA256
6d8d0402b5b190c321bccedc7f910518d6c87f852c081b97cf6e24443550cdb2
-
SHA512
5a7a9826d6656970c9a9b820a825ac9da275ed57334f1e57280388a012ce279a99cb2be09abf53b77446ad9ec113ec44b9c5b2035c9ed1c503369ed09e64effa
-
SSDEEP
12288:H3YGxWJa1a8Lzeo56ZSQaSi5WmpYshXZPbGwidNpgHE6:XVWJa1ameo8ZSDSi5WmD9idNpwD
Malware Config
Extracted
spynote
left-councils.gl.at.ply.gg:42193
Targets
-
-
Target
6d8d0402b5b190c321bccedc7f910518d6c87f852c081b97cf6e24443550cdb2.bin
-
Size
777KB
-
MD5
89c0019307257f65e39a7950d2cdc99d
-
SHA1
d9f1b153be6b5723db46b08b4df4f72185699367
-
SHA256
6d8d0402b5b190c321bccedc7f910518d6c87f852c081b97cf6e24443550cdb2
-
SHA512
5a7a9826d6656970c9a9b820a825ac9da275ed57334f1e57280388a012ce279a99cb2be09abf53b77446ad9ec113ec44b9c5b2035c9ed1c503369ed09e64effa
-
SSDEEP
12288:H3YGxWJa1a8Lzeo56ZSQaSi5WmpYshXZPbGwidNpgHE6:XVWJa1ameo8ZSDSi5WmD9idNpwD
Score8/10-
Removes its main activity from the application launcher
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-