Overview

overview

10

Static

static

10

d021bc1ec9...e4.apk

android-9-x86

7

d021bc1ec9...e4.apk

android-10-x64

7

d021bc1ec9...e4.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03d74cf6adff84199aadc3c6196f8cd1.bin

  • Size

    3.6MB

  • MD5

    8bd03bcc8b78b8a2f282f091581015d3

  • SHA1

    1257ed47cb27fc9469dd6909632e4c5ccd01abe7

  • SHA256

    95a4931c252cdaee98b1e86535a6efb7bd05f9ed9bc0cc408bbc82d9a78e6b1f

  • SHA512

    48eadf29a91862e329af10072d0d9f81098d11c7b62489064cf5325234d552e4e8bb1dd7c109890320d9eececf79434ea08185e9d85d4c97d6a4720d251ca3f8

  • SSDEEP

    98304:G7pju63v4oPeAokf+LUFDplmr2EeBU+rfbGwph:G7NuS4Wxf+EDpAch

Score
10/10
spynote

Malware Config

Signatures

  • Spynote family
    spynote
  • Spynote payload 1 IoCs
  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • 03d74cf6adff84199aadc3c6196f8cd1.bin
    .zip

    Password: infected

  • d021bc1ec9819f8223e21c591acb4ff15c32751fb34ae2bdc4f813d13bf87ee4.zip
    .apk android

    Password: infected

    extraordinary.metal.refer

    extraordinary.metal.vkhqjtbhmsaywvuaviwvovozbhjiqgumbopbkfmwljmtzfpioq2.MainActivity