General

  • Target

    ec1c93926533a043c6653c2059b63dd1a5ec03bc801404b15456e17a1b973340.bin

  • Size

    843KB

  • Sample

    240712-1y8qvssbrn

  • MD5

    e32e4a229b429b778163676a24249903

  • SHA1

    9c2cd747c7d42ac337b62667a6dd57007ccfbe66

  • SHA256

    ec1c93926533a043c6653c2059b63dd1a5ec03bc801404b15456e17a1b973340

  • SHA512

    e33cad19019d1a9e0211dad46e00a6c051cdcb681c562e9cc43976224a81b876a1c57c9091985aefaa9d16f8d667373100daf1b707ec27b2a32a6a71b0492050

  • SSDEEP

    12288:FelS4a1a8LreOd7raSKpJms75WmpYshXZPbGwidNpgG:ca1a2eOVraSKpJms75WmD9idNph

Malware Config

Extracted

Family

spynote

C2

necessary-vinyl.gl.at.ply.gg:47261

Targets

    • Target

      ec1c93926533a043c6653c2059b63dd1a5ec03bc801404b15456e17a1b973340.bin

    • Size

      843KB

    • MD5

      e32e4a229b429b778163676a24249903

    • SHA1

      9c2cd747c7d42ac337b62667a6dd57007ccfbe66

    • SHA256

      ec1c93926533a043c6653c2059b63dd1a5ec03bc801404b15456e17a1b973340

    • SHA512

      e33cad19019d1a9e0211dad46e00a6c051cdcb681c562e9cc43976224a81b876a1c57c9091985aefaa9d16f8d667373100daf1b707ec27b2a32a6a71b0492050

    • SSDEEP

      12288:FelS4a1a8LreOd7raSKpJms75WmpYshXZPbGwidNpgG:ca1a2eOVraSKpJms75WmD9idNph

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks