Overview

overview

10

Static

static

7

d7326f85e8...46.apk

android-9-x86

10

d7326f85e8...46.apk

android-10-x64

10

d7326f85e8...46.apk

android-11-x64

10

Analysis

  • max time kernel
    4092288s
  • max time network
    167s
  • platform
    android_x64
  • resource
    android-x64-20231023.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231023.1-enlocale:en-usos:android-10-x64system
  • submitted
    21-11-2023 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d7326f85e838f6298f5c9e8626d889c1a15757319754dc57d8703dff3f45c546.apk

  • Size

    992KB

  • MD5

    cbaf2da6a483775b934faabd5b40bed6

  • SHA1

    0ba2eb6661e6d7f03e0a2ef08ea75296990ac6fc

  • SHA256

    d7326f85e838f6298f5c9e8626d889c1a15757319754dc57d8703dff3f45c546

  • SHA512

    917b65d79f323c045bb7a39cc47e432de18cf3b942698fb2056d4bbad0be8d3ba8f7ff3102b078722a87c71ba609d028c910fa66edb06582f23c8101d1a4a6e3

  • SSDEEP

    24576:BhzkORPhgzQc8RkQ4dh2iynuPyt9XktndMCngUPvJCYPMqlRnV:rRJgp8RkhdQiynq6XktndMfasYPMUV

Score
10/10
spynotebankerevasioninfostealerratstealthtrojan

Malware Config

Extracted

Family

spynote

C2

192.168.0.105:8080

Signatures

  • Spynote

    Spynote is a Remote Access Trojan first seen in 2017.

    bankertrojaninfostealerratspynote
  • Makes use of the framework's Accessibility service. 3 IoCs
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Removes a system notification. 1 IoCs
    evasion

Processes

  • mountainy2.scored.claims
    1⤵
    • Makes use of the framework's Accessibility service.
    • Removes its main activity from the application launcher
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    • Removes a system notification.
    PID:5076
    • rm -r/data/user/0/mountainy2.scored.claims/app_ded/RJilNMZRrYxqreOUKXRood9QrYnhEIH1.dex
      2⤵
        PID:5116

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/data/mountainy2.scored.claims/app_ded/RJilNMZRrYxqreOUKXRood9QrYnhEIH1.dex
      Filesize

      1.3MB

      MD5

      0db3e8e486f47d80fe56ac9ae0eb871b

      SHA1

      0822d78837b027deef36a7c1bd62ae9629c19956

      SHA256

      f32452b8bbe2444257659cc4656aa41490a3f93f919eabe99632a30c610f5647

      SHA512

      1f8122b13e6bd05d1a6ed2dccbaff9faef6258e220270ecdbb2cd35474cb24d82ffd7dc6c28ede8727873eaa36b209d3f844cba0dc2c5caef4f43214ccfba824

      Download Submit
    • /data/user/0/mountainy2.scored.claims/app_ded/RJilNMZRrYxqreOUKXRood9QrYnhEIH1.dex
      Filesize

      1.3MB

      MD5

      0db3e8e486f47d80fe56ac9ae0eb871b

      SHA1

      0822d78837b027deef36a7c1bd62ae9629c19956

      SHA256

      f32452b8bbe2444257659cc4656aa41490a3f93f919eabe99632a30c610f5647

      SHA512

      1f8122b13e6bd05d1a6ed2dccbaff9faef6258e220270ecdbb2cd35474cb24d82ffd7dc6c28ede8727873eaa36b209d3f844cba0dc2c5caef4f43214ccfba824

      Download Submit
    • /data/user/0/mountainy2.scored.claims/app_ded/RJilNMZRrYxqreOUKXRood9QrYnhEIH1.dex
      Filesize

      1.3MB

      MD5

      0db3e8e486f47d80fe56ac9ae0eb871b

      SHA1

      0822d78837b027deef36a7c1bd62ae9629c19956

      SHA256

      f32452b8bbe2444257659cc4656aa41490a3f93f919eabe99632a30c610f5647

      SHA512

      1f8122b13e6bd05d1a6ed2dccbaff9faef6258e220270ecdbb2cd35474cb24d82ffd7dc6c28ede8727873eaa36b209d3f844cba0dc2c5caef4f43214ccfba824

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-11-21.txt
      Filesize

      28B

      MD5

      b29ab0a0aff1b76c061cc321ebf44c28

      SHA1

      cb29132433ed037310ca08b35c90d9f810f1c000

      SHA256

      465165a3f3337eb3b5610a70c3cb2557101bedb3e53dddf36e2570577ddd1652

      SHA512

      d22b23cc3e805e7e1aec5b0c4a1043697dec264a6555ddb25137bce984adb27ef76ebb5a86a8133b805d50bc84cbcfc82ae13f7a919886dee25914caa52125eb

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-11-21.txt
      Filesize

      12B

      MD5

      a9256f55737b655c8cff95418411997c

      SHA1

      d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

      SHA256

      bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

      SHA512

      10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-11-21.txt
      Filesize

      12B

      MD5

      a9256f55737b655c8cff95418411997c

      SHA1

      d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

      SHA256

      bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

      SHA512

      10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-11-21.txt
      Filesize

      12B

      MD5

      a9256f55737b655c8cff95418411997c

      SHA1

      d81a4e85ecef3a4f08d50da9c75c49a3c64ffe24

      SHA256

      bad705c44807d12463fb587087c4e9eb24769d82981229ac8b74abc9b1a44412

      SHA512

      10d10a6498973ed65d47c74ba6d8831dad94213a5071353dc445de46e021689284fbbf4accf5ba1f97a0675a7652ec069ac70f38d63ba36b8595a8caf8d37574

      Download Submit
    • /storage/emulated/0/Config/sys/apps/log/log-2023-11-21.txt
      Filesize

      275B

      MD5

      52d673691e6d6b96fe890a2347ba9c93

      SHA1

      9c904a5d45f202ca6aa2d2a3b2fe59c0c1a0a061

      SHA256

      e544b8d6b49b6231bc721531ba2cef94e5ce21510a1c149f1954d4465ac826e0

      SHA512

      89fa74669c5b2836342b545f9f958d3066932f855cf76d92577e49189c35e3cd838ce64c6239b649a4b91b5fa7bffc9bda127b198cfea3b302b27398ac605c64

      Download Submit