Overview

overview

10

Static

static

10

Spy Note 6...pi.dll

windows7-x64

1

Spy Note 6...pi.dll

windows10-2004-x64

1

Spy Note 6...SM.dll

windows7-x64

1

Spy Note 6...SM.dll

windows10-2004-x64

1

Spy Note 6...SL.exe

windows7-x64

1

Spy Note 6...SL.exe

windows10-2004-x64

1

Spy Note 6...ub.apk

android-9-x86

Spy Note 6...ub.apk

android-10-x64

Spy Note 6...ub.apk

android-11-x64

Spy Note 6...va.jar

windows7-x64

1

Spy Note 6...va.jar

windows10-2004-x64

7

Spy Note 6...sS.exe

windows7-x64

1

Spy Note 6...sS.exe

windows10-2004-x64

1

Spy Note 6...in.exe

windows7-x64

1

Spy Note 6...in.exe

windows10-2004-x64

1

Spy Note 6...ed.exe

windows7-x64

1

Spy Note 6...ed.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    81s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2024 15:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Spy Note 6.4/SpyNote Cracked.exe

  • Size

    6.1MB

  • MD5

    b4bb4a074169545d22ad0278e66ec96b

  • SHA1

    c386177d35f0959fa55606df1bb6995b46030c61

  • SHA256

    b3ca2f2cc15a16fc390172a9507337dc1f73d3501b46e2c761238171456654ae

  • SHA512

    c0374732df1bdc15fac5229019d2962485d9a221b970690c1d2e6eb0af6401b0c98fc5d9e1584b7896e28c122afb1faa196ae5ba441f234a522c2746c5931998

  • SSDEEP

    98304:Op2AEpDZEXXZlZYZlbHn7CFK5PnOSPz3ZhqARLlJQHagle:OQvdZEXpGbH7CU9OiphhxlJJg

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Spy Note 6.4\SpyNote Cracked.exe
    "C:\Users\Admin\AppData\Local\Temp\Spy Note 6.4\SpyNote Cracked.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2548
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:2868

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2548-0-0x0000000000050000-0x0000000000670000-memory.dmp
      Filesize

      6.1MB

      Download
    • memory/2548-1-0x000007FEF4FB0000-0x000007FEF599C000-memory.dmp
      Filesize

      9.9MB

      Download
    • memory/2548-2-0x0000000000A20000-0x0000000000A9A000-memory.dmp
      Filesize

      488KB

      Download
    • memory/2548-3-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-4-0x00000000007F0000-0x00000000007FC000-memory.dmp
      Filesize

      48KB

      Download
    • memory/2548-5-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-6-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-7-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-8-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-9-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-10-0x000007FEF4FB0000-0x000007FEF599C000-memory.dmp
      Filesize

      9.9MB

      Download
    • memory/2548-11-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-16-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-17-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-18-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-19-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-20-0x000000001AE50000-0x000000001AED0000-memory.dmp
      Filesize

      512KB

      Download
    • memory/2548-22-0x000007FEF4FB0000-0x000007FEF599C000-memory.dmp
      Filesize

      9.9MB

      Download