Overview

overview

10

Static

static

10

ready.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    8.5MB

  • Sample

    240323-ajax6sde4s

  • MD5

    e4c93294218c6dd0305626e435056db3

  • SHA1

    beb3d36eed35190e59958cd6dce590cefa755314

  • SHA256

    ddd54ca52399b5fb85d2e0b16ac434ba3c5bea78aa05558a14ba657869280ac2

  • SHA512

    26c48632e6f87f0def0c0a1c0de175f4054674e4ddb6d65e5d5894c384313ad971245e04cca273da6456881312792b68f0f786d4413dad428081c6a6ffba0390

  • SSDEEP

    98304:htKnX3hRimKAg4h5t4fN+OxksGleLmzvzBHTC0tAu:uRi56SYBlxztBD

Score
10/10
spynoteandroidcollectionevasionpersistence

Malware Config

Extracted

Family

spynote

C2

...employees-resolution.gl.at.ply.gg:4553

Targets

    • Target

      ready.apk

    • Size

      8.5MB

    • MD5

      e4c93294218c6dd0305626e435056db3

    • SHA1

      beb3d36eed35190e59958cd6dce590cefa755314

    • SHA256

      ddd54ca52399b5fb85d2e0b16ac434ba3c5bea78aa05558a14ba657869280ac2

    • SHA512

      26c48632e6f87f0def0c0a1c0de175f4054674e4ddb6d65e5d5894c384313ad971245e04cca273da6456881312792b68f0f786d4413dad428081c6a6ffba0390

    • SSDEEP

      98304:htKnX3hRimKAg4h5t4fN+OxksGleLmzvzBHTC0tAu:uRi56SYBlxztBD

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks