Overview

overview

10

Static

static

10

ready.apk

android-10-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    53.6MB

  • Sample

    240331-r7b9ksdg3y

  • MD5

    e29997bcbd59a9299134bb762959fa4c

  • SHA1

    2b27ce92fe1c8baf7332805bcb2cf923b491cac2

  • SHA256

    f5d84a3bd44d1511e00a67ae1c79f2076dc8972dc11c616d6130dc4eba0e3555

  • SHA512

    70df8550eedf6bfbb35a038f87fa2fa3837f8789d3b7384c2320f823e58fee8e5d84fb28839645d81c078dd64bf67d6c10a06df9d80d9b74430cfa481fd56ae4

  • SSDEEP

    1572864:NmKR/R2InCUVZbWEB7e0Uyxr8a3MAPfSbJ77m6xu:1R2jU36DRyJOLbp7m6o

Score
10/10
spynoteandroidcollectionevasionpersistence

Malware Config

Extracted

Family

spynote

C2

outdoor-mailed.gl.at.ply.gg:13031

Targets

    • Target

      ready.apk

    • Size

      53.6MB

    • MD5

      e29997bcbd59a9299134bb762959fa4c

    • SHA1

      2b27ce92fe1c8baf7332805bcb2cf923b491cac2

    • SHA256

      f5d84a3bd44d1511e00a67ae1c79f2076dc8972dc11c616d6130dc4eba0e3555

    • SHA512

      70df8550eedf6bfbb35a038f87fa2fa3837f8789d3b7384c2320f823e58fee8e5d84fb28839645d81c078dd64bf67d6c10a06df9d80d9b74430cfa481fd56ae4

    • SSDEEP

      1572864:NmKR/R2InCUVZbWEB7e0Uyxr8a3MAPfSbJ77m6xu:1R2jU36DRyJOLbp7m6o

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Declares services with permission to bind to the system

    • Requests dangerous framework permissions

    behavioral1

MITRE ATT&CK Matrix

Tasks