Overview

overview

10

Static

static

10

ready.apk

android-13-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    8.5MB

  • Sample

    241003-ehgrjsxbme

  • MD5

    6c8df808e3118194eea97b4669b33b50

  • SHA1

    f04571cfc17645d7192a770bb4b4d7f7a2f7b87b

  • SHA256

    7c2b3d11a74d253f289679455a1d4daae9f38799b535a24cb517cac7653eed09

  • SHA512

    c3803d5d0513a469363b1cc225c6c765023790489be269829b4e10a860df8173bb9dd6bdca8cd177cf59e07d28854b7674c4005a0d719f67f9fc24d17440a756

  • SSDEEP

    98304:ardEyG3RggRwQQWj71hgTdjTEpsymzzzBWTz0tsR:arO/gCSdNzo82

Score
10/10
spynoteandroidcollectioncredential_accessevasionpersistence

Malware Config

Extracted

Family

spynote

C2

Name1442-48003.portmap.host:48003

Targets

    • Target

      ready.apk

    • Size

      8.5MB

    • MD5

      6c8df808e3118194eea97b4669b33b50

    • SHA1

      f04571cfc17645d7192a770bb4b4d7f7a2f7b87b

    • SHA256

      7c2b3d11a74d253f289679455a1d4daae9f38799b535a24cb517cac7653eed09

    • SHA512

      c3803d5d0513a469363b1cc225c6c765023790489be269829b4e10a860df8173bb9dd6bdca8cd177cf59e07d28854b7674c4005a0d719f67f9fc24d17440a756

    • SSDEEP

      98304:ardEyG3RggRwQQWj71hgTdjTEpsymzzzBWTz0tsR:arO/gCSdNzo82

    Score
    7/10
    collectioncredential_accessevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1

MITRE ATT&CK Mobile v15

Tasks