General

  • Target

    b415fb908e7c73f5ed47a585f92e79d1.bin

  • Size

    508KB

  • MD5

    3473ca3d505ef38ee99b98e71a96a043

  • SHA1

    a42046fe168a57e79a63240d0a81689f31ebe0c3

  • SHA256

    491f3b0365fdfbea00e2fb56a0469e24be9bd8c616648c1b1ec8a1e945c30365

  • SHA512

    f2287b85ee7e46d713e165c5de2882a54e573cc941d5cae8ebc9d2c63caadaf1831fb5be3d76d2802272e9992c889f47e55ad0a84f0fb6a3139ea5c03b0815a7

  • SSDEEP

    12288:mVWVsN40kCDk6t1ASIAwMe6Szy4MjVb+WJeZmENGDiFP0:W3kd6t1ASVKOpjVbhCL0

Score
10/10

Malware Config

Extracted

Family

spynote

C2

4.194.25.153:5214

Signatures

  • Spynote family
  • Spynote payload 1 IoCs
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 1 IoCs
  • Requests dangerous framework permissions 18 IoCs

Files

  • b415fb908e7c73f5ed47a585f92e79d1.bin
    .zip

    Password: infected

  • d7d7472ae765c96d33ec8e6251cddd59d3f93bd8d9be96f7311726e842337e61.apk
    .apk android

    Password: infected

    cmf0.c3b5bm90zq.patch

    cmf0.c3b5bm90zq.patch.C7