General

  • Target

    423b5f89eb269c6902977befe3427af60824ab9482b575bc15278c343fb6ef94.bin

  • Size

    913KB

  • Sample

    240305-1y9cdsbg92

  • MD5

    541ed5720428ac1518b9aaa8a135aac9

  • SHA1

    f01faa44d640a0c7b20bc25e4ee82993d1203df1

  • SHA256

    423b5f89eb269c6902977befe3427af60824ab9482b575bc15278c343fb6ef94

  • SHA512

    88ffbb6fb6735a6b477987f449193f254840dc1a0df1858cf46c65a8514bea4228cf0187c6f556cd6698ea674418c37d99152862194a041684eeaadf4a02e491

  • SSDEEP

    12288:YMJM2MtMXMEBZRvS0qKQDhBm75WmpYshXZPbGwidNpgM5:pWvC8EBZRrqKihBm75WmD9idNpB5

Malware Config

Extracted

Family

spynote

C2

147.185.221.18:38221

Targets

    • Target

      423b5f89eb269c6902977befe3427af60824ab9482b575bc15278c343fb6ef94.bin

    • Size

      913KB

    • MD5

      541ed5720428ac1518b9aaa8a135aac9

    • SHA1

      f01faa44d640a0c7b20bc25e4ee82993d1203df1

    • SHA256

      423b5f89eb269c6902977befe3427af60824ab9482b575bc15278c343fb6ef94

    • SHA512

      88ffbb6fb6735a6b477987f449193f254840dc1a0df1858cf46c65a8514bea4228cf0187c6f556cd6698ea674418c37d99152862194a041684eeaadf4a02e491

    • SSDEEP

      12288:YMJM2MtMXMEBZRvS0qKQDhBm75WmpYshXZPbGwidNpgM5:pWvC8EBZRrqKihBm75WmD9idNpB5

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Removes its main activity from the application launcher

MITRE ATT&CK Mobile v15

Tasks