spynote | aded0ef22fda0def4e8fccb01872011400e81cb711c252d5abacd5183af04587 | Triage

Submit
Reports

Overview

overview

Static

static

ready.apk

android-10-x64

8

Sharing

General

Target

ready.apk
Size

6.2MB
Sample

230912-tkvhrage95
MD5

1ec62e5e389ae55606d92253c48d5002
SHA1

a273ca387af394b90ad1a87d26274eab965e0d4f
SHA256

aded0ef22fda0def4e8fccb01872011400e81cb711c252d5abacd5183af04587
SHA512

574f2e53bc75763ce1d82879435c3a521c28aaa4a954f4c07fc504e06bfbb577182a9141b960c0943f6c1043fe90ff22b09396e706a3554219b8ffd240c74238
SSDEEP

12288:xMEVsEkJH1T/HpkEKOgu5t3CzVwE/dchPBNfHQQiIH6rwvQgdV8/WqBnNscI/Hn2:wZPpOx5VwVQ/IH6rwlV8NzKHnUzLb3

Score

10^/10

spynote android banker evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ready.apk

Resource

android-x64-20230831-en

android-10-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Targets

- Target
  
  ready.apk
- Size
  
  6.2MB
- MD5
  
  1ec62e5e389ae55606d92253c48d5002
- SHA1
  
  a273ca387af394b90ad1a87d26274eab965e0d4f
- SHA256
  
  aded0ef22fda0def4e8fccb01872011400e81cb711c252d5abacd5183af04587
- SHA512
  
  574f2e53bc75763ce1d82879435c3a521c28aaa4a954f4c07fc504e06bfbb577182a9141b960c0943f6c1043fe90ff22b09396e706a3554219b8ffd240c74238
- SSDEEP
  
  12288:xMEVsEkJH1T/HpkEKOgu5t3CzVwE/dchPBNfHQQiIH6rwvQgdV8/WqBnNscI/Hn2:wZPpOx5VwVQ/IH6rwlV8NzKHnUzLb3
Score

8^/10

banker evasion
- Makes use of the framework's Accessibility service.
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy