ginom.alfa.lib.scan.Camerasbyicwtesfhdgosxqnzjorbne1Activity
xyz
com.app.ccj5000k.SendSmsActivity
android.intent.action.SEND
android.intent.action.SENDTO
com.app.ccj5000k.ActivitySplash
android.intent.action.MAIN
General
-
Target
9ebb60ada8b19e06a92fc8c868959626deee355aef796c16f9e233f6d52c0306
-
Size
12.5MB
-
MD5
12b92b000d9431c19864408c916e558b
-
SHA1
79349cadfd9309806c398fba2dd6d5825f772a8a
-
SHA256
9ebb60ada8b19e06a92fc8c868959626deee355aef796c16f9e233f6d52c0306
-
SHA512
d11473dba6edba3a99cf732f90fc2b546321e4d137e023f065e74932b2d8d040593ea8c8f3fc2da9a8bf6d3b137bc2fdba83f0ac427795caf510de8372116bac
-
SSDEEP
196608:Ia96xtqAw4Eo42eaAew7uySoImf7AMAr7+2LTaD2cUMYNkIuJtUZr2pvgXckYU:I1tVwD2tPoImEM92LTaKo7wipoMDU
Score
10/10
Malware Config
Extracted
Family
spynote
C2
103.74.105.194:7006
Signatures
-
Spynote family
-
Spynote payload 1 IoCs
-
Attempts to obfuscate APK file format
Applies obfuscation techniques to the APK format in order to hinder analysis
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 8 IoCs
Files
-
9ebb60ada8b19e06a92fc8c868959626deee355aef796c16f9e233f6d52c0306
com.tcmso.poms9000k
com.app.ccj5000k.ActivitySplash
Android Permissions
9ebb60ada8b19e06a92fc8c868959626deee355aef796c16f9e233f6d52c0306
Permissions
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.FOREGROUND_SERVICE
android.permission.RECEIVE_BOOT_COMPLETED
com.google.android.c2dm.permission.RECEIVE
android.permission.VIBRATE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.WRITE_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.WAKE_LOCK
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_MMS