Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.mediafire.com/file/eac4inflb7kpkme/ready.apk/file

  • Sample

    240325-wkbrraef97

Score
10/10
spynoteandroidbankerinfostealerrattrojan

Malware Config

Extracted

Family

spynote

C2

83.30.40.183:7771

Targets

    • Target

      https://www.mediafire.com/file/eac4inflb7kpkme/ready.apk/file

    Score
    10/10
    spynotebankerinfostealerrattrojan

    • Spynote

      Spynote is a Remote Access Trojan first seen in 2017.

      bankertrojaninfostealerratspynote

    • Declares broadcast receivers with permission to handle system events

    • Declares services with permission to bind to the system

    • Requests dangerous framework permissions

    behavioral1

MITRE ATT&CK Matrix

Tasks