General

  • Target

    6a06889b8727f3e6b0ed7ced9d91ca73731a109b750ac59878d9d870b087036f.bin

  • Size

    1.3MB

  • Sample

    240801-12c4csydlk

  • MD5

    8ed900a11c2db6ed8ae2a6842fff70a1

  • SHA1

    946379695acbfe3e428443e1bad5e451d14a25f7

  • SHA256

    6a06889b8727f3e6b0ed7ced9d91ca73731a109b750ac59878d9d870b087036f

  • SHA512

    aa95112ce8b5fcbcc67462caf2afd968fd418310d8f440458e8fa9728b763a8b84d5d17e14a47f0f3079a343ec4d7b8157b7775be51588e0b4b43bc7152b455d

  • SSDEEP

    24576:2VPRe7ZFtju0R5SaxxgwCnitfSKs505iTHm80+NTn9I:2VYZFtj3BxxSF0IHmx0C

Malware Config

Extracted

Family

spynote

C2

84.51.61.190:7771

Targets

    • Target

      6a06889b8727f3e6b0ed7ced9d91ca73731a109b750ac59878d9d870b087036f.bin

    • Size

      1.3MB

    • MD5

      8ed900a11c2db6ed8ae2a6842fff70a1

    • SHA1

      946379695acbfe3e428443e1bad5e451d14a25f7

    • SHA256

      6a06889b8727f3e6b0ed7ced9d91ca73731a109b750ac59878d9d870b087036f

    • SHA512

      aa95112ce8b5fcbcc67462caf2afd968fd418310d8f440458e8fa9728b763a8b84d5d17e14a47f0f3079a343ec4d7b8157b7775be51588e0b4b43bc7152b455d

    • SSDEEP

      24576:2VPRe7ZFtju0R5SaxxgwCnitfSKs505iTHm80+NTn9I:2VYZFtj3BxxSF0IHmx0C

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks