Overview

overview

10

Static

static

10

f72acc8c53...36.apk

android-9-x86

8

f72acc8c53...36.apk

android-10-x64

8

f72acc8c53...36.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f72acc8c538a1b489dd4157a5ce69557d7b74370159334ccd2c0ae16b36d1c36.bin

  • Size

    760KB

  • Sample

    240316-1xkyeadd2z

  • MD5

    7638bb8211469a5f1429b66d28ae12d7

  • SHA1

    634d2391d41aefa812ce905d64df1036ace47e31

  • SHA256

    f72acc8c538a1b489dd4157a5ce69557d7b74370159334ccd2c0ae16b36d1c36

  • SHA512

    8a780835cdadbdc27e1265b703ec3c2967edad32aeff31230ca143ae7511f5af55a40493e75cfce51616d4decce75c374cd1edfce2ef80b6b3c6b48df36ef2ad

  • SSDEEP

    12288:2pO/LLJ6sgRQLzMryb2tLH5WmpYshXZPbGwidNpg9:2k/3J6sjLzMc2tLH5WmD9idNpy

Score
10/10
spynoteandroidbankerdiscoveryprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

127.0.0.1:4444

Targets

    • Target

      f72acc8c538a1b489dd4157a5ce69557d7b74370159334ccd2c0ae16b36d1c36.bin

    • Size

      760KB

    • MD5

      7638bb8211469a5f1429b66d28ae12d7

    • SHA1

      634d2391d41aefa812ce905d64df1036ace47e31

    • SHA256

      f72acc8c538a1b489dd4157a5ce69557d7b74370159334ccd2c0ae16b36d1c36

    • SHA512

      8a780835cdadbdc27e1265b703ec3c2967edad32aeff31230ca143ae7511f5af55a40493e75cfce51616d4decce75c374cd1edfce2ef80b6b3c6b48df36ef2ad

    • SSDEEP

      12288:2pO/LLJ6sgRQLzMryb2tLH5WmpYshXZPbGwidNpg9:2k/3J6sjLzMc2tLH5WmD9idNpy

    Score
    8/10
    bankerdiscoveryprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Tries to add a device administrator.

      privilege_escalation
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks