General

  • Target

    SpyNote_v6.4.7z

  • Size

    21.3MB

  • Sample

    240415-rcf92sad2y

  • MD5

    73aa67a499d986a19976d1d041f673ea

  • SHA1

    7aa1d8227d174d989e5135762752000fe9000e0d

  • SHA256

    a51dd83fb2f8ab618515855475f83188b18872db105b624ec4f40a444e09e818

  • SHA512

    bacd7c9a23973785a04eab89fb87f6ef37ed34fd9243d90efa6c20174de9a5c7025c1366d232ca79ba1f528de4f4aadeaeeb8e61ee74325fb50b6d75cca5555b

  • SSDEEP

    393216:nJ281jdvDZxOUb/g9yi9TOrZL2yHossXrCeR8jL070CIu4P8SVyGvhqfKq+opD1G:nI8b/OUDgT9CDHoOeRwL0aT/VJUfKqrK

Score
10/10

Malware Config

Extracted

Family

spynote

C2

[SPY_NOTE_HOST_OK]:[SPY_NOTE_PORT_OK]

Targets

    • Target

      SpyNote_v6.4/CoreAudioApi.dll

    • Size

      24KB

    • MD5

      6a009b7c4b252788d80d4e40adcf51ce

    • SHA1

      9302cd4f00fa70b768feec2a49505052cd4bd13e

    • SHA256

      df6115987161ee1238f9564bd10c998d9016f582e5b7b9d23d21a74d6955bdd3

    • SHA512

      7a27bc38249b293fbfb9389cac3365bf64e9536281c347939192e6b151b4e574bd9743df81721dc4e6beca0ab0a5784436b7f7bff780fdddef4c7c26b02cc354

    • SSDEEP

      384:JGuIVn86+5zUH4RmcBoZhn9ipvNeFSAucqmPBJGbsw3uiIx5L5gV:CVn86YzgoW0VNeFS0Tbw3up5tgV

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Clients/KingB_354051091211537/Settings/2021-11-9--11-07-16.html

    • Size

      5KB

    • MD5

      ebbd85872881ea5b9062e582425e133b

    • SHA1

      dbe89aabc9f3330205893c1e81e4f75a4adaa253

    • SHA256

      c403aca8d1faf420dec4ce43fc27e8f5e980cc68619c79265a555227ab6c0f6b

    • SHA512

      836edded1673c5a508d28fabaf970e098c0237177cacb901a5c95cccd641b1c8726ea7aa7fb77fb20a08b9b41e096eaf4bded8065afb90e35b5ba2e7444fe498

    • SSDEEP

      48:yfUp0WhAx1FYVFdFqxyyTaqgD6FT1hg7tT/fd1/ha1B5dNM121H7/B9sWVYP0u1N:qRFAwO96Fuf6/HWP5RnjefI

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Clients/Vicitim_354051091211537/Apps/2021-27-9--17-10-52.html

    • Size

      9KB

    • MD5

      6a9f214598268f6b9754d0c6b3c29cfd

    • SHA1

      80858e5c88c4f875a03879eeb7f427e4c63f0981

    • SHA256

      70cb40871f1ca0e710697d82ae1d48d4236ef4d82ac4af897558a6397baa0748

    • SHA512

      56d9f796aa974a612486454ac0e7d1218ddbaf06447f85c1cb62efc943346adf71d98d5026ab54bff88cd087155a0b008f73be290808a350538e0e78a1e7026d

    • SSDEEP

      96:qa3FAwO96Fuf6/aFdAy7hLp209NSTWd3hC3CYvFrGSpI:qa39QmTH3CYvI

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Clients/Vicitim_354051091211537/Settings/2021-27-9--17-12-59.html

    • Size

      5KB

    • MD5

      c8c8fcd405c8a96e90410aa1db93cffa

    • SHA1

      4f10edb9c46052cf4f8561fae3f39c2280db10de

    • SHA256

      2e019c102d5f2eaf9a3ab532422428e3a281fba275151910f731e21d87995a62

    • SHA512

      fe51e7bfb9ce47762eb6a1cfdbc13578dadcc5b1364c740ef93be76d1958a42768e1590a97fb4514d5242d2c8a136b9561ffeec09e1241b007575527b4940c3f

    • SSDEEP

      48:yfUpWR3WhAx1FYVFdFqxyyTaqgD6FT1hg7tT/fd1/ha1B5dNM121H7/B9sWVYP0W:qD3FAwO96Fuf6/HWP5RhYefd

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Imports/Gsm/GSM.dll

    • Size

      5KB

    • MD5

      c4ceacedf5310a761b828bed9f7dbc62

    • SHA1

      f2c4c23d1c04df3899bc0a1e1812eca8f421fbb1

    • SHA256

      61b0ca29ce7a62932699f33c272fd6d3731a1430ac3455b7a240b01ae461370f

    • SHA512

      58c42d60a28c6e344060242e77cc841ba1a892cb8b9d5dae02c8f9b2e4c1deeebb599e6a1c401a3c585eb44c28d9c72b2ee56be273169af1d52850e426a1da32

    • SSDEEP

      96:Vuyz+/KPV+gzlmtrLPfdHOzHFu90rdjF:5z+m9ELPfdHH90H

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Imports/Payload/SL.exe

    • Size

      1.5MB

    • MD5

      f6a422a88819ddbea39c40a28fbdd307

    • SHA1

      710fdbbd3d6f273bdc05bf4c3a0146b0142ad71e

    • SHA256

      ebabf22b419f6a4b1fde570999f5871fb4f0552f4a97629f6ebf02edd33b8a2b

    • SHA512

      42c6f6e92d0c3ec764017c69e1c52ced65944b45782b72ce586d4203acbbf39affb267a16314c30ec146cb8710c0e151c3db2a851100b8cf7bbcf800dbde3051

    • SSDEEP

      768:rKSAOfhZXvSzjWKDIp93ZZwpZpTQdBHiF7QHsIMd3uDxZuFs+mg:9rfhZXvSzjWb5wz16S7l9eDxZuv

    Score
    1/10
    • Target

      apktool/apktool.bat

    • Size

      135B

    • MD5

      b02966b106045115fa8ef94a4e67537b

    • SHA1

      f901df8bbfe8fe50e560e625a27da1c6c4f0e9b3

    • SHA256

      3d8108beb40535e68e7f6421a4309408ea5efab91707fa25d862154e3cc9b6df

    • SHA512

      6274a4568285c74985b095d1dd5649044b61cb7c372dc4653c62a2b92833df477f5a5453be0e598622918b4e6c27064a57e5fba1a657dd064e6d9598fe2f94cc

    Score
    7/10
    • Target

      apktool/apktool.jar

    • Size

      8.9MB

    • MD5

      a15507953bd9b89c2d6570f46fb1f774

    • SHA1

      261a8e68c72b0ebf70894c40b3c35176a66d86fe

    • SHA256

      0e543660bf2d16fe7c543d4034ef505a6ddccb883416c8aa68d1a1d779b057f2

    • SHA512

      eb519a94a4aecc1358f4a1cc84e03c772d8b59edf8b5e37956a756f0cc2673c5d9d976ad6796543db74cf187763077b4bbcd0519e7f7be845c0e9874d4862353

    • SSDEEP

      196608:lIkbXnl3I3rmGQFTbuGzuJVzNfaTWkxQcGhiO:lIw+mGyTNzuJNkTWk0

    Score
    7/10
    • Target

      apktool/signapk.jar

    • Size

      7KB

    • MD5

      aec6985fe2314e4d032ba6d192ac4163

    • SHA1

      b16f006e7bf509add528f4b9a075ca373d531203

    • SHA256

      b17534e89a5b58d5e343ba54a49da579cf9213988f4beeae24fe4582a0c226bb

    • SHA512

      5347fb296f87fb71046e0fd261a495485254ed7bd6d68da3aebb346267e5bc14ad8a89aa5496b31b2bf0da35b8c7c4cbbf71ace977443f09ecdbe50e1288bcea

    • SSDEEP

      192:20AfGZ6TJSM/+Lz2dBM8ZRSvdrGanQRSHFzJ:dj6tof2nMySvldT

    Score
    7/10
    • Target

      SpyNote_v6.4/Resources/Imports/Payload/stub.apk

    • Size

      730KB

    • MD5

      0c0290abde03555f3c66c81eba860a3d

    • SHA1

      939a8e6d0ed4bd8c9f491405ecf069df7bddb7cc

    • SHA256

      7b20a276931c8625b39ebc46017c7e4d4a7bdf319b9f451231d777b078b0cd6a

    • SHA512

      441922d41856ec246d1cb29e3b290b62b2d3bc4ca54f896af1df72263e67a320f1b3b85f4d5bd129fa32b4633a1b9f74a63783791f1ea1cb1ca97a8a26b8ea48

    • SSDEEP

      12288:CJc+EIBvAvcKIth8eGz3zaR9QHqd8gmw+/goe13VvqX:CJc+EIO0K4KeGTzaR+imz/goeHvqX

    Score
    3/10
    • Target

      SpyNote_v6.4/Resources/Imports/PlayerJava/PlayerJava.jar

    • Size

      3KB

    • MD5

      d9c23d7574c0d886321dcd029e463f2c

    • SHA1

      7fad47eb6860a01325c6d526a43d9bbadb66aff7

    • SHA256

      e22d8a06415f21b900a9a079a6a7928d6c84d2cf33aa07c6ad385dfbbfcd55ed

    • SHA512

      c32c019fb0bacbd70441cf3ed769bfde9597389f840ff8511db36586756382ef22bd163a7b7cb9e258a4b7a896e5d1a606d92513a141cb2e3c6e421a66ecb316

    Score
    7/10
    • Target

      SpyNote_v6.4/Resources/Imports/T/sS.exe

    • Size

      20KB

    • MD5

      90c145d34b8ac338e099f062bf5d86c0

    • SHA1

      d8518776439fd67f9e4d1b5441a96b5cb783d2b1

    • SHA256

      60cb176777a21fa10359afff9d48766ee84d50d7d2f06a5047fe84106fe07626

    • SHA512

      07694ca2c05b3c8932ddc17920dfd05e58e1f435b468f5f896a4dc0d0c5688fb1217140515a497fe8a10a1cb30b135fd9ac928125f7602218b1588e7a9363a73

    • SSDEEP

      384:sOaTt8CNVFW6qh/M+z/QunGLS9tLEO2a0R72t465i:stTBVzqO+z9SZRSt465i

    Score
    1/10
    • Target

      platform-tools/AdbWinApi.dll

    • Size

      95KB

    • MD5

      ed5a809dc0024d83cbab4fb9933d598d

    • SHA1

      0bc5a82327f8641d9287101e4cc7041af20bad57

    • SHA256

      d60103a5e99bc9888f786ee916f5d6e45493c3247972cb053833803de7e95cf9

    • SHA512

      1fdb74ee5912fbdd2c0cba501e998349fecfbef5f4f743c7978c38996aa7e1f38e8ac750f2dc8f84b8094de3dd6fa3f983a29f290b3fa2cdbdaed691748baf17

    • SSDEEP

      1536:Jwqdq+3pvspmLh8SCykrpTG7kfGHuNezq02XJqo+iFi1yCP:JwqD3L8Tezq0et+ui1y

    Score
    3/10
    • Target

      platform-tools/AdbWinUsbApi.dll

    • Size

      61KB

    • MD5

      0e24119daf1909e398fa1850b6112077

    • SHA1

      293eedadb3172e756a421790d551e407457e0a8c

    • SHA256

      25207c506d29c4e8dceb61b4bd50e8669ba26012988a43fbf26a890b1e60fc97

    • SHA512

      9cbb26e555ab40b019a446337db58770b9a0c9c08316ff1e1909c4b6d99c00bd33522d05890870a91b4b581e20c7dce87488ab0d22fc3c4bbdd7e9b38f164b43

    • SSDEEP

      1536:l72doFmOiHizFbPlspcsbj5ZsP+YeTs1p:lSSfN9+YeTs1p

    Score
    3/10
    • Target

      platform-tools/adb.exe

    • Size

      1.7MB

    • MD5

      884242fb6cbbec1f7711b946ef669e0e

    • SHA1

      7b2bc3c03909e705da759b7c21907683db668cc5

    • SHA256

      65210cb4139672b53acaa2222b1005d036b0b02c437aa47e0e7b616fab0e2f6f

    • SHA512

      c73ed5875dd0a3f0c400794a10336b00602950fa3ff6fb99ce9a772681fb8c5237c5c3cba2d0b7d254e497383d634d3a97342039cc40d295f262c583d0839768

    • SSDEEP

      49152:WyM2dKh9Z/8qaQqBwYNapOdJmUUXPB2DhmRz:dZsh9Z/8pQqBwYNapOdJmUUBRz

    Score
    1/10
    • Target

      platform-tools/dmtracedump.exe

    • Size

      142KB

    • MD5

      41f6a72f1a9e3d63be1839edc1e96e1f

    • SHA1

      e6b811bbe6986937e7991c6e7b8cf0e564cbc075

    • SHA256

      f9a239882c548d303e7286e2c34a22f694bbc41499dcd762e9af2fde49540637

    • SHA512

      9409e586b083099e041b962c65a10f362886f919fd1a2c926846ba8650e228551ba8bf108d5779b98bd2997e3881370df6141080aeca186b83fcedf3127737f3

    • SSDEEP

      1536:DqyWSNJKj1DjfWK7oK3Gi4iPWatziN8SUDwH3WchEpbWtdmyKY1togmUgzH:DDy1OM3GiLeaHt3patdmFY1togmUgzH

    Score
    1/10
    • Target

      platform-tools/etc1tool.exe

    • Size

      326KB

    • MD5

      b1f9af974b3fb6e2e7e0da4498ad9548

    • SHA1

      53c4b86c0204097fbbde53f0c383a76b782f231f

    • SHA256

      d1a7e47529dacfe92fe91d01dcd2f378aa080abc1ce7f87ce1dbea44f08ba717

    • SHA512

      f1fccb4ce9522c6bedd9ade121094b997089a7d2be5e4245255256ba8e87f028581879476dbf5951d512d29fcb91a4ce41155e1c12b2e031953fbc5f4593c361

    • SSDEEP

      6144:mMSFNW5uQhA0aNh7SZdt6palbsTBPkbRUUgW:mFNWkQhA0Ih76dCalbsTVkFn

    Score
    1/10
    • Target

      platform-tools/fastboot.exe

    • Size

      833KB

    • MD5

      0875abb1c7b403b3f95631326eafb6c2

    • SHA1

      45faf0c7b005b72145f25186b1a735f282332246

    • SHA256

      d794004af6dfedb5dbf118c20b4fda20ecdb38744191e859f1233287291cf0c7

    • SHA512

      e7749ca3490851c854a036147041c04327203aacd9f9ec6577023ff4adfb9f3ae494baa312dbd12eedce21601ce8a0d2fd20f6f130ed0b2b134ee289db47f09b

    • SSDEEP

      24576:U+oaWQe5SvYC25H2wrDB8sxUaLDi6SUasTjffp:UJHh3B8sxU2isTL

    Score
    1/10
    • Target

      platform-tools/hprof-conv.exe

    • Size

      42KB

    • MD5

      31765209d356a33c1a912fb45f5cdd23

    • SHA1

      ddd898ca185d9ccaea5e8eba7b026d02a309fdf6

    • SHA256

      4f26eb3b5ffea699cdb1cdb2724e0078ceaea9a7584fa1fb277c590bc845a1c7

    • SHA512

      44a846fc9e6c283f5b08315e56ffd65ba495208011264c7bcf00ffe638e5b438d6c2382e09e975e9387018c22d53f6092c89652418ef2db96afc3c892cb4ecec

    • SSDEEP

      768:VF9VS8FSOvwHpgf974u1T5iOen0c8oJQ3XB+wHUef3cr:b9VSSwHpMLx5yWuQ3XB+Glf8

    Score
    1/10
    • Target

      platform-tools/lib64/libc++.so

    • Size

      1.2MB

    • MD5

      299383192987cab6106075b5e0b5214a

    • SHA1

      aac38d27554ff20a054562c6d1a8640c77c24964

    • SHA256

      cbcb47f0907e688c30f846490884a2c24ef465dc96080350063491c3c0713835

    • SHA512

      4c71c386381a86926edaac2924b2a29edbbdff9c6eddba1b810ce26c38b2dec49eac41b767af13fa71f2c7f56642858303b4b262bc87db64dec900473081c542

    • SSDEEP

      24576:WR7l2SLumB5qsbVElEbhYe2sdpQM0srPgAT7MBaUNdSbGR7l2SLu2BT:+AsbuvePp0srPgATVUXSbaT

    Score
    3/10
    • Target

      platform-tools/libwinpthread-1.dll

    • Size

      205KB

    • MD5

      147f26f198f9fb041972acedfba499f1

    • SHA1

      15ecae45e1fb2acec53384f8071d2943cc895fd4

    • SHA256

      ef1ca784aa18e9ab789d44e90cade99b21563a55daa0019f1e9cd1fb812edd27

    • SHA512

      bbe9bee7d81cbe488124132f939de33273a2c00f6fcdce5d58a36c32e57aa0cf72f58a88e912329e73053c8295d9e49946770a3ac7a250e1546717d240971971

    • SSDEEP

      3072:+aRM482B+CVWgRKB3daWBxhim3YdMgFelrzv6/f6EO7bMDOI4nweQhGnxtubRjLj:+avBxkxhim3Y+gIlXv6/8QhGxY2rd4LL

    Score
    1/10
    • Target

      platform-tools/make_f2fs.exe

    • Size

      337KB

    • MD5

      926d471951e1ad20a1df52a5490d9c47

    • SHA1

      acc45f5b53c9121cbcc92e02db85ad709291e770

    • SHA256

      a8f8c44dc41ae9358b4ee1b9bb1c07df797cc1ad8051553b295276b512e5d0da

    • SHA512

      08f5aaea60a2222d0bbaf6deb34f952c27dc44d1fd121d1d3056d46776a8737d4bffda4c5cc456f35969a380307e090d8b42fb998c24a0f1a290ce561ca86a40

    • SSDEEP

      6144:DwgVp1lpncy2JT4kLmQ1RaghNDnF4XWvTB8HDUXBY:PZxcmZQraghNDnF4mvT2HQY

    Score
    1/10
    • Target

      platform-tools/mke2fs.exe

    • Size

      1010KB

    • MD5

      b6ffd1e94ff5cac12102aa10ab47351d

    • SHA1

      705efced565e4285b6c50ad050cd4046ecaa138d

    • SHA256

      2c54c83bb658ff63ee25c641a1eb49833f248de4bab134e80bca6ac7e4aee4ea

    • SHA512

      36e38b022ed11ca46ec365563607f59932248bfa896b8fd9a3bc0a4f6185b531feee6b6809b6d2b1c406dc700f3d15228340b37762126abb2de9be5437cd2117

    • SSDEEP

      24576:xNm/4nfCS/Rt/epc6ADwingOIcsN6UNIlbxpqQTxJHX:x51tznJIcsN6UNizqQT

    Score
    1/10
    • Target

      platform-tools/sqlite3.exe

    • Size

      775KB

    • MD5

      86833ce2d8f2c8250b9e95979586e6af

    • SHA1

      3f7c8585319b1027c995c749785701aae99cb6db

    • SHA256

      9c08b9b6a165fdb22c806225979d387924f39ac8836364c9594441073ea7cda0

    • SHA512

      41db0f8d2cd029caea7b1cef198be53263f0f8069251785ec8ab9eeffad15167e897a244956ef9dc0a48410ca62102ad160260dae805ab497283f2158084f387

    • SSDEEP

      24576:RqR4MYg/SUoNm1+YrmPN//g3qGRCZHmSOGdWfcTx4B4PMKFw:R/eS/amkDCZgzfc1Cm

    Score
    1/10
    • Target

      platform-tools/systrace/catapult/common/battor/battor/__init__.py

    • Size

      1012B

    • MD5

      4a275f2b0004229f8139d160a78c8160

    • SHA1

      cc39f21bf20dc2c3cec76fb71f8c82e1fec330f0

    • SHA256

      3802690854d1135413a8946b5f355ccc580c974a289a13e72fe98ef8a8f900a5

    • SHA512

      539c630a59b2ed1593483d4c853192c0cd041d816b9367d843510ecf2f992812323422523cb545f437cfd2382607d50b24567645228b0a3cf033896be69b94e9

    Score
    3/10
    • Target

      platform-tools/systrace/catapult/common/battor/battor/battor_error.py

    • Size

      241B

    • MD5

      0cb4832a92dd3d9df111e1a3ec244b18

    • SHA1

      4c8479b954cfad19fa0e6725cda4bd090238bb34

    • SHA256

      069549e0a89d7f64577e151d4c8919f504d053bfffe2841c72e05d8ecd676fcc

    • SHA512

      6b1961a27e13c4f194665a1a088eb935ef009ebc74b5c572f6d292ad22272b01addfeee7d2c99827ae9f5e7974e65d17dbb88324fa7e2f6f5e63f9b9e3dd4ce5

    Score
    3/10
    • Target

      platform-tools/systrace/catapult/common/battor/battor/battor_wrapper.py

    • Size

      15KB

    • MD5

      d2a93ab365251001f39f0a71feac5275

    • SHA1

      1bf9854bad16f14de0b74eb7efcd2671b0b8db7c

    • SHA256

      fbacb34ebd9b4af177f818f5cd0724c91c4ed1085cf1bd70eee9ae4115d112c9

    • SHA512

      bbafd95d57ccabd4f11c15a3264761d329554ca429219dd855353a4a8dd9cef53fe20819bded5f8f4dbaf2b04dd9bf5930852aa3a33521362b0b751e66cab825

    • SSDEEP

      384:SzxnQF5rr+ZTADM6uJE0x96JQNo3OUBete/rU72hT:UxnQF5zDB77ele/b

    Score
    3/10
    • Target

      platform-tools/systrace/catapult/common/battor/battor/battor_wrapper_devicetest.py

    • Size

      3KB

    • MD5

      c54573490661df63a8afed228c67bec1

    • SHA1

      5eb55cf4a6b5f376984077eac0a2a3c2d8ef9bda

    • SHA256

      75b54ae4864e4725e0c055f7b0b47e9dd3beac7fde496f636b47b8e12e9e9c5d

    • SHA512

      8418386b6d6240bba5f7ea0e819a89a3ba21075e6e0086176119a9f728f8f109466f5ab51cf877f56703d1ecd098147cfe0660c2ac74ca1ca950c0140ba0a0f2

    Score
    3/10
    • Target

      platform-tools/systrace/catapult/common/battor/battor/battor_wrapper_unittest.py

    • Size

      13KB

    • MD5

      e41fab7141cd0516d3a20b342bd83957

    • SHA1

      dfa32ae0417b76ed4f5fb81334b74fcf2fe6a146

    • SHA256

      c8eb91f0d2b7ecd7a2dd32416d8068d9f1154f68899ffeb6800b341048b462d1

    • SHA512

      822d07458fe261158a118b794f6e3c1ec6c9bf9941d3c5f505321c5a1820f688c16fd45d9dafdc3947f790bea32551a696f25f1539efc7df953288a9dfc41530

    • SSDEEP

      192:S+gTLCAcAXAMBYhuAdAAcAk6Vooj6ASE1OAS7DKtwQrS+O3ZTrb9KPVvDoIskeFH:SwMU2voq

    Score
    3/10
    • Target

      platform-tools/systrace/catapult/common/battor/bin/run_py_tests

    • Size

      576B

    • MD5

      57e78d3c30220df795a96c6dc24c39b2

    • SHA1

      f4343bb1ebc7b3b29aa3ade0b0e8bc4c43655da7

    • SHA256

      7e17073cf2a59a5ce29b150f063fb56392974845ba74eb8886943f00e7618b8a

    • SHA512

      63ca99fdf15ea4854535afd6cf48fd430a998737733dc5a62a0ea32d3de804ae7dc0b09f8ef82392607ed2eaf360ee5c3571fbb7be1da963d9f5f625114cfbfd

    Score
    1/10
    • Target

      SpyNote_v6.4/Resources/Imports/platform-tools/plwin.exe

    • Size

      23KB

    • MD5

      624ce101b693a1bf4523207ceb67ac3e

    • SHA1

      db438de8104db8c080eec4eb7ac317c48ee3c479

    • SHA256

      4a30fcc8f1e39ebd9f9085c792a0b73c2cf95f1e2af22b69576c5ad208f39159

    • SHA512

      cce751ef22b30c51b11ec3fa2198e7366361a5d5f1b382c48e807fd256259318a98209b5f7b1e3afea37af475530f0f36f49265348187d76dda2024e2d11c6f9

    • SSDEEP

      384:+WEULAwolvM7nEUaRR2LyGcBEYLcfQTVKh+JmU6/nd5eff4x4AQIft:+3ULAwxnEUab2LyDCMc/o6/d5efs4Ar

    Score
    1/10
    • Target

      SpyNote_v6.4/SpyNote.exe

    • Size

      6.7MB

    • MD5

      d9265f1d01fe8cfde1b241886e834a8c

    • SHA1

      a5f29b1c2a6f981c246976de1ba7e053841aa562

    • SHA256

      53f32f6ed5e1fbd5f5a29f83ab0eebc385f693824544fa4664242c91c7d9f1bf

    • SHA512

      59fc93e2ba15e8c901216dd2108ddfc3f1b7fa954ba0cc903d684aa4a2353b295c7e5c9f8f20e744de743cff436fee5fd0e96ba1f156a0a681a275f20af85e6b

    • SSDEEP

      196608:2dHPY7vsZ+oa4DuuyrMi8VKe+PMfw7k2c4PAVv1sUpr:+vfZ+IaLM9we+P2myds

    Score
    5/10
    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix ATT&CK v13

Defense Evasion

File and Directory Permissions Modification

4
T1222

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

9
T1082

Tasks

static1

spynote
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

discovery
Score
7/10

behavioral8

discovery
Score
7/10

behavioral9

discovery
Score
7/10

behavioral10

Score
3/10

behavioral11

discovery
Score
7/10

behavioral12

Score
1/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
5/10