Overview

overview

10

Static

static

10

fe59df2668...21.apk

android-9-x86

7

fe59df2668...21.apk

android-10-x64

7

fe59df2668...21.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe59df266849f762b7fc06afe06efc9687c0bc97e2276c075732e0b44e524e21.bin

  • Size

    778KB

  • Sample

    241026-1zmvsaxqct

  • MD5

    57013297dfce01f2a85f69d3639bbe42

  • SHA1

    3bccb97e857de40f832dad4eb50b1aa546a57685

  • SHA256

    fe59df266849f762b7fc06afe06efc9687c0bc97e2276c075732e0b44e524e21

  • SHA512

    41ed7b242cdec97b4a54ce8f65b13c711e1fd35e30933ed8470c0afc00cc2976ea908eac78c9da4a7bcee241278db4515b37d8183deebd69a32c7962aacae0a2

  • SSDEEP

    12288:leU+J6sgRwLzSWhads6rPp5WmpYshXZPbGwidNpgs:j+J6sbLzSGadXPp5WmD9idNpz

Score
10/10
spynoteandroidbankerdiscoveryevasionpersistence

Malware Config

Extracted

Family

spynote

C2

192.186.1.7:9595

Targets

    • Target

      fe59df266849f762b7fc06afe06efc9687c0bc97e2276c075732e0b44e524e21.bin

    • Size

      778KB

    • MD5

      57013297dfce01f2a85f69d3639bbe42

    • SHA1

      3bccb97e857de40f832dad4eb50b1aa546a57685

    • SHA256

      fe59df266849f762b7fc06afe06efc9687c0bc97e2276c075732e0b44e524e21

    • SHA512

      41ed7b242cdec97b4a54ce8f65b13c711e1fd35e30933ed8470c0afc00cc2976ea908eac78c9da4a7bcee241278db4515b37d8183deebd69a32c7962aacae0a2

    • SSDEEP

      12288:leU+J6sgRwLzSWhads6rPp5WmpYshXZPbGwidNpgs:j+J6sbLzSGadXPp5WmD9idNpz

    Score
    7/10
    bankerdiscoveryevasionpersistence

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks