Overview

overview

10

Static

static

10

apkmody_3....ed.apk

android-10-x64

apkmody_3....ed.apk

android-11-x64

6

Resubmissions

18/07/2023, 14:15

230718-rkm3kabh5s 10

18/07/2023, 13:14

230718-qg4qgaaf32 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    apkmody_3.2.26_1 signed.apk

  • Size

    28.2MB

  • Sample

    230718-qg4qgaaf32

  • MD5

    1be49ddc38bffcaf1587d8277fe9175e

  • SHA1

    21ee5e95b2622c79e97ea39dca9f905a8c483377

  • SHA256

    a358a658fbd4d019138de774e4eba614694bfc7b76f2996a49527b562f48dd00

  • SHA512

    63f3d8e4e600dc84a863eb2b89fa8cc942891f8a5818409a83ae2c10bdebf643fc91a94a992cdf5b583597c38c8a0a666ce57c8712d21e4c0a1b1c1d31513d52

  • SSDEEP

    786432:e8rkwAq8gJV86D7tgy2J9ES8pidcPljCblObNB5+:eqk6K6D5gZJ9EfiSPxCbl8D5+

Score
10/10
spynoteandroidransomware

Malware Config

Extracted

Family

spynote

C2

soon-lp.at.ply.gg:17209

Targets

    • Target

      apkmody_3.2.26_1 signed.apk

    • Size

      28.2MB

    • MD5

      1be49ddc38bffcaf1587d8277fe9175e

    • SHA1

      21ee5e95b2622c79e97ea39dca9f905a8c483377

    • SHA256

      a358a658fbd4d019138de774e4eba614694bfc7b76f2996a49527b562f48dd00

    • SHA512

      63f3d8e4e600dc84a863eb2b89fa8cc942891f8a5818409a83ae2c10bdebf643fc91a94a992cdf5b583597c38c8a0a666ce57c8712d21e4c0a1b1c1d31513d52

    • SSDEEP

      786432:e8rkwAq8gJV86D7tgy2J9ES8pidcPljCblObNB5+:eqk6K6D5gZJ9EfiSPxCbl8D5+

    Score
    6/10
    ransomware

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks