yps.eton.application.M
android.intent.action.MAIN
Behavioral task
behavioral1
Sample
hack facbook.apk
Resource
android-x86-arm-20240624-en
android-9-x86
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
hack facbook.apk
Resource
android-x64-20240624-en
android-10-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
hack facbook.apk
Resource
android-x64-arm64-20240624-en
android-11-x64
2 signatures
150 seconds
General
-
Target
e10ba00fcf97e0fa4cad80ca3944ffec_JaffaCakes118
-
Size
514KB
-
MD5
e10ba00fcf97e0fa4cad80ca3944ffec
-
SHA1
6d8da42ab6e3a91abd06d43c4e2b2aa2d17bd950
-
SHA256
64a7447846e184cc32e200071267bb9641f980448a29cd7f42ebb89e65b9aeb2
-
SHA512
0b5469c36297d6747765fc40d7fd5414e782e6c94d6e315d52fdf3241d0ff623473f324de34e01a6c54800400df03ea6c4dcaa74b4afc5601b73f6e1a5d1a36a
-
SSDEEP
12288:fHmdE4EOfsnpTEE51CEStIlYXePuU2DzJtmEA/eFTEGaa91wE:/wSpTEE5EKlcU0zJtmEhcE
Score
10/10
Malware Config
Signatures
-
Spynote family
-
Spynote payload 1 IoCs
resource yara_rule static1/unpack001/hack facbook.apk family_spynote -
Declares broadcast receivers with permission to handle system events 1 IoCs
description ioc Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN -
Declares services with permission to bind to the system 1 IoCs
description ioc Required by accessibility services to bind with the system. Allows apps to access accessibility features. android.permission.BIND_ACCESSIBILITY_SERVICE -
Requests dangerous framework permissions 20 IoCs
description ioc Required to be able to access the camera device. android.permission.CAMERA Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to write and read the user's call log data. android.permission.WRITE_CALL_LOG Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to send SMS messages. android.permission.SEND_SMS Required to be able to access the camera device. android.permission.CAMERA Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows an application to record audio. android.permission.RECORD_AUDIO Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to read the user's call log. android.permission.READ_CALL_LOG Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. android.permission.CALL_PHONE Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to receive SMS messages. android.permission.RECEIVE_SMS Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. android.permission.PROCESS_OUTGOING_CALLS
Files
-
e10ba00fcf97e0fa4cad80ca3944ffec_JaffaCakes118.rar
-
hack facbook.apk.apk android
yps.eton.application
yps.eton.application.M
Activities
Permissions
android.permission.CAMERA
android.permission.BLUETOOTH
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_CALL_LOG
com.android.browser.permission.READ_HISTORY_BOOKMARKS
android.permission.WRITE_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.SEND_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.VIBRATE
android.permission.CAMERA
android.permission.GET_ACCOUNTS
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_CONTACTS
android.permission.READ_CONTACTS
android.permission.RECORD_AUDIO
android.permission.READ_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.READ_CALL_LOG
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.CALL_PHONE
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.RECEIVE_SMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.INSTALL_PACKAGES
android.permission.PROCESS_OUTGOING_CALLS
Receivers
yps.eton.application.B
android.intent.action.BOOT_COMPLETED
yps.eton.application.C
android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL
yps.eton.application.S
android.provider.Telephony.SMS_RECEIVED
yps.eton.application.D
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_DISABLED
Services
yps.eton.application.k
android.accessibilityservice.AccessibilityService