spynote | 32917ebe14deabedd5aa3b2ee414cc94cfc5683480039a197d97d461ce0705ad | Triage

Submit
Reports

Overview

overview

Static

static

HealthHub.apk

android-9-x86

8

HealthHub.apk

android-10-x64

8

HealthHub.apk

android-11-x64

8

Sharing

General

Target

HealthHub.apk
Size

7.4MB
Sample

230905-b8w3dach89
MD5

45e28c0022330f469054064b1f29b012
SHA1

2a89bb1f379d8ae7ae6bee10797e38290dcc81a5
SHA256

32917ebe14deabedd5aa3b2ee414cc94cfc5683480039a197d97d461ce0705ad
SHA512

e4d37458d8e28706fc397af54b2c8ba23db2be0c1fa2581a2fc16ab26fad9ca101a1060d3c0cab18143612f5198f628988bf0a41c2f7a06afbb90f78a37e19f1
SSDEEP

49152:1OVif9PKhmWXF9fmzbzdGGzQTORQ6UaYqk0cgErVOV:eiVigGF9fmzbzB0TiW0tEpU

Score

10^/10

spynote android evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

HealthHub.apk

Resource

android-x86-arm-20230831-en

android-9-x86

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

HealthHub.apk

Resource

android-x64-20230831-en

android-10-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

HealthHub.apk

Resource

android-x64-arm64-20230831-en

android-11-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

spynote

C2

8.222.195.88:7771

Targets

- Target
  
  HealthHub.apk
- Size
  
  7.4MB
- MD5
  
  45e28c0022330f469054064b1f29b012
- SHA1
  
  2a89bb1f379d8ae7ae6bee10797e38290dcc81a5
- SHA256
  
  32917ebe14deabedd5aa3b2ee414cc94cfc5683480039a197d97d461ce0705ad
- SHA512
  
  e4d37458d8e28706fc397af54b2c8ba23db2be0c1fa2581a2fc16ab26fad9ca101a1060d3c0cab18143612f5198f628988bf0a41c2f7a06afbb90f78a37e19f1
- SSDEEP
  
  49152:1OVif9PKhmWXF9fmzbzdGGzQTORQ6UaYqk0cgErVOV:eiVigGF9fmzbzB0TiW0tEpU
Score

8^/10

evasion
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2024

Terms | Privacy