Overview

overview

10

Static

static

10

263b02918c...1c.apk

android-9-x86

1

263b02918c...1c.apk

android-10-x64

1

263b02918c...1c.apk

android-11-x64

1

childapp.apk

android-9-x86

8

childapp.apk

android-10-x64

8

childapp.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    263b02918ca429a722622b86458348b67a2a6dd3560d2e616b15fd8632db111c

  • Size

    8.4MB

  • Sample

    240416-k9v15sga41

  • MD5

    0b75e7c7f68934a54ed7324215dcd361

  • SHA1

    ae77794c9159d848ed39a8d1e146ac281d936373

  • SHA256

    263b02918ca429a722622b86458348b67a2a6dd3560d2e616b15fd8632db111c

  • SHA512

    f112af636f55d3b4bf1b11f83ac66bdc423ba60d1654f13fbdc686898134c97f3daf8cfb67d1f0df864b021202000b25a58a9a86505e79c7c6870f8a14a4be17

  • SSDEEP

    196608:xqDxW5iMVKFhGB04DX1+9nd5oVG4vu+m3coDhJ4:xoIADFhWbydeQ+mM6o

Score
10/10
spynoteandroidcollectionevasionpersistence

Malware Config

Targets

    • Target

      263b02918ca429a722622b86458348b67a2a6dd3560d2e616b15fd8632db111c

    • Size

      8.4MB

    • MD5

      0b75e7c7f68934a54ed7324215dcd361

    • SHA1

      ae77794c9159d848ed39a8d1e146ac281d936373

    • SHA256

      263b02918ca429a722622b86458348b67a2a6dd3560d2e616b15fd8632db111c

    • SHA512

      f112af636f55d3b4bf1b11f83ac66bdc423ba60d1654f13fbdc686898134c97f3daf8cfb67d1f0df864b021202000b25a58a9a86505e79c7c6870f8a14a4be17

    • SSDEEP

      196608:xqDxW5iMVKFhGB04DX1+9nd5oVG4vu+m3coDhJ4:xoIADFhWbydeQ+mM6o

    Score
    1/10
    behavioral1behavioral2behavioral3

    • Target

      childapp.apk

    • Size

      4.5MB

    • MD5

      83903ae6c52dd1af8f7909597ee5baf2

    • SHA1

      5e765fa94edfdc0e0140758d60f056ccec296312

    • SHA256

      55dd376af0a97f78d184fd48f968566eb40af2242a54ba49d1a11392edff418b

    • SHA512

      568871dc62228706c1cda6f0fc5f8691272a0782d3c20f5250aad62997cb7a0073af9ac7bf3647f99c83f326895958afffe51f15c614757b60b818fb71d0e1e8

    • SSDEEP

      98304:cwR3GMN8bafAi3cGdEg9c6Ea/OZHxrqwOmzlzBVKT90t4fA7rmp:TNdBEZ6BGZ7zdCysAu

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    behavioral4behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks