Overview

overview

10

Static

static

10

Grab And GO v4.6.apk

android-9-x86

8

Grab And GO v4.6.apk

android-10-x64

7

Grab And GO v4.6.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Grab And GO v4.6.apk

  • Size

    10.9MB

  • Sample

    230806-p43k9abf8z

  • MD5

    2f72c17d21872b95dbc035b12aed5518

  • SHA1

    a08625550e21f2f813ed620a008eea8c682d7d17

  • SHA256

    68cd54d1fb7f8928cc8b4477177c0c050e1f84ea48a322bf651caaf21f7fe112

  • SHA512

    596af59c3a767850cfd4442971e9bcb2b84eb302b45c1c740c5f762e50e76d1750647b61686c9f6027bdb84acd432edb27b82d07e79cb1d778c6b50fcac17e68

  • SSDEEP

    24576:K/9gunoSDh4QtfyQe7BzevuU1+lkSoSMuc:NUoSDaSywVukSoN

Score
10/10
spynoteandroidbankerevasion

Malware Config

Extracted

Family

spynote

C2

175.41.21.44:2251

Targets

    • Target

      Grab And GO v4.6.apk

    • Size

      10.9MB

    • MD5

      2f72c17d21872b95dbc035b12aed5518

    • SHA1

      a08625550e21f2f813ed620a008eea8c682d7d17

    • SHA256

      68cd54d1fb7f8928cc8b4477177c0c050e1f84ea48a322bf651caaf21f7fe112

    • SHA512

      596af59c3a767850cfd4442971e9bcb2b84eb302b45c1c740c5f762e50e76d1750647b61686c9f6027bdb84acd432edb27b82d07e79cb1d778c6b50fcac17e68

    • SSDEEP

      24576:K/9gunoSDh4QtfyQe7BzevuU1+lkSoSMuc:NUoSDaSywVukSoN

    Score
    8/10
    bankerevasion

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks