Overview

overview

10

Static

static

10

ready.apk

android-9-x86

8

ready.apk

android-10-x64

8

ready.apk

android-11-x64

8

Resubmissions

11-09-2023 20:47

230911-zk26gsbd77 10

11-09-2023 20:47

230911-zktt4sba3s 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    10.7MB

  • Sample

    230911-zk26gsbd77

  • MD5

    a486ca3f722b1cff608c2c71ce78ab13

  • SHA1

    930affb485ed640adae66e61f8f71c00c79d9aca

  • SHA256

    d5223c601db560dd767fce18f791cbe67b8cbf832039c531411041caf598137f

  • SHA512

    c3f243694516a4158483e396c7c6138a27196738cfb4ff77b53aeab80b1eaf8f6e7d3f5ecb5a6825797ba295fa13af7aa575657781d8ea1ddc9e0a73e37df4e7

  • SSDEEP

    12288:9KWDfK0+VuOD1MNuCz33NsyaGpcahVN9nunH:RDSOcyNt3NsYcAN9EH

Score
10/10
spynoteandroidevasionstealthtrojan

Malware Config

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Targets

    • Target

      ready.apk

    • Size

      10.7MB

    • MD5

      a486ca3f722b1cff608c2c71ce78ab13

    • SHA1

      930affb485ed640adae66e61f8f71c00c79d9aca

    • SHA256

      d5223c601db560dd767fce18f791cbe67b8cbf832039c531411041caf598137f

    • SHA512

      c3f243694516a4158483e396c7c6138a27196738cfb4ff77b53aeab80b1eaf8f6e7d3f5ecb5a6825797ba295fa13af7aa575657781d8ea1ddc9e0a73e37df4e7

    • SSDEEP

      12288:9KWDfK0+VuOD1MNuCz33NsyaGpcahVN9nunH:RDSOcyNt3NsYcAN9EH

    Score
    8/10
    evasionstealthtrojan

    • Makes use of the framework's Accessibility service.

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks