Overview

overview

10

Static

static

10

ready.apk

android-11-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ready.apk

  • Size

    1.9MB

  • Sample

    230602-r3wsescc9v

  • MD5

    edc1646ddebd3bdbd7dca3b80913faae

  • SHA1

    4f774147b1009f6764e7f9c30d994e1dfc8f7e55

  • SHA256

    b1e5506a3c6a52587706008a65d51f0b491f67bc68113b17b26c95a0e6da4bf4

  • SHA512

    ac603211ce99fe20f852f4d8e993c32e324714d6eec5b200067660087f114c8ecad367c7a1d98287e60c414ea2ee840e91e3076c23c5e6b8fb3cfd41c605ebd0

  • SSDEEP

    6144:D5vml79E1OTCnqdo76vZ/86hqwlyL0WeXLhuhmjcvCT7i6ifUz4hQwVDavSGwvOi:dvm8uCXulqLJGLhiXq4scavnwBdLn3

Score
10/10
spynoteandroidbankerevasion

Malware Config

Extracted

Family

spynote

C2

soon-lp.at.ply.gg:17209

Targets

    • Target

      ready.apk

    • Size

      1.9MB

    • MD5

      edc1646ddebd3bdbd7dca3b80913faae

    • SHA1

      4f774147b1009f6764e7f9c30d994e1dfc8f7e55

    • SHA256

      b1e5506a3c6a52587706008a65d51f0b491f67bc68113b17b26c95a0e6da4bf4

    • SHA512

      ac603211ce99fe20f852f4d8e993c32e324714d6eec5b200067660087f114c8ecad367c7a1d98287e60c414ea2ee840e91e3076c23c5e6b8fb3cfd41c605ebd0

    • SSDEEP

      6144:D5vml79E1OTCnqdo76vZ/86hqwlyL0WeXLhuhmjcvCT7i6ifUz4hQwVDavSGwvOi:dvm8uCXulqLJGLhiXq4scavnwBdLn3

    Score
    8/10
    bankerevasion

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks