General

  • Target

    SBI Service App.apk

  • Size

    74.4MB

  • MD5

    e53c10d713133619cc99c4def38c6f70

  • SHA1

    64baafca4a717b16b3da2fa4c8fc34f05eba8176

  • SHA256

    6c60af5424a82c7eb06d5e6db79c7b173d6a2cbcd31cf6f715112b34fbd8a22c

  • SHA512

    ef1043410a18393228af2241b7cef5bee3545a35c1582632e865ed558c1f946db5a2392f2d9bbaa4054fab26458a3902c3cac5e84b9f09bcf1a2bcd0c38f6528

  • SSDEEP

    786432:kuVND3HAxPwLbDKU/7xSGdF1Ck58Fr1cxg4szJh5oa:kuVJH6wb//rmFr1+cJ

Score
10/10

Malware Config

Extracted

Family

spynote

C2

3.96.109.127:7771

Signatures

  • Spynote family
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 7 IoCs

Files

  • SBI Service App.apk
    .apk android arch:arm64 arch:arm

    com.bsi.ney

    .MainActivity


Android Permissions

SBI Service App.apk

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.FOREGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

disabled_android.permission.RECORD_AUDIO

disabled_android.permission.ACCESS_COARSE_LOCATION

disabled_android.permission.ACCESS_FINE_LOCATION

disabled_android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.REQUEST_INSTALL_PACKAGES

disabled_android.permission.CALL_PHONE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.SET_WALLPAPER

disabled_android.permission.PROCESS_OUTGOING_CALLS

android.permission.READ_SMS

disabled_android.permission.READ_CALL_LOG

disabled_android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

disabled_android.permission.CAMERA

android.permission.INTERNET

android.permission.SEND_SMS

android.permission.ACCESS_NETWORK_STATE