Overview

overview

10

Static

static

10

SpyMax 4.0...26.apk

windows11-21h2-x64

3

SpyMax 4.0...28.apk

windows11-21h2-x64

3

SpyMax 4.0....0.exe

windows11-21h2-x64

1

SpyMax 4.0...et.dll

windows11-21h2-x64

1

SpyMax 4.0...ld.exe

windows11-21h2-x64

1

SpyMax 4.0...SM.dll

windows11-21h2-x64

1

platformBi...32.dll

windows11-21h2-x64

1

platformBi...ge.dll

windows11-21h2-x64

1

platformBi...32.dll

windows11-21h2-x64

1

platformBi...ge.dll

windows11-21h2-x64

1

platformBi...32.dll

windows11-21h2-x64

3

platformBi...ge.dll

windows11-21h2-x64

3

platformBi...ol.bat

windows11-21h2-x64

1

platformBi...ol.jar

windows11-21h2-x64

7

platformBi...ch.dll

windows11-21h2-x64

1

platformBi...wt.dll

windows11-21h2-x64

1

platformBi...db.exe

windows11-21h2-x64

1

platformBi...vm.dll

windows11-21h2-x64

3

platformBi...em.dll

windows11-21h2-x64

3

platformBi...et.dll

windows11-21h2-x64

1

platformBi...er.dll

windows11-21h2-x64

1

platformBi...pe.dll

windows11-21h2-x64

3

platformBi...of.dll

windows11-21h2-x64

3

platformBi...db.exe

windows11-21h2-x64

1

SpyMax 4.0...n-1.pl

windows11-21h2-x64

3

SpyMax 4.0...n-2.pl

windows11-21h2-x64

3

SpyMax 4.0...n-3.pl

windows11-21h2-x64

3

SpyMax 4.0...n-4.pl

windows11-21h2-x64

3

SpyMax 4.0...n-5.pl

windows11-21h2-x64

3

SpyMax 4.0...n-6.pl

windows11-21h2-x64

3

SpyMax 4.0...n-7.pl

windows11-21h2-x64

3

SpyMax 4.0...n-8.pl

windows11-21h2-x64

3

Analysis

  • max time kernel
    86s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15-04-2024 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    platformBinary32/bin/apktool.jar

  • Size

    10.5MB

  • MD5

    ea45fba42cc01f82b7b805a1823af211

  • SHA1

    0c9751a0c03965cf71d26c4d2d9071e85934465b

  • SHA256

    758b1bd58f9c9dd5ca85258d31c75f32e5878a502e3d75c66f3bfacf74b9dc1d

  • SHA512

    6503fe3e80f83b09e07e97d7888a7fa686e46b0e7a8501de13e134047cd0533bb3ce80f776e63ee4056eae77dad991481bc68dd423fae69766bad11157e253f3

  • SSDEEP

    196608:+7ymmCUyiCGyXpyR9f3ID5nBGM3iJnoVnSwS3xAW2LpRXHlUzWmK:+7yOUB+pyvfI1ImiFoswKxAWKdj

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\platformBinary32\bin\apktool.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3904
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:5080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    8309f5c38e91807e34501a11a62e54c1

    SHA1

    7aed8a1b793725ef8935d8a1a705f3aead590e7c

    SHA256

    c7d8cb607f9cad21f65a7e8bb04e035e9873ba9aa99e728d843731fbafa63cc2

    SHA512

    e0a3b8331b8a011e803d41cb4b822bb72988ab8184280d4125d820d3c1d22c310dde9752d647f4b9926c9c08c09a20bd3bf1de61621210179e4bf362e4dc18c1

    Download Submit

  • memory/3904-4-0x000001C366700000-0x000001C367700000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/3904-12-0x000001C364EB0000-0x000001C364EB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3904-16-0x000001C364EB0000-0x000001C364EB1000-memory.dmp

    Filesize

    4KB

    Download