spynote | d9b8dc8dd86bb98dc0d0b349df6ac20f5a0b6d485c1eac7aada73eb397000488 | Triage

Sharing

General

Target

0beffb2cefb8ff111179a8beab37a3ed.zip
Size

700KB
Sample

231020-ja8mhsgg63
MD5

0beffb2cefb8ff111179a8beab37a3ed
SHA1

b224b0d9115ab6fc496bc8c5b22a1a7d4f789b23
SHA256

d9b8dc8dd86bb98dc0d0b349df6ac20f5a0b6d485c1eac7aada73eb397000488
SHA512

97cad8c91679f5a2ea3184675c516b207f08b9b4c155f8a06f02f26e2ec8c07172d57a73b98e4b9f7654f1f87a1616263fc8dc51940d2fac8a2fe40c29634117
SSDEEP

12288:YtmcwOrKLKKO2DZdCfPF98wvusT3cgtN0FtQ6Rq21iQRg3CtWDhL:QmcndV2bCnowvHT3SFtQGNiQCVhL

Score

10^/10

spynote android evasion

Malware Config

Extracted

Family

spynote

C2

hacker.548848.xyz:2048

Targets

- Target
  
  0beffb2cefb8ff111179a8beab37a3ed.zip
- Size
  
  700KB
- MD5
  
  0beffb2cefb8ff111179a8beab37a3ed
- SHA1
  
  b224b0d9115ab6fc496bc8c5b22a1a7d4f789b23
- SHA256
  
  d9b8dc8dd86bb98dc0d0b349df6ac20f5a0b6d485c1eac7aada73eb397000488
- SHA512
  
  97cad8c91679f5a2ea3184675c516b207f08b9b4c155f8a06f02f26e2ec8c07172d57a73b98e4b9f7654f1f87a1616263fc8dc51940d2fac8a2fe40c29634117
- SSDEEP
  
  12288:YtmcwOrKLKKO2DZdCfPF98wvusT3cgtN0FtQ6Rq21iQRg3CtWDhL:QmcndV2bCnowvHT3SFtQGNiQCVhL
Score

8^/10

evasion
- Makes use of the framework's Accessibility service.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3