spynote | 2cf13d26347da2c0d0e134bc200d361bdb3156e68734e82f21688cb6860b1798

Sharing

Copy URL

Twitter E-mail

General

Target

Spy Note 6.4(1).rar
Size

28.5MB
Sample

240204-ssjksafaal
MD5

b8824faa426b9d6047dc0ee45b2ca07e
SHA1

872283a630ee74b3e2b6141c9473a96ff874ddac
SHA256

2cf13d26347da2c0d0e134bc200d361bdb3156e68734e82f21688cb6860b1798
SHA512

ba614d003d5b3325288b8a489e7f6080b2c578fc9aab22de7e2dee2ebdb2ce0c41f83e6247667878326ca57fddfc8f8741387507d088d37cf49bfeb886f188b5
SSDEEP

786432:rq3xnR/eOXkUAd2Z9EOrrUFOtR4J/5+e5k0yJl:23bRAd2Z97rrUFOElQJl

Score

10^/10

Malware Config

Extracted

Family

spynote

[SPY_NOTE_HOST_OK]:[SPY_NOTE_PORT_OK]

Targets

- Target
  
  Spy Note 6.4/CoreAudioApi.dll
- Size
  
  24KB
- MD5
  
  6a009b7c4b252788d80d4e40adcf51ce
- SHA1
  
  9302cd4f00fa70b768feec2a49505052cd4bd13e
- SHA256
  
  df6115987161ee1238f9564bd10c998d9016f582e5b7b9d23d21a74d6955bdd3
- SHA512
  
  7a27bc38249b293fbfb9389cac3365bf64e9536281c347939192e6b151b4e574bd9743df81721dc4e6beca0ab0a5784436b7f7bff780fdddef4c7c26b02cc354
- SSDEEP
  
  384:JGuIVn86+5zUH4RmcBoZhn9ipvNeFSAucqmPBJGbsw3uiIx5L5gV:CVn86YzgoW0VNeFS0Tbw3up5tgV
Score

1^/10
behavioral1 behavioral2
- Target
  
  Spy Note 6.4/Resources/Imports/Gsm/GSM.dll
- Size
  
  5KB
- MD5
  
  c4ceacedf5310a761b828bed9f7dbc62
- SHA1
  
  f2c4c23d1c04df3899bc0a1e1812eca8f421fbb1
- SHA256
  
  61b0ca29ce7a62932699f33c272fd6d3731a1430ac3455b7a240b01ae461370f
- SHA512
  
  58c42d60a28c6e344060242e77cc841ba1a892cb8b9d5dae02c8f9b2e4c1deeebb599e6a1c401a3c585eb44c28d9c72b2ee56be273169af1d52850e426a1da32
- SSDEEP
  
  96:Vuyz+/KPV+gzlmtrLPfdHOzHFu90rdjF:5z+m9ELPfdHH90H
Score

1^/10
behavioral3 behavioral4
- Target
  
  Spy Note 6.4/Resources/Imports/Payload/SL.exe
- Size
  
  1.5MB
- MD5
  
  2eabc8a774c544e9b6e23ba1b83ed783
- SHA1
  
  a880005b4f619e004f4d9adcce2a9612112c26b2
- SHA256
  
  0080743a4364b8e5d8ec6a19010ee12dc79fcf815f592db639af262420ada0f8
- SHA512
  
  ed8cd1ec97e0954715c81c284bbc2751340a7933511862cda65e72be35fdd9d4a8693066f3023025f92b06c845173c2e5da6f4d88a3e97c62c640643dff475a9
- SSDEEP
  
  768:1KSAOfhZXvSzjWKDIp93ZZwpZpTQdBHiF7QHsIMd3uDzZuFs+mk:nrfhZXvSzjWb5wz16S7l9eDzZu7
Score

1^/10
behavioral5 behavioral6
- Target
  
  Spy Note 6.4/Resources/Imports/Payload/stub.apk
- Size
  
  730KB
- MD5
  
  0c0290abde03555f3c66c81eba860a3d
- SHA1
  
  939a8e6d0ed4bd8c9f491405ecf069df7bddb7cc
- SHA256
  
  7b20a276931c8625b39ebc46017c7e4d4a7bdf319b9f451231d777b078b0cd6a
- SHA512
  
  441922d41856ec246d1cb29e3b290b62b2d3bc4ca54f896af1df72263e67a320f1b3b85f4d5bd129fa32b4633a1b9f74a63783791f1ea1cb1ca97a8a26b8ea48
- SSDEEP
  
  12288:CJc+EIBvAvcKIth8eGz3zaR9QHqd8gmw+/goe13VvqX:CJc+EIO0K4KeGTzaR+imz/goeHvqX
Score

1^/10
behavioral7 behavioral8 behavioral9
- Target
  
  Spy Note 6.4/Resources/Imports/PlayerJava/PlayerJava.jar
- Size
  
  3KB
- MD5
  
  d9c23d7574c0d886321dcd029e463f2c
- SHA1
  
  7fad47eb6860a01325c6d526a43d9bbadb66aff7
- SHA256
  
  e22d8a06415f21b900a9a079a6a7928d6c84d2cf33aa07c6ad385dfbbfcd55ed
- SHA512
  
  c32c019fb0bacbd70441cf3ed769bfde9597389f840ff8511db36586756382ef22bd163a7b7cb9e258a4b7a896e5d1a606d92513a141cb2e3c6e421a66ecb316
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10 behavioral11
- Target
  
  Spy Note 6.4/Resources/Imports/T/sS.exe
- Size
  
  20KB
- MD5
  
  fcc080409bf077b1c85f159218e62dbf
- SHA1
  
  616e64d4ca2286d4f4b11df583fa2b9ba81c6e78
- SHA256
  
  e3865e0d3f776a6827f4ddb640cc66c56ede8826a1f29383e3578b85caf248ef
- SHA512
  
  14d7ceac1730faadfe10ff573ed825f8e449c7ae879892d09d832b67d68a128c07ef94c675a5221edde82e7b73fd1b852ddbda7894e554cce98fa1625fb00eb6
- SSDEEP
  
  384:3AOcHfvbeLb7i4yimcx5GLD9WLEO2a0R7RknlcDqfJ:3AO+fDen7i4fmFrRFknGDy
Score

1^/10
behavioral12 behavioral13
- Target
  
  Spy Note 6.4/Resources/Imports/platform-tools/plwin.exe
- Size
  
  25KB
- MD5
  
  9aadaec3eccf406b2591e32c438a67a4
- SHA1
  
  fb971b1687400fcedf5ac4a36f45ead3b54d14e3
- SHA256
  
  268fa687554273029bf87668367b4084d4928de6b2a4cf4fbcd52e944d0efe16
- SHA512
  
  cba31ace6459a83dca18a486fc7a06da50419442d92e25e2661fdc101542b49ae3778fe197b6409396b7093747c67316917760de8576d351cd37e51e3dda9d3d
- SSDEEP
  
  768:Q3ULAwpnEUaSCMc/o6/d5cfsEAIHtYcFmVc6K:eULAwcSCMcdWfsQfmVcl
Score

1^/10
behavioral14 behavioral15
- Target
  
  Spy Note 6.4/SpyNote Cracked.exe
- Size
  
  6.1MB
- MD5
  
  b4bb4a074169545d22ad0278e66ec96b
- SHA1
  
  c386177d35f0959fa55606df1bb6995b46030c61
- SHA256
  
  b3ca2f2cc15a16fc390172a9507337dc1f73d3501b46e2c761238171456654ae
- SHA512
  
  c0374732df1bdc15fac5229019d2962485d9a221b970690c1d2e6eb0af6401b0c98fc5d9e1584b7896e28c122afb1faa196ae5ba441f234a522c2746c5931998
- SSDEEP
  
  98304:Op2AEpDZEXXZlZYZlbHn7CFK5PnOSPz3ZhqARLlJQHagle:OQvdZEXpGbH7CU9OiphhxlJJg
Score

1^/10
behavioral16 behavioral17
- Target
  
  Spy Note 6.4/Weather.apk
- Size
  
  10.9MB
- MD5
  
  d1384eebcba46e7569d3b89f9846c358
- SHA1
  
  8faa69276367840fab17a0f7f13b8dfb84fd3262
- SHA256
  
  3721ff80ce7c5f42ee2b51c867914cf40d2c1f1ab2cb0c176c6d13295206a6ce
- SHA512
  
  e5678592787cd58dce70f0e0140f2aa4720dfc3d468aee461050bf8832e08f35efc486bda1feecbc42cfe3321d1184a79864cccde3df9bcc2d7c427d0ab7a535
- SSDEEP
  
  196608:I3PFjhT4wJhmKHowjce5HJQ5Xsd5prZTFvIr21UWIXR75FYDBTn8HiQ:6PFGwGKHRvE5XyZFvIK1pIx5+DBTnO
Score

1^/10
behavioral18 behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20