Overview

overview

10

Static

static

10

GameGuardian.apk

android-10-x64

8

GameGuardian.apk

android-13-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GameGuardian.apk

  • Size

    20.5MB

  • Sample

    240517-xb94madb59

  • MD5

    92d8a3f23ebeaec7f7aff61dddd8c01e

  • SHA1

    d3f285df1842e6f79fbb3bc65d5465aebbea3886

  • SHA256

    ca47cb20b6aeba1629c66111b5912bf22a0079986cfa249173b635a2548695c6

  • SHA512

    7b13448e98ef732849ae515efa4b94e48ac568693197a47146a1670d377185276dca3a5f3de4d1baba2cbc96b52de1eda267ac28e0f210a2a218781b837c168b

  • SSDEEP

    393216:0RSbMt2q/AnsT4ZDR6iA5ycdDf5Yc2RRDM2CX1:0RQ3q/Ws6LGjxYcgM1

Score
10/10
spynoteandroidbankerdiscoveryevasionimpactpersistenceprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

teachers-carb.gl.at.ply.gg:48649

Targets

    • Target

      GameGuardian.apk

    • Size

      20.5MB

    • MD5

      92d8a3f23ebeaec7f7aff61dddd8c01e

    • SHA1

      d3f285df1842e6f79fbb3bc65d5465aebbea3886

    • SHA256

      ca47cb20b6aeba1629c66111b5912bf22a0079986cfa249173b635a2548695c6

    • SHA512

      7b13448e98ef732849ae515efa4b94e48ac568693197a47146a1670d377185276dca3a5f3de4d1baba2cbc96b52de1eda267ac28e0f210a2a218781b837c168b

    • SSDEEP

      393216:0RSbMt2q/AnsT4ZDR6iA5ycdDf5Yc2RRDM2CX1:0RQ3q/Ws6LGjxYcgM1

    Score
    8/10
    bankerdiscoveryevasionimpactpersistenceprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalationimpact
    behavioral1behavioral2

MITRE ATT&CK Mobile v15

Tasks