spynote | f7a50c6741fa669e44a8817583c64de5f39f9f0360b04e68d3d6963afebf8d87 | Triage

Submit
Reports

Overview

overview

Static

static

ready.apk

android-10-x64

8

Sharing

General

Target

ready.apk
Size

53.6MB
Sample

240107-d8pz6sdffq
MD5

365f8c0d67cea672e30454f7a0445abe
SHA1

a8b5f3b3cdc1f3e5b1528cf85259c6f0a045e1e3
SHA256

f7a50c6741fa669e44a8817583c64de5f39f9f0360b04e68d3d6963afebf8d87
SHA512

f16c9e11cef3900fd78e1f4a2d2e146f94742734699b431444b3b458b163873fa8ccf505cfa954b81051b0a76106a72a39ac7f377d61cebba0ead03e554f5942
SSDEEP

1572864:PH5jP22elmk/fal3jPb7vkwPLn48gf8nFLik9WPZ:PE212CTPbzkwDVEh

Score

10^/10

spynote android stealth trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ready.apk

Resource

android-x64-20231215-en

android-10-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

spynote

C2

23543254365-58443.portmap.host:58443

Targets

- Target
  
  ready.apk
- Size
  
  53.6MB
- MD5
  
  365f8c0d67cea672e30454f7a0445abe
- SHA1
  
  a8b5f3b3cdc1f3e5b1528cf85259c6f0a045e1e3
- SHA256
  
  f7a50c6741fa669e44a8817583c64de5f39f9f0360b04e68d3d6963afebf8d87
- SHA512
  
  f16c9e11cef3900fd78e1f4a2d2e146f94742734699b431444b3b458b163873fa8ccf505cfa954b81051b0a76106a72a39ac7f377d61cebba0ead03e554f5942
- SSDEEP
  
  1572864:PH5jP22elmk/fal3jPb7vkwPLn48gf8nFLik9WPZ:PE212CTPbzkwDVEh
Score

8^/10

stealth trojan
- Makes use of the framework's Accessibility service
  Retrieves information displayed on the phone screen using AccessibilityService.
- Removes its main activity from the application launcher
  stealth trojan
- Declares services with permission to bind to the system
- Requests dangerous framework permissions
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy