Overview

overview

10

Static

static

10

ready321312.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready321312.apk

  • Size

    8.7MB

  • Sample

    240414-akww2abh22

  • MD5

    e4675cb15dd34ffb7cfabda9f20c9721

  • SHA1

    3b0b94f2c0cfdf0efda2524d2953133905488a59

  • SHA256

    42ad8c1a66719828229feed631a440eddd63e2197ba2041738e7a151ab51e26a

  • SHA512

    737c247dc35472c202ed3e3ad4172fcc188ef19397f6c8309bb72019f50ed42d5950df9d8e59b62e7d4b93c79eb42a9d5f4888b250e44815e68b404049df5bdb

  • SSDEEP

    49152:LUOqrWI2vCUFZFrpaA/2UuGZMxU0qGmzLzdGGNQTOIV5dU9Yqj0cgEtkDikAq:QEPNF31aAXuCM+fGmzLzBCTvc0tEtdq

Score
10/10
spynoteandroidcollectionevasionpersistence

Malware Config

Extracted

Family

spynote

C2

147.185.221.19:4975

Targets

    • Target

      ready321312.apk

    • Size

      8.7MB

    • MD5

      e4675cb15dd34ffb7cfabda9f20c9721

    • SHA1

      3b0b94f2c0cfdf0efda2524d2953133905488a59

    • SHA256

      42ad8c1a66719828229feed631a440eddd63e2197ba2041738e7a151ab51e26a

    • SHA512

      737c247dc35472c202ed3e3ad4172fcc188ef19397f6c8309bb72019f50ed42d5950df9d8e59b62e7d4b93c79eb42a9d5f4888b250e44815e68b404049df5bdb

    • SSDEEP

      49152:LUOqrWI2vCUFZFrpaA/2UuGZMxU0qGmzLzdGGNQTOIV5dU9Yqj0cgEtkDikAq:QEPNF31aAXuCM+fGmzLzBCTvc0tEtdq

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks