spynote | d6157f0e95d779e71313b68616c0b55330ab639d39e4e142e51ef1cd957fabd9 | Triage

Submit
Reports

Overview

overview

Static

static

ready.apk

android-9-x86

8

ready.apk

android-10-x64

8

ready.apk

android-11-x64

8

Sharing

General

Target

ready.apk
Size

8.6MB
Sample

231205-t6nx4ach27
MD5

63e1a96e44c538e64c4101b3efa06def
SHA1

a96e35c5c6a11cc74e29af2d2d52438868ab6021
SHA256

d6157f0e95d779e71313b68616c0b55330ab639d39e4e142e51ef1cd957fabd9
SHA512

b6cace864a2162a94c7229b7bffbe6fd4950f63f58f23978052ed1b96ca1395b8c578e0d4ff76ed877183f68a1fca72201c77a12d42ed429aed13fbf165498f2
SSDEEP

98304:wWekjTjdiEunideI1N2mzDzB4TG0tcsfCCB:wWjvFBzeNOCB

Score

10^/10

spynote android evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ready.apk

Resource

android-x86-arm-20231023-en

android-9-x86

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ready.apk

Resource

android-x64-20231023.1-en

android-10-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

ready.apk

Resource

android-x64-arm64-20231023-en

android-11-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

spynote

C2

5.180.106.57:5590

Targets

- Target
  
  ready.apk
- Size
  
  8.6MB
- MD5
  
  63e1a96e44c538e64c4101b3efa06def
- SHA1
  
  a96e35c5c6a11cc74e29af2d2d52438868ab6021
- SHA256
  
  d6157f0e95d779e71313b68616c0b55330ab639d39e4e142e51ef1cd957fabd9
- SHA512
  
  b6cace864a2162a94c7229b7bffbe6fd4950f63f58f23978052ed1b96ca1395b8c578e0d4ff76ed877183f68a1fca72201c77a12d42ed429aed13fbf165498f2
- SSDEEP
  
  98304:wWekjTjdiEunideI1N2mzDzB4TG0tcsfCCB:wWjvFBzeNOCB
Score

8^/10

evasion
- Makes use of the framework's Accessibility service.
- Acquires the wake lock.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

© 2018-2024

Terms | Privacy