Overview
overview
10Static
static
10SpyNote_By...er.exe
windows7-x64
3SpyNote_By...er.exe
windows10-2004-x64
3SpyNote_By...pi.dll
windows7-x64
1SpyNote_By...pi.dll
windows10-2004-x64
1SpyNote_By...io.dll
windows7-x64
1SpyNote_By...io.dll
windows10-2004-x64
1SpyNote_By...SM.dll
windows7-x64
1SpyNote_By...SM.dll
windows10-2004-x64
1SpyNote_By...nt.exe
windows7-x64
1SpyNote_By...nt.exe
windows10-2004-x64
1SpyNote_By...va.jar
windows7-x64
1SpyNote_By...va.jar
windows10-2004-x64
7SpyNote_By...sS.exe
windows7-x64
1SpyNote_By...sS.exe
windows10-2004-x64
1SpyNote_By...in.exe
windows7-x64
1SpyNote_By...in.exe
windows10-2004-x64
1General
-
Target
SpyNote_By 30Deep.zip
-
Size
22.5MB
-
Sample
240314-s42whaab33
-
MD5
26b7e4cd58c61fa431a17f897ab420a0
-
SHA1
c4153f6435673244d339b6f2267122e3e7737f5e
-
SHA256
78bc1c088363f96eecd43f6c15337f143d8ba0ba6225aad875d0f29210a48f6b
-
SHA512
4b2aa021928474553f8a4f7774bfb3029b3a701e0eac193d0165971a3e73904b636305260b1728066fa9d2c8adeeaed85ce53eadbc6426d14d2c39c5bf5f7fb3
-
SSDEEP
393216:660JCtRhbn8gL6o8eoeoABp7uGK5xn28tXMXk8PIEsien+W7Hlg40INLdTSuVM0/:6BoTl8vo8Yo0ocX7QEixIuVM0xl
Behavioral task
behavioral1
Sample
SpyNote_By 30Deep/Android Tester.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SpyNote_By 30Deep/Android Tester.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
SpyNote_By 30Deep/CoreAudioApi.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
SpyNote_By 30Deep/CoreAudioApi.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
SpyNote_By 30Deep/NAudio.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
SpyNote_By 30Deep/NAudio.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
SpyNote_By 30Deep/Resources/Imports/Gsm/GSM.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
SpyNote_By 30Deep/Resources/Imports/Gsm/GSM.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
SpyNote_By 30Deep/Resources/Imports/Payload/BuildClient.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
SpyNote_By 30Deep/Resources/Imports/Payload/BuildClient.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
SpyNote_By 30Deep/Resources/Imports/PlayerJava/PlayerJava.jar
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
SpyNote_By 30Deep/Resources/Imports/PlayerJava/PlayerJava.jar
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
SpyNote_By 30Deep/Resources/Imports/T/sS.exe
Resource
win7-20240215-en
Behavioral task
behavioral14
Sample
SpyNote_By 30Deep/Resources/Imports/T/sS.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
SpyNote_By 30Deep/Resources/Imports/platform-tools/plwin.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
SpyNote_By 30Deep/Resources/Imports/platform-tools/plwin.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
spynote
[SPY_NOTE_HOST_OK]:[SPY_NOTE_PORT_OK]
Targets
-
-
Target
SpyNote_By 30Deep/Android Tester.exe
-
Size
1.2MB
-
MD5
b4011069f308adfd9aaf162a048af52a
-
SHA1
5bd8e0a87315fae31a00c686117fa9e68cf68028
-
SHA256
5a43db2cdbafc97ffaa72c5dfc8c806c03fe48205c2f1924e9fddc64e94a6a6f
-
SHA512
cde1f70a991d17cd284b40e34a45044104856672d0bed5b0d3da08271ec854d4669bf7e8289d8c9a1e94be485b424ba5c7752bd40d7b286453619897f3e5ab5b
-
SSDEEP
24576:O3cM3co+GmVct8O2rKRZE+qR9O08k8sVW40PyQ:O3cM3cLoRZENLr
Score3/10 -
-
-
Target
SpyNote_By 30Deep/CoreAudioApi.dll
-
Size
24KB
-
MD5
6a009b7c4b252788d80d4e40adcf51ce
-
SHA1
9302cd4f00fa70b768feec2a49505052cd4bd13e
-
SHA256
df6115987161ee1238f9564bd10c998d9016f582e5b7b9d23d21a74d6955bdd3
-
SHA512
7a27bc38249b293fbfb9389cac3365bf64e9536281c347939192e6b151b4e574bd9743df81721dc4e6beca0ab0a5784436b7f7bff780fdddef4c7c26b02cc354
-
SSDEEP
384:JGuIVn86+5zUH4RmcBoZhn9ipvNeFSAucqmPBJGbsw3uiIx5L5gV:CVn86YzgoW0VNeFS0Tbw3up5tgV
Score1/10 -
-
-
Target
SpyNote_By 30Deep/NAudio.dll
-
Size
498KB
-
MD5
6ca17abccae3050f391401b2955f9333
-
SHA1
0975b039a793accb58130d6639262cd291d80d5d
-
SHA256
3ad5d09b4c8c3146d15955a564a9f1a57d7c795b189a25c6f722a738d95ef89c
-
SHA512
c08f366aae9baf0e7762f47a2f79d0dee5187a1d7631e5838590b7c12911bdeb6247e0ff860ade36e04f1d6717f919ad98df6d3a1a556bff4b8994db9616ccec
-
SSDEEP
12288:MnXnae2TPlr3zvzar5oRDaw92wP6mai9gs6C:K8lrT+r5ADakP4i9gs
Score1/10 -
-
-
Target
SpyNote_By 30Deep/Resources/Imports/Gsm/GSM.dll
-
Size
5KB
-
MD5
c4ceacedf5310a761b828bed9f7dbc62
-
SHA1
f2c4c23d1c04df3899bc0a1e1812eca8f421fbb1
-
SHA256
61b0ca29ce7a62932699f33c272fd6d3731a1430ac3455b7a240b01ae461370f
-
SHA512
58c42d60a28c6e344060242e77cc841ba1a892cb8b9d5dae02c8f9b2e4c1deeebb599e6a1c401a3c585eb44c28d9c72b2ee56be273169af1d52850e426a1da32
-
SSDEEP
96:Vuyz+/KPV+gzlmtrLPfdHOzHFu90rdjF:5z+m9ELPfdHH90H
Score1/10 -
-
-
Target
SpyNote_By 30Deep/Resources/Imports/Payload/BuildClient.exe
-
Size
43KB
-
MD5
fc5704b2e4bcd31f2d954b0fb8f4cfe0
-
SHA1
b37424a8a94f4b7e878ed79fd03914b1479a7e2b
-
SHA256
f0de2235c7cb055bb66f3880d58022a53339619f38165229640467250ef8547b
-
SHA512
3e0a9b8bbd7aae9ea91f75a9bdf18ac3777deaab9af87dba3ab0510e6bd126dcda2b95b51d58515d8ce6eac5c560223c8728e6377c6ff79043ec58b7cd89745c
-
SSDEEP
768:SFX5x0FJ2EGzJPJjEj4AeYAIkccBwiFYHJIXTMrEeYLdA:oXXjEa9M4YxNSUiMrOd
Score1/10 -
-
-
Target
SpyNote_By 30Deep/Resources/Imports/PlayerJava/PlayerJava.jar
-
Size
3KB
-
MD5
d9c23d7574c0d886321dcd029e463f2c
-
SHA1
7fad47eb6860a01325c6d526a43d9bbadb66aff7
-
SHA256
e22d8a06415f21b900a9a079a6a7928d6c84d2cf33aa07c6ad385dfbbfcd55ed
-
SHA512
c32c019fb0bacbd70441cf3ed769bfde9597389f840ff8511db36586756382ef22bd163a7b7cb9e258a4b7a896e5d1a606d92513a141cb2e3c6e421a66ecb316
Score7/10-
Modifies file permissions
-
-
-
Target
SpyNote_By 30Deep/Resources/Imports/T/sS.exe
-
Size
20KB
-
MD5
fcc080409bf077b1c85f159218e62dbf
-
SHA1
616e64d4ca2286d4f4b11df583fa2b9ba81c6e78
-
SHA256
e3865e0d3f776a6827f4ddb640cc66c56ede8826a1f29383e3578b85caf248ef
-
SHA512
14d7ceac1730faadfe10ff573ed825f8e449c7ae879892d09d832b67d68a128c07ef94c675a5221edde82e7b73fd1b852ddbda7894e554cce98fa1625fb00eb6
-
SSDEEP
384:3AOcHfvbeLb7i4yimcx5GLD9WLEO2a0R7RknlcDqfJ:3AO+fDen7i4fmFrRFknGDy
Score1/10 -
-
-
Target
SpyNote_By 30Deep/Resources/Imports/platform-tools/plwin.exe
-
Size
25KB
-
MD5
9aadaec3eccf406b2591e32c438a67a4
-
SHA1
fb971b1687400fcedf5ac4a36f45ead3b54d14e3
-
SHA256
268fa687554273029bf87668367b4084d4928de6b2a4cf4fbcd52e944d0efe16
-
SHA512
cba31ace6459a83dca18a486fc7a06da50419442d92e25e2661fdc101542b49ae3778fe197b6409396b7093747c67316917760de8576d351cd37e51e3dda9d3d
-
SSDEEP
768:Q3ULAwpnEUaSCMc/o6/d5cfsEAIHtYcFmVc6K:eULAwcSCMcdWfsQfmVcl
Score1/10 -