Overview

overview

10

Static

static

10

2b401f3855...1e.apk

android-9-x86

8

2b401f3855...1e.apk

android-10-x64

8

2b401f3855...1e.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b401f38554899160699f3549d69831e.bin

  • Size

    3.8MB

  • Sample

    230923-bnwwwabd2t

  • MD5

    2b401f38554899160699f3549d69831e

  • SHA1

    e68851a19b418694a8c87b0c29c8e0b1d35558ed

  • SHA256

    98ee5c778e270258608a58d7cfd591652a3ecc9a803b9d61af254bd5c06422b5

  • SHA512

    252d83b473b0b71e45752c0371c68f9b1ed8e7237761afa68d6cec768f339fc68f2c8b55e12cbb4c8a3217311303fd4fae5899ff4a3f73d3ec5b11592e6a5168

  • SSDEEP

    98304:+avorTaYVjB5kyefWRTnSrg9BymzAzBnTc0tw8l0Kf:+02OYVEy5Rmrg79zAv1

Score
10/10
spynoteandroidevasion

Malware Config

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Targets

    • Target

      2b401f38554899160699f3549d69831e.bin

    • Size

      3.8MB

    • MD5

      2b401f38554899160699f3549d69831e

    • SHA1

      e68851a19b418694a8c87b0c29c8e0b1d35558ed

    • SHA256

      98ee5c778e270258608a58d7cfd591652a3ecc9a803b9d61af254bd5c06422b5

    • SHA512

      252d83b473b0b71e45752c0371c68f9b1ed8e7237761afa68d6cec768f339fc68f2c8b55e12cbb4c8a3217311303fd4fae5899ff4a3f73d3ec5b11592e6a5168

    • SSDEEP

      98304:+avorTaYVjB5kyefWRTnSrg9BymzAzBnTc0tw8l0Kf:+02OYVEy5Rmrg79zAv1

    Score
    8/10
    evasion

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks