Overview

overview

10

Static

static

10

oSiNT_1.3.apk

android-11-x64

8

nopie_open...64-v8a

android-11-x64

nopie_openvpn.armeabi

android-11-x64

nopie_open...bi-v7a

android-11-x64

nopie_openvpn.mips

android-11-x64

nopie_openvpn.x86

android-11-x64

nopie_openvpn.x86_64

android-11-x64

pie_openvpn.arm64-v8a

android-11-x64

pie_openvpn.armeabi

android-11-x64

pie_openvp...bi-v7a

android-11-x64

pie_openvpn.mips

android-11-x64

pie_openvpn.x86

android-11-x64

pie_openvpn.x86_64

android-11-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    oSiNT_1.3.apk

  • Size

    11.4MB

  • MD5

    db7d9b5e2f891e42dcfc2d8519496f29

  • SHA1

    89107b80e68661658b739727c046f3c31009c42d

  • SHA256

    a24cf4785dfaa3500f54a63126165e74f5cd20f3a3fb1b6dfc3bbb677b8584ce

  • SHA512

    6fa62cae8f0b27711cec4958a59968d38aa7df9b27c489ab853f16b8e4803a62d18e90829e32e6cfab1909721d0fbc929e145c14aa276344daf16538db05d9a2

  • SSDEEP

    196608:57Vr4+Q5M5RSsaUWuhv01X3rjYhB7VdFJ43Z96AWEkM3EmAS90WwpbncuFK1i:5Jr4t5ywohib6Fk6uj3rF90ppbngi

Score
10/10
spynote

Malware Config

Extracted

Family

spynote

C2

soon-lp.at.ply.gg:17209

Signatures

  • Spynote family
    spynote
  • Requests dangerous framework permissions 14 IoCs

Files

  • oSiNT_1.3.apk
    .apk android

    com.oSiNT.Dev

    .MainActivity


  • client.ovpn
  • nopie_openvpn.arm64-v8a
    .elf linux aarch64
  • nopie_openvpn.armeabi
    .elf linux arm
  • nopie_openvpn.armeabi-v7a
    .elf linux arm
  • nopie_openvpn.mips
    .elf linux mipsel
  • nopie_openvpn.x86
    .elf linux x86
  • nopie_openvpn.x86_64
    .elf linux x64
  • pie_openvpn.arm64-v8a
    .elf linux aarch64
  • pie_openvpn.armeabi
    .elf linux arm
  • pie_openvpn.armeabi-v7a
    .elf linux arm
  • pie_openvpn.mips
    .elf linux mipsel
  • pie_openvpn.x86
    .elf linux x86
  • pie_openvpn.x86_64
    .elf linux x64

Android Permissions

oSiNT_1.3.apk

Permissions

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

android.permission.FOREGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.RECORD_AUDIO

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.CALL_PHONE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.SET_WALLPAPER

android.permission.PROCESS_OUTGOING_CALLS

android.permission.READ_SMS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.CAMERA

android.permission.INTERNET

android.permission.SEND_SMS

android.permission.ACCESS_NETWORK_STATE

com.sec.enterprise.knox.permission.CUSTOM_SETTING

android.permission.INTERNET