General

  • Target

    16212f3930f3c8327ba9872acf626c3b

  • Size

    2.0MB

  • Sample

    230521-e6vnbaag8y

  • MD5

    16212f3930f3c8327ba9872acf626c3b

  • SHA1

    d0baa14c847f9effd4953be7dfe19e40f6001ec3

  • SHA256

    967557d5d230867011eeb79101830a722836ea1779f4755e3692e130420ff17c

  • SHA512

    47bb05fa73ce18e474833ebd91389ce086d5c6b8260282c1930a390a3522fe03d00ec429d7d5dabdcc5e50b9f5f0adbadd5c9c7d4f4668f31b024c12737dec4a

  • SSDEEP

    12288:D7Gvn8arxAcIkA6j+zzMN08oaYTJkvN+iTFbkUFnvXAH:2P8arxHvknMi8oaW6kivXAH

Score
10/10

Malware Config

Extracted

Family

spynote

C2

103.71.154.99:7771

Targets

    • Target

      16212f3930f3c8327ba9872acf626c3b

    • Size

      2.0MB

    • MD5

      16212f3930f3c8327ba9872acf626c3b

    • SHA1

      d0baa14c847f9effd4953be7dfe19e40f6001ec3

    • SHA256

      967557d5d230867011eeb79101830a722836ea1779f4755e3692e130420ff17c

    • SHA512

      47bb05fa73ce18e474833ebd91389ce086d5c6b8260282c1930a390a3522fe03d00ec429d7d5dabdcc5e50b9f5f0adbadd5c9c7d4f4668f31b024c12737dec4a

    • SSDEEP

      12288:D7Gvn8arxAcIkA6j+zzMN08oaYTJkvN+iTFbkUFnvXAH:2P8arxHvknMi8oaW6kivXAH

    Score
    8/10
    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks