Overview

overview

10

Static

static

10

7f9efd1258...4d.apk

android-9-x86

8

7f9efd1258...4d.apk

android-10-x64

8

7f9efd1258...4d.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f9efd1258b78dc1fc3d1de1bbd0eeb3804d4b494bab2e5572b17d365c79da4d

  • Size

    760KB

  • Sample

    231220-dkpz9sceh8

  • MD5

    93d2dec0dfaf5088c925531da8c21f03

  • SHA1

    59bc6c350d398ba4d05a929a78f7203220e5785f

  • SHA256

    7f9efd1258b78dc1fc3d1de1bbd0eeb3804d4b494bab2e5572b17d365c79da4d

  • SHA512

    6471831c84d9e8ac97d0353f9c8532e2a81c2df365c9181c114d4958def0e713eb687a52c6fabb02e6ae9993cbf139108cc83a993aa2d12ad42e712f9aa26b0a

  • SSDEEP

    12288:kkKiSa1a8LVeL1/ad9mo5WmpYshXZPbGwidNpg/:kFa1aKeL8d9mo5WmD9idNpc

Score
10/10
spynoteandroidbanker

Malware Config

Extracted

Family

spynote

C2

abodali.ddns.net:1172

Targets

    • Target

      7f9efd1258b78dc1fc3d1de1bbd0eeb3804d4b494bab2e5572b17d365c79da4d

    • Size

      760KB

    • MD5

      93d2dec0dfaf5088c925531da8c21f03

    • SHA1

      59bc6c350d398ba4d05a929a78f7203220e5785f

    • SHA256

      7f9efd1258b78dc1fc3d1de1bbd0eeb3804d4b494bab2e5572b17d365c79da4d

    • SHA512

      6471831c84d9e8ac97d0353f9c8532e2a81c2df365c9181c114d4958def0e713eb687a52c6fabb02e6ae9993cbf139108cc83a993aa2d12ad42e712f9aa26b0a

    • SSDEEP

      12288:kkKiSa1a8LVeL1/ad9mo5WmpYshXZPbGwidNpg/:kFa1aKeL8d9mo5WmD9idNpc

    Score
    8/10
    banker

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks