Overview

overview

10

Static

static

10

96c00e172d...18.apk

android-11-x64

10

96c00e172d...18.apk

android-13-x64

10

Analysis

  • max time kernel
    77s
  • max time network
    682s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-es
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-eslocale:es-esos:android-13-x64system
  • submitted
    03-12-2024 12:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96c00e172d4052285950f64a329efb32365fc3e93b5535a84ddfcc715aff5618.apk

  • Size

    5.3MB

  • MD5

    39bdbdf74aa19384e2188763162096b0

  • SHA1

    baffba739efa0f36b820445a20dfaccc9e3ac4f9

  • SHA256

    96c00e172d4052285950f64a329efb32365fc3e93b5535a84ddfcc715aff5618

  • SHA512

    9170a7f2aa4b57e1d0795c7e8caacb34e03fb08817c6f8e0ca547f2dc93991ccc94bb07f68c28bf63a33d10ae9bbc50776fece66b646edf1ce3538254f99c49c

  • SSDEEP

    98304:/LI2MRcJI0G58SuyXdYaTHf/Yuezen31F2GcXKfZOyXCf8PdvQ:/LqRw/G2stHTHf/ezqz2GcXHyXWAQ

Score
10/10
spynotebankerinfostealerrattrojan

Malware Config

Extracted

Family

spynote

C2

1.tcp.ngrok.io:26423

Signatures

  • Spynote

    Spynote is a Remote Access Trojan first seen in 2017.

    bankertrojaninfostealerratspynote
  • Spynote family
    spynote
  • Spynote payload 1 IoCs
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 9 IoCs
  • Requests dangerous framework permissions 15 IoCs
  • Requests enabling of the accessibility settings. 1 IoCs

Processes

  • com.appd.instll.load
    1⤵
    • Requests enabling of the accessibility settings.
    PID:4276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.appd.instll.load/files/app.apk.apk
    Filesize

    5.5MB

    MD5

    a0d8a46bf254f3ab5475df954e051c4a

    SHA1

    e462168dad636e41a672c8796b1bc2dae7ed3ef0

    SHA256

    a4e6b5da2e3ff0aeba40b078e64e3062915cbbd243830078b1af5c419f9df3b9

    SHA512

    eff19dd00daaeb28cc94c023fcba6edf5691be6a6485efc9b113bf89918eb4d117bea9277eaaa5f61dadb3bf25bd58fe13be121e30967ac3b9c93300feed1d69

    Download Submit