Overview

overview

10

Static

static

10

153434bdaa...8c.apk

android-10-x64

8

153434bdaa...8c.apk

android-11-x64

8

153434bdaa...8c.apk

android-9-x86

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    153434bdaae0d393d230f98ea0d8d6e60662c9959335c75053c9243fafeab88c.apk

  • Size

    644KB

  • Sample

    231013-pmspqahe5y

  • MD5

    71fc05a283a923409354a5774d435138

  • SHA1

    1fa246661cc5022d846f004d4df019815ce3e1af

  • SHA256

    153434bdaae0d393d230f98ea0d8d6e60662c9959335c75053c9243fafeab88c

  • SHA512

    7bbda4331cabd32daffd5feddb42e3b8aa422e729ed0e5fc40e495f6ec896cdd08ff2b1a30f9502ece60e4e8325556c9cda9c1e92a2f8296a34781bc4bcb970f

  • SSDEEP

    12288:S94OkZenOgTO62vmOHvX2rB7zXLs/qjG30gbsPvZYdnbls/:S94jToO62OkIZz7s/qjG3gMblq

Score
10/10
spynoteandroidevasionstealthtrojan

Malware Config

Extracted

Family

spynote

C2

vipscelulares-35394.portmap.host:35394

Targets

    • Target

      153434bdaae0d393d230f98ea0d8d6e60662c9959335c75053c9243fafeab88c.apk

    • Size

      644KB

    • MD5

      71fc05a283a923409354a5774d435138

    • SHA1

      1fa246661cc5022d846f004d4df019815ce3e1af

    • SHA256

      153434bdaae0d393d230f98ea0d8d6e60662c9959335c75053c9243fafeab88c

    • SHA512

      7bbda4331cabd32daffd5feddb42e3b8aa422e729ed0e5fc40e495f6ec896cdd08ff2b1a30f9502ece60e4e8325556c9cda9c1e92a2f8296a34781bc4bcb970f

    • SSDEEP

      12288:S94OkZenOgTO62vmOHvX2rB7zXLs/qjG30gbsPvZYdnbls/:S94jToO62OkIZz7s/qjG3gMblq

    Score
    8/10
    evasionstealthtrojan

    • Makes use of the framework's Accessibility service.

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks