Overview

overview

10

Static

static

10

9620f482a0...4a.apk

android-9-x86

8

9620f482a0...4a.apk

android-10-x64

8

9620f482a0...4a.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9620f482a0d9dcf8e84aa9a2894661765effbfb80c2c7cce018fc016efd31c4a.bin

  • Size

    776KB

  • Sample

    240224-1xasfagc6t

  • MD5

    745a8c60909a0321e5b2925c7f265584

  • SHA1

    a2ed44fb225a708d864c35512cb2e1a597d1187c

  • SHA256

    9620f482a0d9dcf8e84aa9a2894661765effbfb80c2c7cce018fc016efd31c4a

  • SHA512

    5249bd7e4d711c2002da89174b00fe12d5779e4845b1adf6258c58f22bf87d4eade06b2d6fee935e4cfca464c101245d4c26f344c76ae477de6c828893e2cd89

  • SSDEEP

    12288:6BZfCbba1a8LVelT5SlHp5WmpYshXZPbGwidNpg/:ucHa1aKelNSlHp5WmD9idNpU

Score
10/10
spynoteandroidbankerdiscoveryprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

agam65.ddns.net:22

Targets

    • Target

      9620f482a0d9dcf8e84aa9a2894661765effbfb80c2c7cce018fc016efd31c4a.bin

    • Size

      776KB

    • MD5

      745a8c60909a0321e5b2925c7f265584

    • SHA1

      a2ed44fb225a708d864c35512cb2e1a597d1187c

    • SHA256

      9620f482a0d9dcf8e84aa9a2894661765effbfb80c2c7cce018fc016efd31c4a

    • SHA512

      5249bd7e4d711c2002da89174b00fe12d5779e4845b1adf6258c58f22bf87d4eade06b2d6fee935e4cfca464c101245d4c26f344c76ae477de6c828893e2cd89

    • SSDEEP

      12288:6BZfCbba1a8LVelT5SlHp5WmpYshXZPbGwidNpg/:ucHa1aKelNSlHp5WmD9idNpU

    Score
    8/10
    bankerdiscoveryprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalation
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks