Resubmissions

01-08-2024 09:36

240801-lk5pqatfrp 10

General

  • Target

    client[1].apk

  • Size

    844KB

  • Sample

    240801-lk5pqatfrp

  • MD5

    0f92bab5f63825d30754c3e6035c37be

  • SHA1

    ee920fbf54584d4662882c9daa164f95c1cbfb87

  • SHA256

    b653528bb71d42c397dcc0bcbaafeda43e8196a04989d466936d9b2427bfa587

  • SHA512

    96cf57c6513a0fc2804d1fb8198fe23077193e198e2fceb8dfeffec90d9615d87bafde8421e492902313fb4644425f1f90be0d87ef682744ac4bef70184a746d

  • SSDEEP

    12288:jmjtg8DVQu1CSujzuzyevolILU4mQedJFBy0HH5jq6Ti85:jStNCSuPuzyevolImJu0HHY6Tb5

Malware Config

Extracted

Family

spynote

C2

insurance-helmet.gl.at.ply.gg:31388

Targets

    • Target

      client[1].apk

    • Size

      844KB

    • MD5

      0f92bab5f63825d30754c3e6035c37be

    • SHA1

      ee920fbf54584d4662882c9daa164f95c1cbfb87

    • SHA256

      b653528bb71d42c397dcc0bcbaafeda43e8196a04989d466936d9b2427bfa587

    • SHA512

      96cf57c6513a0fc2804d1fb8198fe23077193e198e2fceb8dfeffec90d9615d87bafde8421e492902313fb4644425f1f90be0d87ef682744ac4bef70184a746d

    • SSDEEP

      12288:jmjtg8DVQu1CSujzuzyevolILU4mQedJFBy0HH5jq6Ti85:jStNCSuPuzyevolImJu0HHY6Tb5

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks