Overview

overview

10

Static

static

10

2ccc048515...10.apk

android-9-x86

8

2ccc048515...10.apk

android-10-x64

8

2ccc048515...10.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ccc048515e4fa4dbbbaa3de2017c0b454cb9ea6b7f7224ae669c02615755310.bin

  • Size

    883KB

  • Sample

    240316-1w5anafb29

  • MD5

    a7fce1322eabbaaff6fda6fe2954c5f1

  • SHA1

    671c3f3c5ee118f0936f1bd288ae7f48ca6a0370

  • SHA256

    2ccc048515e4fa4dbbbaa3de2017c0b454cb9ea6b7f7224ae669c02615755310

  • SHA512

    44b77cff478ae18884ed8bc46ae42eafd46d7f47b6470997092963349516ff28e76f15ee402f1dc8bdef89b4b30d9898a4038418f425eb78bb5aaee68fc2d585

  • SSDEEP

    12288:0lJ6sgRsLzy8ydnsTjWz+EuGE4G5WmpYshXZPbGwidNpgt:gJ6sFLzJydnsTKz+EFEV5WmD9idNpW

Score
10/10
spynoteandroidbankerdiscoveryprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

18.ip.gl.ply.gg:49189

Targets

    • Target

      2ccc048515e4fa4dbbbaa3de2017c0b454cb9ea6b7f7224ae669c02615755310.bin

    • Size

      883KB

    • MD5

      a7fce1322eabbaaff6fda6fe2954c5f1

    • SHA1

      671c3f3c5ee118f0936f1bd288ae7f48ca6a0370

    • SHA256

      2ccc048515e4fa4dbbbaa3de2017c0b454cb9ea6b7f7224ae669c02615755310

    • SHA512

      44b77cff478ae18884ed8bc46ae42eafd46d7f47b6470997092963349516ff28e76f15ee402f1dc8bdef89b4b30d9898a4038418f425eb78bb5aaee68fc2d585

    • SSDEEP

      12288:0lJ6sgRsLzy8ydnsTjWz+EuGE4G5WmpYshXZPbGwidNpgt:gJ6sFLzJydnsTKz+EFEV5WmD9idNpW

    Score
    8/10
    bankerdiscoveryprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalation
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks