Overview

overview

10

Static

static

10

4ec96e1e95...d6.apk

android-9-x86

8

4ec96e1e95...d6.apk

android-10-x64

8

4ec96e1e95...d6.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ec96e1e95d7a67ce6641485d1064e356f8ae95f69fca3acabbff8cce3d324d6.bin

  • Size

    760KB

  • Sample

    240309-1y2ybace3y

  • MD5

    dd9d9388754fb1b73a97049e88e23a71

  • SHA1

    04ece9bbe9a595fa71baeed0105fc78405d6c205

  • SHA256

    4ec96e1e95d7a67ce6641485d1064e356f8ae95f69fca3acabbff8cce3d324d6

  • SHA512

    f6fc487afb4b526b80b596d0c77cb7c55332393c3ee43f26b3f961adc24ff5725b91fb0d4be4a747ef47eaf7ad4c29001e2b197b5ef0e71cafc1995380726850

  • SSDEEP

    12288:D+oct7Aa1a8LVexfNBNQNI5WmpYshXZPbGwidNpg2L:DD7a1aKex/NQNI5WmD9idNph

Score
10/10
spynoteandroidbankerdiscoveryprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

45.84.1.213:8888

Targets

    • Target

      4ec96e1e95d7a67ce6641485d1064e356f8ae95f69fca3acabbff8cce3d324d6.bin

    • Size

      760KB

    • MD5

      dd9d9388754fb1b73a97049e88e23a71

    • SHA1

      04ece9bbe9a595fa71baeed0105fc78405d6c205

    • SHA256

      4ec96e1e95d7a67ce6641485d1064e356f8ae95f69fca3acabbff8cce3d324d6

    • SHA512

      f6fc487afb4b526b80b596d0c77cb7c55332393c3ee43f26b3f961adc24ff5725b91fb0d4be4a747ef47eaf7ad4c29001e2b197b5ef0e71cafc1995380726850

    • SSDEEP

      12288:D+oct7Aa1a8LVexfNBNQNI5WmpYshXZPbGwidNpg2L:DD7a1aKex/NQNI5WmD9idNph

    Score
    8/10
    bankerdiscoveryprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalation
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks