Overview

overview

10

Static

static

10

2b8a6d34d9...49.apk

android-9-x86

7

2b8a6d34d9...49.apk

android-10-x64

7

2b8a6d34d9...49.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049.bin

  • Size

    760KB

  • Sample

    241005-1yy7esyfjg

  • MD5

    0f19720451c65275fe385bb7cb7b1450

  • SHA1

    c19a8af4bca2b36da6ede50c53f3ab31ed8e54cc

  • SHA256

    2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049

  • SHA512

    0c16af56000e815187b71a4723554fc27b89e0cd1fd3e0662b14fc8a1f74a05f3a7a03556e905571f1f46059f183a315dfd937864a24666fe38439ab92cc910a

  • SSDEEP

    12288:Hl/Asa1a8LdeZ9lUP87IEe5WmpYshXZPbGwidNpgt:Hlfa1a6eZMP2IEe5WmD9idNpq

Score
10/10
spynoteandroidbankerdiscoveryevasionpersistence

Malware Config

Extracted

Family

spynote

C2

advertising-evil.gl.at.ply.gg:7463

Targets

    • Target

      2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049.bin

    • Size

      760KB

    • MD5

      0f19720451c65275fe385bb7cb7b1450

    • SHA1

      c19a8af4bca2b36da6ede50c53f3ab31ed8e54cc

    • SHA256

      2b8a6d34d908965378d5a7012aba96a36db7e6fef7ec4c667a7c7d170695d049

    • SHA512

      0c16af56000e815187b71a4723554fc27b89e0cd1fd3e0662b14fc8a1f74a05f3a7a03556e905571f1f46059f183a315dfd937864a24666fe38439ab92cc910a

    • SSDEEP

      12288:Hl/Asa1a8LdeZ9lUP87IEe5WmpYshXZPbGwidNpgt:Hlfa1a6eZMP2IEe5WmD9idNpq

    Score
    7/10
    bankerdiscoveryevasionpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks