Overview

overview

10

Static

static

10

Youtube Premium.apk

android-9-x86

8

Youtube Premium.apk

android-10-x64

8

Youtube Premium.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Youtube Premium.apk

  • Size

    3.8MB

  • Sample

    231013-ywjb3saa54

  • MD5

    97194fb03b9e7c2e2a719232e25fbbfa

  • SHA1

    ca18d3427b2ec208053d97168cc91e6a6ad2ee84

  • SHA256

    550c1214071e2584915b006ec7c38637f4059a3a0f8d89a0667d1c18a8ba7197

  • SHA512

    510df5569ca511d3e844b73aa7de7e4035a7ec4bbd3b327558585e326fae22dea316ef2b813f1a1cc8d83e9008047aeea4b057dc12e8737d8f7bff8b2fa562f3

  • SSDEEP

    98304:vXE1ld0MQKjWeUvMeFf694Y5cSmz7zBHTL0t0y3c:vXErdxOFfo4acdz90u

Score
10/10
spynoteandroidbankerevasion

Malware Config

Extracted

Family

spynote

C2

fee-harmful.gl.at.ply.gg:41934

Targets

    • Target

      Youtube Premium.apk

    • Size

      3.8MB

    • MD5

      97194fb03b9e7c2e2a719232e25fbbfa

    • SHA1

      ca18d3427b2ec208053d97168cc91e6a6ad2ee84

    • SHA256

      550c1214071e2584915b006ec7c38637f4059a3a0f8d89a0667d1c18a8ba7197

    • SHA512

      510df5569ca511d3e844b73aa7de7e4035a7ec4bbd3b327558585e326fae22dea316ef2b813f1a1cc8d83e9008047aeea4b057dc12e8737d8f7bff8b2fa562f3

    • SSDEEP

      98304:vXE1ld0MQKjWeUvMeFf694Y5cSmz7zBHTL0t0y3c:vXErdxOFfo4acdz90u

    Score
    8/10
    bankerevasion

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Acquires the wake lock.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks