General

  • Target

    caixa-seguranca.apk

  • Size

    2.3MB

  • Sample

    230328-vnn1tadg6v

  • MD5

    6cccdbdeebd632d249a7bae02da0249e

  • SHA1

    484cfc60994bc0df77b551def42d2abf7f50e9d6

  • SHA256

    37372577145b3ea6f039c51a719d0b91deaf35ceecce51ae3fd75a9c1eec7dec

  • SHA512

    c0081c1a4c145a81042022ecbb89d9c8d4e5c2a814252a41d74eea2c33dfedf8a66f273c0de730e475f1490f11bab651dc12028653ec820e5e050afdde44f893

  • SSDEEP

    24576:FbWivE8GTmbPvjkava4uGaUdqLvaIEiSNy:FnE8Gg7kaC4NdqLvgiH

Score
10/10

Malware Config

Extracted

Family

spynote

C2

1.tcp.sa.ngrok.io:26109

Targets

    • Target

      caixa-seguranca.apk

    • Size

      2.3MB

    • MD5

      6cccdbdeebd632d249a7bae02da0249e

    • SHA1

      484cfc60994bc0df77b551def42d2abf7f50e9d6

    • SHA256

      37372577145b3ea6f039c51a719d0b91deaf35ceecce51ae3fd75a9c1eec7dec

    • SHA512

      c0081c1a4c145a81042022ecbb89d9c8d4e5c2a814252a41d74eea2c33dfedf8a66f273c0de730e475f1490f11bab651dc12028653ec820e5e050afdde44f893

    • SSDEEP

      24576:FbWivE8GTmbPvjkava4uGaUdqLvaIEiSNy:FnE8Gg7kaC4NdqLvgiH

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks