Overview

overview

10

Static

static

10

info.inf

android-13-x64

ready.apk

android-13-x64

8

ready.apk.idsig

android-13-x64

Resubmissions

01-06-2024 00:30

240601-atfleabb4x 10

01-06-2024 00:27

240601-ar15bsbg85 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    output.rar

  • Size

    2.8MB

  • Sample

    240601-ar15bsbg85

  • MD5

    da133c66547b687674f2d27271963507

  • SHA1

    61e4c735e2a53429a45480d0d1d8983179802ba9

  • SHA256

    a068e05a194c1e6088a3c003d0fc7049ea148e0d6ce091a4f1456b22f96cb396

  • SHA512

    60f2bbeed3a725e48b77d5d5223e76ff6831df1176e51ffb93da9bf91ab7e797c0066b937159bc7b524eec898dfa71dcc64df774431ed9c952e78fd81a66201a

  • SSDEEP

    49152:zN4iVIZnjzCXmfJWj1H7oz+fGgeLh++kM7vgnkd3Q3/fPJWRqIcvOh9qCR:eiaZQmfJ2JS1TkM7vld3QnPJWUIcWhkO

Score
10/10
spynoteandroidbankercollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

Malware Config

Extracted

Family

spynote

C2

Name1442-57023.portmap.host:57023

Targets

    • Target

      info.inf

    • Size

      88B

    • MD5

      c9f0ed4b5362a594482c05eb9d8105dd

    • SHA1

      59bdf8ffb3921d5c54cf79ace408423611c70b46

    • SHA256

      934dbff5677908fe284da51a268e08c44782d643471dfd1c4494c543e7eaf626

    • SHA512

      5415edd94b41cfd0e282673448f5deb07302d654104e6ea47f1d03909b5984040608cf687a54299217d2c4bc8c63c778be2cd21cc60cebff7874e0751d64a685

    Score
    1/10
    behavioral1

    • Target

      ready.apk

    • Size

      8.5MB

    • MD5

      fc3a7c6b0875d53c5da601e6c2ed321e

    • SHA1

      19b3ed756c3bc4cc5e118c15eeb9a5a764db20eb

    • SHA256

      6ade3f4be44a003ab964a5814e8b9ddb9c33431906383263a936382011978664

    • SHA512

      973c0892067f85dca9f0e6064c811f72e817beec804116f4ca528a2b6d7151a620308aff694f414e9731b28ee2736753d4ad2671bdf2a0f1f2827f553433af6a

    • SSDEEP

      98304:clYQZdxkkZ8r5Au0EEPkMSmzjzBITu0t8o:cOQnHZ8tUhz6Vl

    Score
    8/10
    bankercollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Prevents application removal

      Application may abuse the framework's APIs to prevent removal.

      evasion

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Checks memory information

      Checks memory information which indicate if the system is an emulator.

      evasiondiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    • Checks if the internet connection is available

      discovery

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Schedules tasks to execute at a specified time

      Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

      executionpersistence
    behavioral2

    • Target

      ready.apk.idsig

    • Size

      77KB

    • MD5

      d75fbfde3fad363c1d4651147be24be3

    • SHA1

      9e8fbad9c6412b3b12a8b1b2965f30f71790a874

    • SHA256

      ae1e7719cc22e7b59364b5335c6f57ee24e37d4abf4ffbded1c7733dc2596dfe

    • SHA512

      b083a45fbe5775bfe3e7824816adbbb5f6495350d782f04114425bc42119f05b2e77945f3cb7c868712eca5f1236acb007ddb70231eac50ea1a7be20e1e79ff0

    • SSDEEP

      768:SHHYG6dPRN1/YYOqELUp7EDjn8S52fCz8qxPZCg2:SrwhYbqL7EDjv52fxqxPh

    Score
    1/10
    behavioral3

MITRE ATT&CK Matrix

Tasks