Overview

overview

10

Static

static

10

76ea31ed6b...c0.apk

android-9-x86

8

76ea31ed6b...c0.apk

android-10-x64

8

76ea31ed6b...c0.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76ea31ed6b2120f42edf174ebdc39fab0f53ac91fef77eb83678bff0ebff4dc0

  • Size

    768KB

  • Sample

    231220-bbhtgsdchl

  • MD5

    e5e44ac40123023eebd5caf9662f05d1

  • SHA1

    82fe8fb754852a3d9ecbd36d9e13202b386967e6

  • SHA256

    76ea31ed6b2120f42edf174ebdc39fab0f53ac91fef77eb83678bff0ebff4dc0

  • SHA512

    c57a09a6f5c4f84bfcf4bada2011351c9a0a8e5570292b23660ab8f2f7dda5d553b719cd7c0126296123fd68591fd76f71d0142fdd233f20e7c65ce502b62cc8

  • SSDEEP

    12288:zz4K5D5yYCP2lCr+hSAvw4BaGkPa1a8Lp+Y1iAQ:J5FyYCPckOSAI4BaGkPa1aU+Y1y

Score
10/10
spynoteandroidbankerstealthtrojan

Malware Config

Extracted

Family

spynote

C2

johnnj2-37916.portmap.io:37916

Targets

    • Target

      76ea31ed6b2120f42edf174ebdc39fab0f53ac91fef77eb83678bff0ebff4dc0

    • Size

      768KB

    • MD5

      e5e44ac40123023eebd5caf9662f05d1

    • SHA1

      82fe8fb754852a3d9ecbd36d9e13202b386967e6

    • SHA256

      76ea31ed6b2120f42edf174ebdc39fab0f53ac91fef77eb83678bff0ebff4dc0

    • SHA512

      c57a09a6f5c4f84bfcf4bada2011351c9a0a8e5570292b23660ab8f2f7dda5d553b719cd7c0126296123fd68591fd76f71d0142fdd233f20e7c65ce502b62cc8

    • SSDEEP

      12288:zz4K5D5yYCP2lCr+hSAvw4BaGkPa1a8Lp+Y1iAQ:J5FyYCPckOSAI4BaGkPa1aU+Y1y

    Score
    8/10
    bankerstealthtrojan

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Removes its main activity from the application launcher

      stealthtrojan
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks