Overview

overview

10

Static

static

10

maygroups (1).apk

android-9-x86

8

maygroups (1).apk

android-10-x64

8

maygroups (1).apk

android-11-x64

8

Resubmissions

29-08-2023 04:54

230829-fjtceada9v 10

13-07-2023 03:45

230713-ea3daafc34 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    maygroups (1).apk

  • Size

    6.2MB

  • Sample

    230829-fjtceada9v

  • MD5

    2d467cc572fd3743b301ba9bd9f51f3c

  • SHA1

    bde9fe3077ea8b300fcde6014e0b7562eefdef64

  • SHA256

    2e60d4ef41b9ae80df7c081dc618d2e0cba8389dc9a94fc5d53bb435c49d3e9a

  • SHA512

    ac81c52847e86bd03adb612cc8a12f77b06184b8d3a3b2198a3f18089f4e93a4026fb5441ec55caf2d720ec3abafcedc1c49a15e2f7eba1b4d329147432e0bd6

  • SSDEEP

    24576:hTlj59FBFmmQ8MhvPiNon1JN9zYCAh0NaE1vL7imHoLXWRJm3h:VljV+mQ/vdrzYSZvRIomx

Score
10/10
spynoteandroidbankerevasion

Malware Config

Extracted

Family

spynote

C2

139.180.136.48:7771

Targets

    • Target

      maygroups (1).apk

    • Size

      6.2MB

    • MD5

      2d467cc572fd3743b301ba9bd9f51f3c

    • SHA1

      bde9fe3077ea8b300fcde6014e0b7562eefdef64

    • SHA256

      2e60d4ef41b9ae80df7c081dc618d2e0cba8389dc9a94fc5d53bb435c49d3e9a

    • SHA512

      ac81c52847e86bd03adb612cc8a12f77b06184b8d3a3b2198a3f18089f4e93a4026fb5441ec55caf2d720ec3abafcedc1c49a15e2f7eba1b4d329147432e0bd6

    • SSDEEP

      24576:hTlj59FBFmmQ8MhvPiNon1JN9zYCAh0NaE1vL7imHoLXWRJm3h:VljV+mQ/vdrzYSZvRIomx

    Score
    8/10
    bankerevasion

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks