Overview

overview

10

Static

static

10

ready.apk

android-9-x86

8

ready.apk

android-10-x64

8

ready.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ready.apk

  • Size

    29KB

  • Sample

    241101-pfxp4askap

  • MD5

    5e2d6a7c8bdee0f83c623afd72cf408e

  • SHA1

    98061a731f70f35c0e209696e5dc69232d20dc47

  • SHA256

    d832569f4bef206d50e2a2719312826d65ef7b95da9b008989b5d591195f9799

  • SHA512

    f917a43e62f324e610ecd16446e46623680330911e455427f8985aa14dadfd24a6da9a0e7ccad15dbe288c276943e7fe24429ed800e6a476cd109977fdb26949

  • SSDEEP

    768:g1qu/ssH/ZEqynEUsoKivy+apcKE85o0saXT10LOSgLud:XAssf+qyEEha+Aa820saDukq

Score
10/10
spymaxandroidevasionpersistencestealthtrojan

Malware Config

Extracted

Family

spymax

C2

147.185.221.16:14984

Targets

    • Target

      ready.apk

    • Size

      29KB

    • MD5

      5e2d6a7c8bdee0f83c623afd72cf408e

    • SHA1

      98061a731f70f35c0e209696e5dc69232d20dc47

    • SHA256

      d832569f4bef206d50e2a2719312826d65ef7b95da9b008989b5d591195f9799

    • SHA512

      f917a43e62f324e610ecd16446e46623680330911e455427f8985aa14dadfd24a6da9a0e7ccad15dbe288c276943e7fe24429ed800e6a476cd109977fdb26949

    • SSDEEP

      768:g1qu/ssH/ZEqynEUsoKivy+apcKE85o0saXT10LOSgLud:XAssf+qyEEha+Aa820saDukq

    Score
    8/10
    evasionpersistencestealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks