Overview

overview

10

Static

static

6

AEMET_546.apk

android-9-x86

4

AEMET_546.apk

android-10-x64

1

AEMET_546.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AEMET_546.apk

  • Size

    8.8MB

  • Sample

    241112-tls2bawerh

  • MD5

    989063f16a666ad17d7e09e92f55b2f7

  • SHA1

    51f835e73483de82708133666136f1cdd3edd536

  • SHA256

    96d921e36981c3b83e0edb417f11966bfe2506b4b0d7c4cdbbbe797997214400

  • SHA512

    c75fbb632f91ad296399560e1caf2cae0a9802075f636b971e7c1eadf7c202055fe5fa1282dff94bce08efef072299541c8a18912b328b618235c386ed958619

  • SSDEEP

    196608:P9QjYbPF7R67Wz+1hyUtF+RDt5DhztlSFmWi1uI2Th5:P9QqPeKz+1hTF+RJ5dzDScfuI2/

Score
10/10
spynoteandroidbankerimpactinfostealerrattrojan

Malware Config

Targets

    • Target

      AEMET_546.apk

    • Size

      8.8MB

    • MD5

      989063f16a666ad17d7e09e92f55b2f7

    • SHA1

      51f835e73483de82708133666136f1cdd3edd536

    • SHA256

      96d921e36981c3b83e0edb417f11966bfe2506b4b0d7c4cdbbbe797997214400

    • SHA512

      c75fbb632f91ad296399560e1caf2cae0a9802075f636b971e7c1eadf7c202055fe5fa1282dff94bce08efef072299541c8a18912b328b618235c386ed958619

    • SSDEEP

      196608:P9QjYbPF7R67Wz+1hyUtF+RDt5DhztlSFmWi1uI2Th5:P9QqPeKz+1hTF+RJ5dzDScfuI2/

    Score
    10/10
    impactspynotebankerinfostealerrattrojan

    • Spynote

      Spynote is a Remote Access Trojan first seen in 2017.

      bankertrojaninfostealerratspynote

    • Spynote family

      spynote

    • Spynote payload

    • Attempts to obfuscate APK file format

      Applies obfuscation techniques to the APK format in order to hinder analysis

    • Declares broadcast receivers with permission to handle system events

    • Declares services with permission to bind to the system

    • Requests dangerous framework permissions

    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks