spynote | 50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e | Triage

Submit
Reports

Overview

overview

Static

static

50d9d3d91b...6e.apk

android-9-x86

8

50d9d3d91b...6e.apk

android-10-x64

8

50d9d3d91b...6e.apk

android-11-x64

8

Sharing

General

Target

50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e.bin
Size

768KB
Sample

240218-1xc8kafd42
MD5

5f8562a508568ad35734b292e68fe1fe
SHA1

93bfbf2fb22717cf8d569ae33010699fc3e35d7c
SHA256

50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e
SHA512

d7064895c1f44051814b83d2d1adb3ba8fbd01d5ead1261a1330e23c77afca16e215f986b12ace05dedd3ab1d5b6d9086ef24d17010a40d2f4cc5ce951ebd29f
SSDEEP

12288:Qiaoj8VTCyPTTZzOhULX6BZRvS0q/193T6k8H:QfoQVuyPTpOMqBZRrq/fT6kO

Score

10^/10

spynote android banker stealth trojan

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e.apk

Resource

android-x86-arm-20231215-en

banker stealth trojan

android-9-x86

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e.apk

Resource

android-x64-20231215-en

banker stealth trojan

android-10-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e.apk

Resource

android-x64-arm64-20231215-en

banker stealth trojan

android-11-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

spynote

C2

147.185.221.16:54299

Targets

- Target
  
  50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e.bin
- Size
  
  768KB
- MD5
  
  5f8562a508568ad35734b292e68fe1fe
- SHA1
  
  93bfbf2fb22717cf8d569ae33010699fc3e35d7c
- SHA256
  
  50d9d3d91bd584249700907fa6e74a9e1fd89d6690b713ec8ac0df83c7d0326e
- SHA512
  
  d7064895c1f44051814b83d2d1adb3ba8fbd01d5ead1261a1330e23c77afca16e215f986b12ace05dedd3ab1d5b6d9086ef24d17010a40d2f4cc5ce951ebd29f
- SSDEEP
  
  12288:Qiaoj8VTCyPTTZzOhULX6BZRvS0q/193T6k8H:QfoQVuyPTpOMqBZRrq/fT6kO
Score

8^/10

banker stealth trojan
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker
- Removes its main activity from the application launcher
  stealth trojan
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bankerstealthtrojan

behavioral2

bankerstealthtrojan

behavioral3

bankerstealthtrojan

© 2018-2024

Terms | Privacy