spynote | eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60[.]apk

General

Target

eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60.apk
Size

813KB
MD5

a51334ad82fbdbd4e2f1483b57eccf42
SHA1

00840f90c6860f840f138220a77c31db866fdcf4
SHA256

eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60
SHA512

3af3ffd37e12aedec3ec30b5aeebf3a81060e1c14bee2f9ce79342d65b2c2481c2e7eca721d9731389c3b751ab0c68233d59d8817f6e437e87945f1fd6913873
SSDEEP

12288:WuypHdK2vxu5FbAE7DKcbN78blukHCnBh8vDHzL8qKB/A:Wuy3lxu53PlbN78bkkHCnBeDHsqKhA

Score

10^/10

spynote

Malware Config

Signatures

Spynote family
spynote

Spynote payload 1 IoCs

Processes:

resource	yara_rule
sample	family_spynote

Requests dangerous framework permissions 7 IoCs

Processes:

description	ioc
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS

Files

eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60.apk
.apk android

yps.eton.application

yps.eton.application.M

Activities

yps.eton.application.M

android.intent.action.MAIN

Permissions

android.permission.READ_SMS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_SETTINGS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.GET_ACCOUNTS
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_CONTACTS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_SMS
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

yps.eton.application.B

android.intent.action.BOOT_COMPLETED

yps.eton.application.C

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

yps.eton.application.S

android.provider.Telephony.SMS_RECEIVED

yps.eton.application.D

android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_DISABLED

Services

yps.eton.application.k

android.accessibilityservice.AccessibilityService

Android Permissions

eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60.apk

Permissions

android.permission.READ_SMS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_SETTINGS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.GET_ACCOUNTS

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_CONTACTS

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_SMS

android.permission.RECEIVE_BOOT_COMPLETED

Resubmissions

Sharing

General

Malware Config

Signatures

Files

yps.eton.application

yps.eton.application.M

Activities

yps.eton.application.M

Permissions

Receivers

yps.eton.application.B

yps.eton.application.C

yps.eton.application.S

yps.eton.application.D

Services

yps.eton.application.k

Android Permissions

eec5096dfca6824317863f9225c29f6c4b3442c48fefa62dc382e3569bca5a60.apk