General

  • Target

    e46555467d679e682105cbf7d69dc4e2fa9dfaf039b01cd858206e2356415777.bin

  • Size

    762KB

  • Sample

    250115-1wv2zsxqhm

  • MD5

    6d368fba9e559f78ed00a85f91fc66de

  • SHA1

    99bd4d61fd945bc83cc3e6da1c3e45bcc4359442

  • SHA256

    e46555467d679e682105cbf7d69dc4e2fa9dfaf039b01cd858206e2356415777

  • SHA512

    d52cb04b59a203414c660a8e07de6ab050f9f85b71ecfa766e1b774621cc645ae09d53d9725c1b3f2e935a937b702b4b5c33966f88f02234d10e69d6c470fe9e

  • SSDEEP

    12288:xUkQPHHJ6sgRnLztT40vL8I5WmpYshXZPbGwidNpgeH:pSJ6scLztTNvL8I5WmD9idNpj

Malware Config

Extracted

Family

spynote

C2

25.ip.gl.ply.gg:15825

Targets

    • Target

      e46555467d679e682105cbf7d69dc4e2fa9dfaf039b01cd858206e2356415777.bin

    • Size

      762KB

    • MD5

      6d368fba9e559f78ed00a85f91fc66de

    • SHA1

      99bd4d61fd945bc83cc3e6da1c3e45bcc4359442

    • SHA256

      e46555467d679e682105cbf7d69dc4e2fa9dfaf039b01cd858206e2356415777

    • SHA512

      d52cb04b59a203414c660a8e07de6ab050f9f85b71ecfa766e1b774621cc645ae09d53d9725c1b3f2e935a937b702b4b5c33966f88f02234d10e69d6c470fe9e

    • SSDEEP

      12288:xUkQPHHJ6sgRnLztT40vL8I5WmpYshXZPbGwidNpgeH:pSJ6scLztTNvL8I5WmD9idNpj

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

MITRE ATT&CK Mobile v15

Tasks