Overview

overview

10

Static

static

10

oSiNT_1.3 signed.apk

android-11-x64

8

nopie_open...64-v8a

android-11-x64

nopie_openvpn.armeabi

android-11-x64

nopie_open...bi-v7a

android-11-x64

nopie_openvpn.mips

android-11-x64

nopie_openvpn.x86

android-11-x64

nopie_openvpn.x86_64

android-11-x64

pie_openvpn.arm64-v8a

android-11-x64

pie_openvpn.armeabi

android-11-x64

pie_openvp...bi-v7a

android-11-x64

pie_openvpn.mips

android-11-x64

pie_openvpn.x86

android-11-x64

pie_openvpn.x86_64

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    oSiNT_1.3 signed.apk

  • Size

    11.4MB

  • MD5

    ac19aa7cac59a97b05c01bf12a377ada

  • SHA1

    5448c10862f4282d6e2bfb0b0c8b9333fc6164b8

  • SHA256

    a1037af0665526dc314ef08cb1bdfe409d5b9a31b733173469bb1990283ba573

  • SHA512

    bab471776660dd49e3d36ab73e6d6de24118110fa63940bc90880094db247c43427c14b5f48e2294bfaf7a19a569ee7fafbc46ec2c1edda3b9df536fff3eb949

  • SSDEEP

    196608:97Vr4+Q5M5RSsaUWupvcpWKCLy2LdVFp43ZN6dWEzMB54AS90NNPbnDIT2YZ:9Jr4t5ywopGRgrFM6rQBGF903PbgBZ

Score
10/10
spynote

Malware Config

Extracted

Family

spynote

C2

soon-lp.at.ply.gg:17209

Signatures

  • Spynote family
    spynote
  • Requests dangerous framework permissions 14 IoCs

Files

  • oSiNT_1.3 signed.apk
    .apk android

    com.oSiNT.Dev

    .MainActivity


  • client.ovpn
  • nopie_openvpn.arm64-v8a
    .elf linux aarch64
  • nopie_openvpn.armeabi
    .elf linux arm
  • nopie_openvpn.armeabi-v7a
    .elf linux arm
  • nopie_openvpn.mips
    .elf linux mipsel
  • nopie_openvpn.x86
    .elf linux x86
  • nopie_openvpn.x86_64
    .elf linux x64
  • pie_openvpn.arm64-v8a
    .elf linux aarch64
  • pie_openvpn.armeabi
    .elf linux arm
  • pie_openvpn.armeabi-v7a
    .elf linux arm
  • pie_openvpn.mips
    .elf linux mipsel
  • pie_openvpn.x86
    .elf linux x86
  • pie_openvpn.x86_64
    .elf linux x64

Android Permissions

oSiNT_1.3 signed.apk

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.FOREGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.CALL_PHONE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.SET_WALLPAPER

android.permission.PROCESS_OUTGOING_CALLS

android.permission.READ_SMS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.CAMERA

android.permission.INTERNET

android.permission.SEND_SMS

android.permission.ACCESS_NETWORK_STATE

com.sec.enterprise.knox.permission.CUSTOM_SETTING

android.permission.INTERNET