Overview

overview

10

Static

static

10

ready.apk

android-10-x64

8

ready.apk

android-11-x64

8

ready.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    9.3MB

  • Sample

    240121-amfylabahj

  • MD5

    92d17bd15addd2d004a6bede11b38f71

  • SHA1

    af73db5f4d5d09fa649b97a5fe9f9323d0ed2037

  • SHA256

    9f91c2e7d4b7ac56f0cfd42ef72d7848f0c7518c853524326777cdad179accde

  • SHA512

    73029ababe19c001fc0431986a9c3168b9d4e2700d2c9240646623836ab6407c4c26980e780f0d687191bdacd0c40fb37953d92132c278e7dbe9ab7268765e72

  • SSDEEP

    98304:lcJTQtSApObTCWwIjjt4K82/GWYWmzLzB9Tu0tAMqlV:lcqSYObTPN4KYhzDVQV

Score
10/10
spynoteandroidbanker

Malware Config

Targets

    • Target

      ready.apk

    • Size

      9.3MB

    • MD5

      92d17bd15addd2d004a6bede11b38f71

    • SHA1

      af73db5f4d5d09fa649b97a5fe9f9323d0ed2037

    • SHA256

      9f91c2e7d4b7ac56f0cfd42ef72d7848f0c7518c853524326777cdad179accde

    • SHA512

      73029ababe19c001fc0431986a9c3168b9d4e2700d2c9240646623836ab6407c4c26980e780f0d687191bdacd0c40fb37953d92132c278e7dbe9ab7268765e72

    • SSDEEP

      98304:lcJTQtSApObTCWwIjjt4K82/GWYWmzLzB9Tu0tAMqlV:lcqSYObTPN4KYhzDVQV

    Score
    8/10
    banker

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks