Overview

overview

10

Static

static

6

af30de5783...f4.apk

 

af30de5783...f4.apk

android-10-x64

10

af30de5783...f4.apk

android-11-x64

10

Analysis

  • max time kernel
    2519113s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64-20231215-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
  • submitted
    20-12-2023 11:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    af30de5783f3e57878e5188ebc70cf3fb1457f1f17150a7614e4688df2b1d5f4.apk

  • Size

    668KB

  • MD5

    4a5047bcc3eb02571dc503dc914598eb

  • SHA1

    d14c09ba569c5ae8288c17e9699a2da25df8248c

  • SHA256

    af30de5783f3e57878e5188ebc70cf3fb1457f1f17150a7614e4688df2b1d5f4

  • SHA512

    89701172320395ed35b61d4ce5bd98e37371c6ced665d2930c547a21804a07401e081a0a787fc024640d3f6f8253cb81a115919ab248d7e781882930d98fa768

  • SSDEEP

    12288:XdjSML/KAFi95Ndf3lvqD4kwW8g6Ey5oTjG30gbB0M2j:wMjpijNF3Kf8ghNjG3z0M2j

Score
10/10
spynotebankerinfostealerratstealthtrojan

Malware Config

Extracted

Family

spynote

C2

188.121.120.42:7771

Signatures

  • Spynote

    Spynote is a Remote Access Trojan first seen in 2017.

    bankertrojaninfostealerratspynote
  • Makes use of the framework's Accessibility service 2 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 8 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • splash.alfnet.googlsrvap
    1⤵
    • Makes use of the framework's Accessibility service
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    PID:4912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/splash.alfnet.googlsrvap/app_apkprotector_dex/classes-v1.bin
    Filesize

    19KB

    MD5

    148d06c68348f30c21510ee344d30172

    SHA1

    6700905125b354ca78c9e36b0aaf0085457d8fd3

    SHA256

    7c4589d942f9f52f934c1a6d905005f9e046748f697c7bc0b4356f31eeb73b86

    SHA512

    635ca3c70b8f4bf39c9df3df5a6921c37702996b1dce1dc527108b092c955c112088176b5ee56ba7518a2a1d9bd8d94d4bbfdfd61c77ead7c7cc5b4b9ef19687

    Download Submit
  • /data/user/0/splash.alfnet.googlsrvap/app_apkprotector_dex/classes-v1.bin
    Filesize

    924KB

    MD5

    592a83717950a98c5ac53c30ca3291cd

    SHA1

    3b1f803aa1b4e1efbdea211f1d79402f5607298f

    SHA256

    0ac18fc0f6139d3f244dd962284a4e75edf53c7a15112a37dca629437029d9a9

    SHA512

    43f80192ccf82f3db8feedce5c5e951a4c3a646331a4119b3008088c050a72d91d9dd37014e1d6ef4b4b3d3679d918ea43ba80f33b878d237464ab9d8033babe

    Download Submit
  • /data/user/0/splash.alfnet.googlsrvap/app_apkprotector_dex/classes-v2.bin
    Filesize

    6KB

    MD5

    659205c83a0b402f19be7890cf31a2db

    SHA1

    20fd7a2374077f96ceab8a865f6336c104d59bfc

    SHA256

    bc7732033dbe82fdcd9175baa345becac4dd10189c2d3367b178f180c9255b3b

    SHA512

    7b7415d2c493b3690ded4badca84d58cfc68df140b255c9b3cf10aad6ee47c792e6654332cab81c9d00c6bfb7f56a0da2b1765caf679c1fbce814626c3cd38c0

    Download Submit
  • /data/user/0/splash.alfnet.googlsrvap/app_apkprotector_dex/classes-v3.bin
    Filesize

    3KB

    MD5

    0b7e5edd99ab8cadbe8f45f8511af144

    SHA1

    49a0045d3f1e01f0261f32c1f44e90595e1fa1cf

    SHA256

    79a5e1b9732be5eb44155fbcdf7e23d13332675910ad12cdf704092efa1dcf5d

    SHA512

    17b2547593b348f706436041b0715e156dfcf2ac91b0a13f67357d9b25a2f8f635f2383e4784d4662e9d4a3c37a474f25972181542dae6d69d8cbce3500b3a04

    Download Submit
  • /data/user/0/splash.alfnet.googlsrvap/app_apkprotector_dex/classes-v4.bin
    Filesize

    9KB

    MD5

    96959fe11dc379c3dd3fc9222976ecd0

    SHA1

    17979239e7e5f22152b09dd2366d160682a70d52

    SHA256

    dee43d5f7c58340aab23d4b8eafeec33ed1ab2f1676b5fd957d532b223bc6af6

    SHA512

    9737210a4fb5f1ad1d60908b5fd34ff60e7ef02c63fc846b5f754fb0b6846408f5d39a610650fe6b43d394c698c13e22dad05a81ca90df4dff0debd4702bdcf9

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMw== .txt
    Filesize

    275B

    MD5

    74f40f16549a9b08a803ce49bcb4ff69

    SHA1

    4f437575cfee2955db0d7186c7b2e650de355414

    SHA256

    beb8521b59f5e7cd23331cd9096641df647ce2164cebd7340ecd7fbea12f76b2

    SHA512

    150e85691266f173ac3a039e7f0d96f12d8163bf1ab1a26e5d22a5d122e9078ec55900f5baa52e1595f39cf9940be4b4de69e5a9c8c430156b43028e262e81cd

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMw== .txt
    Filesize

    24B

    MD5

    19e9022a0237abfcb41de0da45b6cdc8

    SHA1

    cfcb8500f6e281eb42e54dbf472cc05fefdf55ac

    SHA256

    6a3ed19be60f504848d404f19e7c3dc35b0e2d623fab204e02d6aa93acc0c4c3

    SHA512

    bd02400d5f3f91054f1bf60ccc35457d6f3d83fccae18b3fbbe22b81c5fa86e430d2886685a6a7777c5714d25b16499be31ce86097e64d3b878c04d89dd2aec6

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMw== .txt
    Filesize

    40B

    MD5

    3a71cc46a72de9883a7b8fa8cbe34ca1

    SHA1

    ef1bbdb281e546b3628a1a845b4941db1ca9e4a3

    SHA256

    c06d9e99f6ee253432eadfdfac6008e211182c3770fd883fd0ff6e4e08a5e201

    SHA512

    f65df913a1f4ecb920de54fb6c30ec52368e3b61043f9e37656f364d420f97d3a816ef2b0c6d9e770521e3cf1818cf9c5d689482418278b3c967a4d57c9bdf07

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-MjAyMy0xMi0yMw== .txt
    Filesize

    24B

    MD5

    9a43405307c027e8b3a23ed4a0a983cd

    SHA1

    aec0bdc34d02c7edd2042d98d18479beafcd9dec

    SHA256

    ddd9c527ed3db28d0312443e69c00d7b235c9d311773044113dfec9a08de072a

    SHA512

    c544c72b175d99738166ba2421fe08e18148d3a26cbb0899a00a686e4b6c21e5a9b7bd66e55dd216a84309eddb44591c000175c32c3dc8fb644924df92942d8d

    Download Submit