Overview

overview

10

Static

static

10

ready.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    8.5MB

  • Sample

    240122-13d22sebh7

  • MD5

    b7c87618d9948b75ca7c21622f19b464

  • SHA1

    e89fd9a379328b1c8c1d937594119b51e18aa615

  • SHA256

    0d1aed0c2c78a814252de42d2f958e243e92203a1d2e9cfb371ea32dc77fefba

  • SHA512

    59cb6b1a135c04a12ba7d660b64cfff13a51d4eaadbb76db1d18d9d50c34b3a27a486b4f83e84705e688abfca65f66454336aaf110369bca429bd354e5c735b1

  • SSDEEP

    98304:FANPgV00jvlgIMz+BHq5iemzPzBYT30t0Z:FUP4007lC+BKoziIY

Score
10/10
spynoteandroidevasion

Malware Config

Extracted

Family

spynote

C2

176.150.69.221:42474

Targets

    • Target

      ready.apk

    • Size

      8.5MB

    • MD5

      b7c87618d9948b75ca7c21622f19b464

    • SHA1

      e89fd9a379328b1c8c1d937594119b51e18aa615

    • SHA256

      0d1aed0c2c78a814252de42d2f958e243e92203a1d2e9cfb371ea32dc77fefba

    • SHA512

      59cb6b1a135c04a12ba7d660b64cfff13a51d4eaadbb76db1d18d9d50c34b3a27a486b4f83e84705e688abfca65f66454336aaf110369bca429bd354e5c735b1

    • SSDEEP

      98304:FANPgV00jvlgIMz+BHq5iemzPzBYT30t0Z:FUP4007lC+BKoziIY

    Score
    8/10
    evasion

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Tries to add a device administrator.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks