Overview

overview

10

Static

static

10

Injected [...App.7z

windows7-x64

3

Injected [...App.7z

windows10-2004-x64

7

Injected [...re.apk

android-9-x86

Injected [...re.apk

android-10-x64

Injected [....8.apk

android-11-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Injected [Bind] App.7z

  • Size

    102.0MB

  • Sample

    231222-bvyn2seeg3

  • MD5

    0c5902a62172840c6d0d6f59a7c72fce

  • SHA1

    d9b320e2e9a1fbda7cebb9769142e67e6af48f70

  • SHA256

    004a967ca1a3ff968b84ae932b31da62a7186a5dadb3e0662db799683cfe854a

  • SHA512

    2046fcfd5d656d67472ae942eb8b72743834eade87c0bb9d15ab1794e966a59f3004b90fffc1fa4512dc6a0bef48e5cce8591d83e556233a7437cb13d37dd68d

  • SSDEEP

    3145728:nlOHQlOZp0qWzewQk/iLWIDh04pfktWa9:lO/cp3/nIDmj

Score
10/10
spynoteandroid

Malware Config

Extracted

Family

spynote

C2

147.185.221.17:42314

Extracted

Family

spynote

C2

147.185.221.17:42314

Targets

    • Target

      Injected [Bind] App.7z

    • Size

      102.0MB

    • MD5

      0c5902a62172840c6d0d6f59a7c72fce

    • SHA1

      d9b320e2e9a1fbda7cebb9769142e67e6af48f70

    • SHA256

      004a967ca1a3ff968b84ae932b31da62a7186a5dadb3e0662db799683cfe854a

    • SHA512

      2046fcfd5d656d67472ae942eb8b72743834eade87c0bb9d15ab1794e966a59f3004b90fffc1fa4512dc6a0bef48e5cce8591d83e556233a7437cb13d37dd68d

    • SSDEEP

      3145728:nlOHQlOZp0qWzewQk/iLWIDh04pfktWa9:lO/cp3/nIDmj

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      Injected [Bind] App/Termux_0.118.0_Apkpure.apk

    • Size

      98.1MB

    • MD5

      1d153b56b658534ee0969651eb6ca720

    • SHA1

      83db40e5d5323f1d1a42d4f9703bd4c69e314633

    • SHA256

      3f24748db5083a809864b2a5b10af6aa6ba8f84e320687224193cc7748f60fe2

    • SHA512

      53afcb0273890ea887475f39421d736f71328f1deab219bd435a9f7e50c4fc6f9fd29490672206ba1ad069dec0a4f1e72e3d5c867f0af6251cd83027285de092

    • SSDEEP

      1572864:WBWlAbNxgkzsZdhQza+4MD80EUzqfM792XEowHW2mNk9HHCgsKJWVM56Yw8qWwFN:W7NFzUJ+m42ODWLk9HDJ56Yw8+YbI

    Score
    1/10
    behavioral3behavioral4

    • Target

      Injected [Bind] App/ZArchiver_0.9.5.8.apk

    • Size

      5.4MB

    • MD5

      a02632c5bc10b3f9abf46ca36e9f7228

    • SHA1

      c856a46d21e15cb85a6d61c2941029c791bff23d

    • SHA256

      d0127c22fa417472cb643a632d02f9d82e3138719ba56585a06a47aa72836504

    • SHA512

      d4f4d286f264009a792844ecd4c5efd0a584f881ac31ef3064eba66294fc77f6ad0b5f7a6a3ad11bb8b41ad416ced60c9c611880e650da15c8d8bbed61b8aa51

    • SSDEEP

      98304:MObA1T+yJpRYWrzF61DJqW4XWbhrUjA2xbS7IFAiw142YlN3B52:MMAN+6RLFgDMW4XW1UjA2xbrFAih2YPO

    Score
    1/10
    behavioral5

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks