spynote | d0127c22fa417472cb643a632d02f9d82e3138719ba56585a06a47aa72836504 | Triage

Submit
Reports

Overview

overview

Static

static

ZArchiver_0.9.5.8.apk

android-13-x64

7

Sharing

General

Target

ZArchiver_0.9.5.8.apk
Size

5.4MB
Sample

240410-qfpj6agh34
MD5

a02632c5bc10b3f9abf46ca36e9f7228
SHA1

c856a46d21e15cb85a6d61c2941029c791bff23d
SHA256

d0127c22fa417472cb643a632d02f9d82e3138719ba56585a06a47aa72836504
SHA512

d4f4d286f264009a792844ecd4c5efd0a584f881ac31ef3064eba66294fc77f6ad0b5f7a6a3ad11bb8b41ad416ced60c9c611880e650da15c8d8bbed61b8aa51
SSDEEP

98304:MObA1T+yJpRYWrzF61DJqW4XWbhrUjA2xbS7IFAiw142YlN3B52:MMAN+6RLFgDMW4XW1UjA2xbrFAih2YPO

Score

10^/10

spynote android evasion persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ZArchiver_0.9.5.8.apk

Resource

android-33-x64-arm64-20240229-en

evasion persistence

android-13-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

spynote

C2

147.185.221.17:42314

Targets

- Target
  
  ZArchiver_0.9.5.8.apk
- Size
  
  5.4MB
- MD5
  
  a02632c5bc10b3f9abf46ca36e9f7228
- SHA1
  
  c856a46d21e15cb85a6d61c2941029c791bff23d
- SHA256
  
  d0127c22fa417472cb643a632d02f9d82e3138719ba56585a06a47aa72836504
- SHA512
  
  d4f4d286f264009a792844ecd4c5efd0a584f881ac31ef3064eba66294fc77f6ad0b5f7a6a3ad11bb8b41ad416ced60c9c611880e650da15c8d8bbed61b8aa51
- SSDEEP
  
  98304:MObA1T+yJpRYWrzF61DJqW4XWbhrUjA2xbS7IFAiw142YlN3B52:MMAN+6RLFgDMW4XW1UjA2xbrFAih2YPO
Score

7^/10

evasion persistence
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Acquires the wake lock
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

evasionpersistence

© 2018-2024

Terms | Privacy