Overview

overview

10

Static

static

10

49e2423a56...73.apk

android-10-x64

8

49e2423a56...73.apk

android-11-x64

8

49e2423a56...73.apk

android-13-x64

8

49e2423a56...73.apk

android-9-x86

8

Resubmissions

21-02-2024 07:14

240221-h2phaadc34 10

17-02-2024 22:03

240217-1yessabf98 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49e2423a56b4e00f6852e30ed2197f41ce5a47c330c1f9f24f092d575bd31973.bin

  • Size

    749KB

  • Sample

    240221-h2phaadc34

  • MD5

    4eb7b664f21a5e66d9f43bd51210f0b9

  • SHA1

    840418be7539bc5b9ef821e75a2da7baaada65e5

  • SHA256

    49e2423a56b4e00f6852e30ed2197f41ce5a47c330c1f9f24f092d575bd31973

  • SHA512

    20aa0c8ff8ba68703cbe21ed04d12f98de7c34b7470d45c4e057b196c2fd5910e65c33ad083a5eb8837777011859786cd71cf195f85d421c99cd9e89c8988f32

  • SSDEEP

    12288:DlCa1a8Lre300T3Yq5WmpYshXZPbGwidNpgd4:wa1a2e3NT3Yq5WmD9idNpN

Score
10/10
spynoteandroidbankerstealthtrojan

Malware Config

Extracted

Family

spynote

C2

maman34-53701.portmap.io:53701

Targets

    • Target

      49e2423a56b4e00f6852e30ed2197f41ce5a47c330c1f9f24f092d575bd31973.bin

    • Size

      749KB

    • MD5

      4eb7b664f21a5e66d9f43bd51210f0b9

    • SHA1

      840418be7539bc5b9ef821e75a2da7baaada65e5

    • SHA256

      49e2423a56b4e00f6852e30ed2197f41ce5a47c330c1f9f24f092d575bd31973

    • SHA512

      20aa0c8ff8ba68703cbe21ed04d12f98de7c34b7470d45c4e057b196c2fd5910e65c33ad083a5eb8837777011859786cd71cf195f85d421c99cd9e89c8988f32

    • SSDEEP

      12288:DlCa1a8Lre300T3Yq5WmpYshXZPbGwidNpgd4:wa1a2e3NT3Yq5WmD9idNpN

    Score
    8/10
    bankerstealthtrojan

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Removes its main activity from the application launcher

      stealthtrojan
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks