Overview

overview

10

Static

static

10

5fa4829a95...8f.apk

android-9-x86

7

5fa4829a95...8f.apk

android-10-x64

7

5fa4829a95...8f.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fa4829a95b3924478e331e71c89bc1fe55664f0e20084c9ab94e3eaf56b3f8f.bin

  • Size

    774KB

  • Sample

    250221-1z2zpstks9

  • MD5

    5b79b8a531045300f4da0b528c7f8194

  • SHA1

    3f9b5b4c2cb67f342a6b43ad2c4f9328a9f53f9e

  • SHA256

    5fa4829a95b3924478e331e71c89bc1fe55664f0e20084c9ab94e3eaf56b3f8f

  • SHA512

    c1bd8fda1c2e9fe3355ac697d384d9c6bc681a0ed76df2f6ef3f6b0ca103cac2ab45469a6c9761a44328529e57e29c887826bfb2fc5f0ae59aaee4641f86b1fc

  • SSDEEP

    12288:1/wha1a8LVebLbB1vIQI+z5WmpYshXZPbGwidNpg3R:1qa1aKebLbrvbIQ5WmD9idNpy

Score
10/10
spynoteandroidbankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

DOLLARXONE-26572.portmap.host:26572

Targets

    • Target

      5fa4829a95b3924478e331e71c89bc1fe55664f0e20084c9ab94e3eaf56b3f8f.bin

    • Size

      774KB

    • MD5

      5b79b8a531045300f4da0b528c7f8194

    • SHA1

      3f9b5b4c2cb67f342a6b43ad2c4f9328a9f53f9e

    • SHA256

      5fa4829a95b3924478e331e71c89bc1fe55664f0e20084c9ab94e3eaf56b3f8f

    • SHA512

      c1bd8fda1c2e9fe3355ac697d384d9c6bc681a0ed76df2f6ef3f6b0ca103cac2ab45469a6c9761a44328529e57e29c887826bfb2fc5f0ae59aaee4641f86b1fc

    • SSDEEP

      12288:1/wha1a8LVebLbB1vIQI+z5WmpYshXZPbGwidNpg3R:1qa1aKebLbrvbIQ5WmD9idNpy

    Score
    7/10
    bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      defense_evasionpersistence

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalationimpact
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks