spynote | hxxps://www[.]mediafire[.]com/file/apszglcaz7fkezf/Head$Trick++Paid[.]apk/file | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://www.mediafir...

android-11-x64

Sharing

General

Target

https://www.mediafire.com/file/apszglcaz7fkezf/Head$Trick++Paid.apk/file
Sample

241108-aq91vazqbx

Score

10^/10

spynote android banker infostealer rat trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://www.mediafire.com/file/apszglcaz7fkezf/Head$Trick++Paid.apk/file

Resource

android-x64-arm64-20240624-es

spynote banker infostealer rat trojan

android-11-x64

9 signatures

600 seconds

Malware Config

Targets

- Target
  
  https://www.mediafire.com/file/apszglcaz7fkezf/Head$Trick++Paid.apk/file
Score

10^/10

spynote banker infostealer rat trojan
- Spynote
  Spynote is a Remote Access Trojan first seen in 2017.
  banker trojan infostealer rat spynote
- Spynote family
  spynote
- Spynote payload
- Attempts to obfuscate APK file format
  Applies obfuscation techniques to the APK format in order to hinder analysis
- Declares broadcast receivers with permission to handle system events
- Declares services with permission to bind to the system
- Requests dangerous framework permissions
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

spynotebankerinfostealerrattrojan

© 2018-2025

Terms | Privacy