Overview

overview

10

Static

static

10

Youtube Li...um.apk

android-10-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Youtube Lite Premium.apk

  • Size

    3.7MB

  • Sample

    230914-a7ma4sah83

  • MD5

    c1f84911c2769d6c7f70d874451aa79b

  • SHA1

    1b82ebb0fb5f30d4254086ba629b165dc0c460a8

  • SHA256

    3d7e75e7edc14082c043dc563164e4366822650e57af234a99bde69cdc354fa3

  • SHA512

    d408c08c59c20dfaa7c014d39a2b863fc4d2c5dfa06ce61be8245d649d1e2c5d689b2419ae3f3923da321eba063e06307b541b51647706a45365df3eb26227bc

  • SSDEEP

    49152:joVN3rWUJBXlQEwXZLadDr6TczB4oI0WmzOzdGGHQTOafUzYqR0cgQImrikc/Iy9:j/MXezpWdft94oI0WmzOzBwTM0tQI9f

Score
10/10
spynoteandroidbankerevasionstealthtrojan

Malware Config

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Targets

    • Target

      Youtube Lite Premium.apk

    • Size

      3.7MB

    • MD5

      c1f84911c2769d6c7f70d874451aa79b

    • SHA1

      1b82ebb0fb5f30d4254086ba629b165dc0c460a8

    • SHA256

      3d7e75e7edc14082c043dc563164e4366822650e57af234a99bde69cdc354fa3

    • SHA512

      d408c08c59c20dfaa7c014d39a2b863fc4d2c5dfa06ce61be8245d649d1e2c5d689b2419ae3f3923da321eba063e06307b541b51647706a45365df3eb26227bc

    • SSDEEP

      49152:joVN3rWUJBXlQEwXZLadDr6TczB4oI0WmzOzdGGHQTOafUzYqR0cgQImrikc/Iy9:j/MXezpWdft94oI0WmzOzBwTM0tQI9f

    Score
    8/10
    bankerevasionstealthtrojan

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks