General

  • Target

    31799be6312418c185585a1c28403fc9f0b50366deff73307b9ff0eaef0779e5.bin

  • Size

    1.2MB

  • Sample

    240801-11c2zaycpn

  • MD5

    34c45ac06d6e36956d28784a540a01bb

  • SHA1

    1a5dac7ffbe3ee5c43a862945c2df3ae80a65784

  • SHA256

    31799be6312418c185585a1c28403fc9f0b50366deff73307b9ff0eaef0779e5

  • SHA512

    dc49c782b4b0b69ff05497353451e67195fcdab79911fe3ab3686387dd063ba0eb47fcff56d1ebd25f17d6f2d4f41c5a0b924516ca0b7346c8c503e31c481cca

  • SSDEEP

    24576:5wa1a2e75SaxxgwCnitfSKs505iTHm9tZ1QyZ5WmD9idNpn:Oa1afBxxSF0IHmPX5Wk0d/n

Malware Config

Extracted

Family

spynote

C2

84.51.61.190:7771

Targets

    • Target

      31799be6312418c185585a1c28403fc9f0b50366deff73307b9ff0eaef0779e5.bin

    • Size

      1.2MB

    • MD5

      34c45ac06d6e36956d28784a540a01bb

    • SHA1

      1a5dac7ffbe3ee5c43a862945c2df3ae80a65784

    • SHA256

      31799be6312418c185585a1c28403fc9f0b50366deff73307b9ff0eaef0779e5

    • SHA512

      dc49c782b4b0b69ff05497353451e67195fcdab79911fe3ab3686387dd063ba0eb47fcff56d1ebd25f17d6f2d4f41c5a0b924516ca0b7346c8c503e31c481cca

    • SSDEEP

      24576:5wa1a2e75SaxxgwCnitfSKs505iTHm9tZ1QyZ5WmD9idNpn:Oa1afBxxSF0IHmPX5Wk0d/n

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks