Overview

overview

10

Static

static

10

d1c3ad01bd...54.apk

android-9-x86

8

d1c3ad01bd...54.apk

android-10-x64

8

d1c3ad01bd...54.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1c3ad01bd3234bdc485d2f8793b92a37f1616c598d02fde8cda42af1aa19054.bin

  • Size

    815KB

  • Sample

    240215-1wzp6sae48

  • MD5

    060f2ae9d49bd5a845200f3cfc917e3e

  • SHA1

    b0932fbc0388e31b33822c9101acffe6b3552d6f

  • SHA256

    d1c3ad01bd3234bdc485d2f8793b92a37f1616c598d02fde8cda42af1aa19054

  • SHA512

    c59e23c2663d85e1e4799c333b698f00536acee794a817fbad23f9e0d83a8d44e12324f01a795f018ce136c4c6b08abfa3377a12a258c7b2b76aef5c4fd0703e

  • SSDEEP

    12288:btga1a8LzeNDLE/Nv/bU15WmpYshXZPbGwidNpg/:Ga1ameNg/NvTU15WmD9idNp4

Score
10/10
spynoteandroidbanker

Malware Config

Extracted

Family

spynote

C2

googlechrome.myftp.org:5214

Targets

    • Target

      d1c3ad01bd3234bdc485d2f8793b92a37f1616c598d02fde8cda42af1aa19054.bin

    • Size

      815KB

    • MD5

      060f2ae9d49bd5a845200f3cfc917e3e

    • SHA1

      b0932fbc0388e31b33822c9101acffe6b3552d6f

    • SHA256

      d1c3ad01bd3234bdc485d2f8793b92a37f1616c598d02fde8cda42af1aa19054

    • SHA512

      c59e23c2663d85e1e4799c333b698f00536acee794a817fbad23f9e0d83a8d44e12324f01a795f018ce136c4c6b08abfa3377a12a258c7b2b76aef5c4fd0703e

    • SSDEEP

      12288:btga1a8LzeNDLE/Nv/bU15WmpYshXZPbGwidNpg/:Ga1ameNg/NvTU15WmD9idNp4

    Score
    8/10
    banker

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks