General

  • Target

    baa7d324562d0b9015189e148f2db16bcb2467d791aaa4a92f8335a8275be4da.bin

  • Size

    760KB

  • Sample

    240726-1yq6ta1bpa

  • MD5

    069af7d36f6a311f94991cd273866250

  • SHA1

    15c3a69b0b26320e8cf6752a4f8d3f57dc25d6d6

  • SHA256

    baa7d324562d0b9015189e148f2db16bcb2467d791aaa4a92f8335a8275be4da

  • SHA512

    b423ad24b74121db5a07dd48528dd486c6527cc94a4033bce5db9e4ec41a93895cd94da46c969a44b882835b5f221516bf9cc100f6c02a1f60fd65439a5c03f0

  • SSDEEP

    12288:AoMa4bBZvvTjQexMCu9BXT5WmpYshXZPbGwidNpgP:AXBZv3Qe1u9BXT5WmD9idNpE

Malware Config

Extracted

Family

spynote

C2

furniture-worried.gl.at.ply.gg:34886

Targets

    • Target

      baa7d324562d0b9015189e148f2db16bcb2467d791aaa4a92f8335a8275be4da.bin

    • Size

      760KB

    • MD5

      069af7d36f6a311f94991cd273866250

    • SHA1

      15c3a69b0b26320e8cf6752a4f8d3f57dc25d6d6

    • SHA256

      baa7d324562d0b9015189e148f2db16bcb2467d791aaa4a92f8335a8275be4da

    • SHA512

      b423ad24b74121db5a07dd48528dd486c6527cc94a4033bce5db9e4ec41a93895cd94da46c969a44b882835b5f221516bf9cc100f6c02a1f60fd65439a5c03f0

    • SSDEEP

      12288:AoMa4bBZvvTjQexMCu9BXT5WmpYshXZPbGwidNpgP:AXBZv3Qe1u9BXT5WmD9idNpE

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks