General

  • Target

    ddebc920ef1a218574277caf204181721df42b055ee93862af361e4867abbee9.bin

  • Size

    764KB

  • Sample

    240305-1y99paag51

  • MD5

    4fc565a1a347df2d8d6fc3b5cc648548

  • SHA1

    c063525cd7975a1770b836466865567613c7d0e3

  • SHA256

    ddebc920ef1a218574277caf204181721df42b055ee93862af361e4867abbee9

  • SHA512

    0fba048617fd80bcbf39cd9fe393cb9a9258eeeae47cea868be0c8ef580f3910da461ecf1dc0983fa2ee2554bcddda306c084d2e8199bb902ea2209322dbafea

  • SSDEEP

    12288:C2BZRvS0qMqfviYe5WmpYshXZPbGwidNpgcYA:DBZRrqMcviYe5WmD9idNpd

Malware Config

Extracted

Family

spynote

C2

147.185.221.18:38221

Targets

    • Target

      ddebc920ef1a218574277caf204181721df42b055ee93862af361e4867abbee9.bin

    • Size

      764KB

    • MD5

      4fc565a1a347df2d8d6fc3b5cc648548

    • SHA1

      c063525cd7975a1770b836466865567613c7d0e3

    • SHA256

      ddebc920ef1a218574277caf204181721df42b055ee93862af361e4867abbee9

    • SHA512

      0fba048617fd80bcbf39cd9fe393cb9a9258eeeae47cea868be0c8ef580f3910da461ecf1dc0983fa2ee2554bcddda306c084d2e8199bb902ea2209322dbafea

    • SSDEEP

      12288:C2BZRvS0qMqfviYe5WmpYshXZPbGwidNpgcYA:DBZRrqMcviYe5WmD9idNpd

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Removes its main activity from the application launcher

MITRE ATT&CK Mobile v15

Tasks