Overview

overview

10

Static

static

10

SharkHack.apk

android-9-x86

7

SharkHack.apk

android-10-x64

7

SharkHack.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SharkHack.apk

  • Size

    760KB

  • Sample

    250329-l9f3naspx9

  • MD5

    038600681150a0d7b445700d9e27bed4

  • SHA1

    4854549179766a080aed9ac88cef8fe517cc8a17

  • SHA256

    e524a1934bbc30df039d1f448d33581c292ebdccff7ad3111d21695313a81c1e

  • SHA512

    1caa53f60d348c03f4d1da6ba797db58af2f901210a79538b6a049ff56fa25a6428dec1c07f0fb22fc836b1076015db599aa296e969d06105f25316fd28fa3fb

  • SSDEEP

    12288:S8kI2AEa1a8LVecDm9SSP35WmpYshXZPbGwidNpgmH:S8sa1aKecWSSP35WmD9idNpD

Score
10/10
spynoteandroidbankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

Malware Config

Extracted

Family

spynote

C2

193.161.193.99:1194

Targets

    • Target

      SharkHack.apk

    • Size

      760KB

    • MD5

      038600681150a0d7b445700d9e27bed4

    • SHA1

      4854549179766a080aed9ac88cef8fe517cc8a17

    • SHA256

      e524a1934bbc30df039d1f448d33581c292ebdccff7ad3111d21695313a81c1e

    • SHA512

      1caa53f60d348c03f4d1da6ba797db58af2f901210a79538b6a049ff56fa25a6428dec1c07f0fb22fc836b1076015db599aa296e969d06105f25316fd28fa3fb

    • SSDEEP

      12288:S8kI2AEa1a8LVecDm9SSP35WmpYshXZPbGwidNpgmH:S8sa1aKecWSSP35WmD9idNpD

    Score
    7/10
    bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      bankerdiscovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      defense_evasionpersistence

    • Requests enabling of the accessibility settings.

    • Tries to add a device administrator.

      privilege_escalationimpact
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks