Overview

overview

10

Static

static

10

33762e329f...1d.apk

android-9-x86

8

33762e329f...1d.apk

android-10-x64

8

33762e329f...1d.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33762e329fef21330c362235b73db11d.apk

  • Size

    10.2MB

  • Sample

    231106-m2dg8saf6t

  • MD5

    33762e329fef21330c362235b73db11d

  • SHA1

    535d0dfe3e3f1ca611f8074aa51f32c9786b2901

  • SHA256

    1647ea3b02caac749c6e281d378b3f73f953c57f80b18e9928e1a27ef64be80a

  • SHA512

    a4da5876b9c12fddc4c398e38d843eb47e764cf2428069c4c732afe1eb4112ec33a755b1a73b5da1408da96bbd8cfe3a739237cf461f00b719a7287c37078798

  • SSDEEP

    98304:tDgM/xux221KteYsaZ4L952Zov/0P28imzvzBdTk0twMq7s5l:tDgqxE1V53/0PtNzLXb7l

Score
10/10
spynoteandroidbankerevasionstealthtrojan

Malware Config

Extracted

Family

spynote

C2

178.236.247.124:7771

Targets

    • Target

      33762e329fef21330c362235b73db11d.apk

    • Size

      10.2MB

    • MD5

      33762e329fef21330c362235b73db11d

    • SHA1

      535d0dfe3e3f1ca611f8074aa51f32c9786b2901

    • SHA256

      1647ea3b02caac749c6e281d378b3f73f953c57f80b18e9928e1a27ef64be80a

    • SHA512

      a4da5876b9c12fddc4c398e38d843eb47e764cf2428069c4c732afe1eb4112ec33a755b1a73b5da1408da96bbd8cfe3a739237cf461f00b719a7287c37078798

    • SSDEEP

      98304:tDgM/xux221KteYsaZ4L952Zov/0P28imzvzBdTk0twMq7s5l:tDgqxE1V53/0PtNzLXb7l

    Score
    8/10
    bankerevasionstealthtrojan

    • Makes use of the framework's Accessibility service.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

      banker

    • Removes its main activity from the application launcher

      stealthtrojan

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks