Overview

overview

10

Static

static

10

SpyNote_v6...pi.dll

windows7-x64

1

SpyNote_v6...pi.dll

windows10-2004-x64

1

SpyNote_v6...6.html

windows7-x64

3

SpyNote_v6...6.html

windows10-2004-x64

3

SpyNote_v6...2.html

windows7-x64

3

SpyNote_v6...2.html

windows10-2004-x64

3

SpyNote_v6...9.html

windows7-x64

3

SpyNote_v6...9.html

windows10-2004-x64

3

SpyNote_v6...SM.dll

windows7-x64

1

SpyNote_v6...SM.dll

windows10-2004-x64

1

SpyNote_v6...SL.exe

windows7-x64

1

SpyNote_v6...SL.exe

windows10-2004-x64

1

apktool/apktool.bat

windows7-x64

1

apktool/apktool.bat

windows10-2004-x64

1

apktool/apktool.jar

windows7-x64

1

apktool/apktool.jar

windows10-2004-x64

1

apktool/signapk.jar

windows7-x64

1

apktool/signapk.jar

windows10-2004-x64

1

SpyNote_v6...ub.apk

android-9-x86

SpyNote_v6...ub.apk

android-10-x64

SpyNote_v6...ub.apk

android-11-x64

SpyNote_v6...va.jar

windows7-x64

1

SpyNote_v6...va.jar

windows10-2004-x64

1

SpyNote_v6...sS.exe

windows7-x64

1

SpyNote_v6...sS.exe

windows10-2004-x64

1

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...db.exe

windows7-x64

3

platform-t...db.exe

windows10-2004-x64

3

platform-t...mp.exe

windows7-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2024 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SpyNote_v6.4/Resources/Clients/KingB_354051091211537/Settings/2021-11-9--11-07-16.html

  • Size

    5KB

  • MD5

    ebbd85872881ea5b9062e582425e133b

  • SHA1

    dbe89aabc9f3330205893c1e81e4f75a4adaa253

  • SHA256

    c403aca8d1faf420dec4ce43fc27e8f5e980cc68619c79265a555227ab6c0f6b

  • SHA512

    836edded1673c5a508d28fabaf970e098c0237177cacb901a5c95cccd641b1c8726ea7aa7fb77fb20a08b9b41e096eaf4bded8065afb90e35b5ba2e7444fe498

  • SSDEEP

    48:yfUp0WhAx1FYVFdFqxyyTaqgD6FT1hg7tT/fd1/ha1B5dNM121H7/B9sWVYP0u1N:qRFAwO96Fuf6/HWP5RnjefI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SpyNote_v6.4\Resources\Clients\KingB_354051091211537\Settings\2021-11-9--11-07-16.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1ddc3561690a82b1d49a0a17789b5ad

    SHA1

    bb90fcee2bfb717b5575a3865a50d494ce9cb3aa

    SHA256

    505f6498fdb048182fa2219b8f0e04c945c812940437b621a4795249865f06f1

    SHA512

    5a936a3189720b786ad68515ea564545bb7919c866aac92b3229ddf58bfacc85702e8232f1c2b6bcc14efa5d784fa82a9fe49ab926ccd954ca8c3ef1f5b2e119

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    156a63634bde2b52955849d15170a4f8

    SHA1

    e8473ab85ab24dc910c25407b96570b92da864d1

    SHA256

    055bd5f1f0b52ffca20d41cd2039623f49cdf4d225d5f57bd5a7b811d68e692c

    SHA512

    fd967d3a6e0bf1e0ea9bab1780c8503257a4cf0b40abdd8e401a2d64cddb7b0041af69ffd0335dfb28e4bc9dba6f786bb085ca397106a3ee6a31172cfca4a309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad5501a030d2a1424d28c7f3fcd53a03

    SHA1

    e6c3a991274a611b6dd2b35134d155404547c4c8

    SHA256

    d7ab80071651d818912953c687bd99aee32bf9b8afcc88af4b83816cd9438465

    SHA512

    327dd3d1a19570eeb247a20af4c53af8d3b5bb8bafff808e47ed96dec0eba6db8cb5320b9f9ae5f52c340d479a37c4c8319b0930a21dce986afc205b998a5f1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24e0d6687232aff39044b6978aa3a4f5

    SHA1

    b5ba9e311779537d32c0aff394271c98d8bb9139

    SHA256

    4709a458221ce5826cf69fb7de6d56176e556053995abd6e4ed848d42ceaf046

    SHA512

    4618c7e8c674883b7b695e81acb0e8838c2d6c04090c01b82027a745c59219d81a1243f5de0171a6d80d4e7806810863a2e6b1c10fad31ea94e2f486a1d9b665

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fde5ed93208c5084e35a64ec1167645b

    SHA1

    35615f9118844f1a85fbd375732aa0ae5ca8bb1e

    SHA256

    61f4f55fa042df875e4fe3031a8398502a8ef40e3b37ac64015f351ed9d19b5d

    SHA512

    4cffd20a28334a1a731f5a0a09903b5e7c8a226bf1e43ed5f13f24ff302cd069feffda53839105c3a4099f1ad63c6ec74a243e4cba664f5a34c062e6a732f0bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    99abf7e41ffa215c1233c1d028583d12

    SHA1

    c60912c450762cee3e449709e842dfbe07016148

    SHA256

    72b463f5722dc3ac163175c8ea5f36aed0da50b626daa5f48f7e550fe6fc8694

    SHA512

    128a7a8ba9fc68f3278ae3f0982246bfa2fa1b8ad6ed907610db64ef7384e8ab92be8ece6bf4c3b80a6c91f44938c2a2f7d1569af0d35ded7668c85ff97c750c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2557b19db13370b2bd1c5388703e4dbd

    SHA1

    382d559377423a043c347a4900c5c504f77189ed

    SHA256

    e8e126c9eeedcd39f2527c64064fc90f0d80032c78834ec3d2700873d978e6d4

    SHA512

    bab7086324195145916d19380dbc40b72566628fbe262df2bc2b25a80adf5ae9a3107ecdeefa3a6d7cf158950f40831fc934b7096e59e259ea7650bcadf44545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94430741212d297768762fb675f760c8

    SHA1

    e5190ba4631c1a7456f82125c77fdc82e53461d2

    SHA256

    3c11cf66616445111e01db2570362db368d0f5d85bc72bd3e7bb99f6d02c0cfa

    SHA512

    9ad5ed79b42dab03a3444b77a572de6a8e040226ef4426aa386cc9774bc31383cef4918c65dde3b002f0d4ebda73ee55164028ad7c798290914306d157ec9950

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad4ad1cf38a0bddde429214a1f4648df

    SHA1

    fc255e8748d521073432bf4d09e11844af1c5dd2

    SHA256

    74616169c56231975ffa77ae56e18aabbcbb8fef2bdf6d456b5ab6b87e827682

    SHA512

    80a0e9be2095f8689424e16bae5c904ffa74df90455cd6ae59cefcc1c3d893f7ef993ecea7bebc014e9730d8e56e0432f0a8b50aebdc774bd2ba3de294b02cfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7e6de41bb27a284f2d0f3326076a52a

    SHA1

    37a7271954e7a0787e503bfdcc931a6389e36325

    SHA256

    c47697fcb2d620df97b4874051efc07b8623716dd51a0d534a82f85d18c8f6a5

    SHA512

    33b538845db6688497c48c3cd25670c43fb021487f5cdba1af8b898b7a99684266da3d9c55e1a3f7507f16fcb5d2e242aad71b09e667b060f9fcd4fe1889af0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e0f62b7decd7155010600df6cd1d9971

    SHA1

    91ba342dfac66a40bf752751116a780992cee047

    SHA256

    495111b1017762305f7736058c7207f12e1eb9b6062426aaea365d4f6bfca10a

    SHA512

    f3ee8da165a1ccb4e6e0d0af10d4d86d8e74780a7ee562729acb3c7347fdf82a3174085e6c7b321ace85292d12e7d2a83986c6d877d490eae181e958d6a4099e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    310276b3f0eb7f6bb697f8cd31e7425f

    SHA1

    c69a1b10582df5e07847623ad4a93d28b761647b

    SHA256

    a8c2c01740978dffc357897a78e8eac169136e8bf9cb50802b4b3be6d2c24d86

    SHA512

    3b7f38c9c755b62c2b6ebe542eb1c465eabb9f7e8414dd0f9559516c845c8bbd98180760bd68dfe4419f72c03a28c67785416fe335c238d220701b098b15ed41

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD971.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDAFA.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit