Overview

overview

10

Static

static

10

SpyNote_v6...pi.dll

windows7-x64

1

SpyNote_v6...pi.dll

windows10-2004-x64

1

SpyNote_v6...6.html

windows7-x64

3

SpyNote_v6...6.html

windows10-2004-x64

3

SpyNote_v6...2.html

windows7-x64

3

SpyNote_v6...2.html

windows10-2004-x64

3

SpyNote_v6...9.html

windows7-x64

3

SpyNote_v6...9.html

windows10-2004-x64

3

SpyNote_v6...SM.dll

windows7-x64

1

SpyNote_v6...SM.dll

windows10-2004-x64

1

SpyNote_v6...SL.exe

windows7-x64

1

SpyNote_v6...SL.exe

windows10-2004-x64

1

apktool/apktool.bat

windows7-x64

1

apktool/apktool.bat

windows10-2004-x64

1

apktool/apktool.jar

windows7-x64

1

apktool/apktool.jar

windows10-2004-x64

1

apktool/signapk.jar

windows7-x64

1

apktool/signapk.jar

windows10-2004-x64

1

SpyNote_v6...ub.apk

android-9-x86

SpyNote_v6...ub.apk

android-10-x64

SpyNote_v6...ub.apk

android-11-x64

SpyNote_v6...va.jar

windows7-x64

1

SpyNote_v6...va.jar

windows10-2004-x64

1

SpyNote_v6...sS.exe

windows7-x64

1

SpyNote_v6...sS.exe

windows10-2004-x64

1

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...db.exe

windows7-x64

3

platform-t...db.exe

windows10-2004-x64

3

platform-t...mp.exe

windows7-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2024 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SpyNote_v6.4/Resources/Clients/Vicitim_354051091211537/Settings/2021-27-9--17-12-59.html

  • Size

    5KB

  • MD5

    c8c8fcd405c8a96e90410aa1db93cffa

  • SHA1

    4f10edb9c46052cf4f8561fae3f39c2280db10de

  • SHA256

    2e019c102d5f2eaf9a3ab532422428e3a281fba275151910f731e21d87995a62

  • SHA512

    fe51e7bfb9ce47762eb6a1cfdbc13578dadcc5b1364c740ef93be76d1958a42768e1590a97fb4514d5242d2c8a136b9561ffeec09e1241b007575527b4940c3f

  • SSDEEP

    48:yfUpWR3WhAx1FYVFdFqxyyTaqgD6FT1hg7tT/fd1/ha1B5dNM121H7/B9sWVYP0W:qD3FAwO96Fuf6/HWP5RhYefd

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SpyNote_v6.4\Resources\Clients\Vicitim_354051091211537\Settings\2021-27-9--17-12-59.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2664 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5962cd763ad334a2fac7aa107164f017

    SHA1

    8c1888ac904d7cda9ff652769ed89fc9996efc75

    SHA256

    c9fb72429b4baf490b674adf0c034e61e056980485038a311d0d3f41a664d635

    SHA512

    e7333d217cd799a61e072ccb09f609ec778ec600aaeb09449a78813026665e9fbe77d991ec75cc1239cea7d00cba65c119fca129504efe8a078163f7c4a45b0f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    41498a15c451c059fbe019b170a31fbc

    SHA1

    76c6cffe81bc26f4813416e34aa0fc10c70a0203

    SHA256

    0778c111269754cee61c8caecc8dc235543fde3edb6e6c4049c1bbcf075ac8cd

    SHA512

    709c34dfcb03e953b8bf32db9b684708421afff1ebcbd9d68ce88fa95228b4df84d09d030c85bfb861938d0fe1319c732d0a301c9733c1c712685a73b73b3764

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a3a51dc4d91debc9cefd63d6fe779900

    SHA1

    df725877684df3a8b6881af4f425f353b19cb76a

    SHA256

    4b8f0b35a00c4f7d7a5cdb53e26d436062dd5e9a8998a27cd7f9a926dec263b1

    SHA512

    e8596ca4ab63b435198d30636752796b29d5a72d1c91923b42775638c37f534435b10f73d7c083cead51be6cc6271e77594943fa5303f369c97cbb50c3e150d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d0ea70da06a66d1d89aa5a6563513401

    SHA1

    7e3036e8f101e8342f0af8802ee3ec229d70aa45

    SHA256

    277067f2dd98b14e2b8b8fe93afd13b75c32776544b32dd23ef21ea5001fd541

    SHA512

    d268111e01b996669d9c9263118ace679c3a9a62c213297b67f55d9094934af366bdb35684a0a95679cdcbe1666bcfecbfa9894b24b3f6df1d5c62e2de6c560a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55cca6cb75573fbc4145644978c12995

    SHA1

    9d9bea272b395a2b10f8097aa6b97f381d1c37a4

    SHA256

    c2403b2760cce9e5c7c0cc001e43615f688f9ba268970209a7eac0e1d8813a53

    SHA512

    ea0a0eee9c30f772e8cc518d7c0d1b86401dd205202b1cefda43168e61fec5ac076b157e92d67947abb22c148e9e06abffa47d2f6c947b20129a7100ca9ba910

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d86b73f82d27598fb73ff7ac5d4e174

    SHA1

    0c3ef30b0a57a44799ac753c523d8e9fb9dc05fe

    SHA256

    be64bdf4a3945614e0a85b4ee9073b11d6cc8a2bec28e62621dfb21995fb98b5

    SHA512

    2803119ab6a36759ddc01143b23ef875a33d476501c1cf926978e2923670da91463bb95791c0c7c34d1f6c3038ff6ae08f8f911636541d73b0d7e93a446feac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3db2ffe8e95833bc73fcf3dcaf501ed6

    SHA1

    20981e9ba090f22530e1546542f31e46f0e956c1

    SHA256

    49a4ec5c566852091eda6c8fbd5a770395039d42968b392a94c3b378a93581f0

    SHA512

    5fa50c027b013e9bfaeab3a65e08642cc8fb0a180f45ebe47c3407a377bf65b55c4a2bbe642ebe6b8f37435b7c9fcf2d68ef825322c13119f627a4b37f6eb5f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5ff295281c6804145e78eff29be5b772

    SHA1

    4686add312280a2cec1f2acd1de0a3e75b0b44a7

    SHA256

    91f8730c59baeefbcb7b16d1eb0459789a7ffe6c01ead9b56a354ab5e708f5f4

    SHA512

    b1384b789c81e58f122db002554cbe642ebbc48feb2b61bfb19f50e090b51b4e77eab51d3a972756533694d999215cd700543b10043b2a4f986ec3e1f5dce4fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffddcb3a0e2d12630e1983e357eabffb

    SHA1

    79f9875ae26c129795bbc8641896325ab54bf705

    SHA256

    c3b88e9b7fff589d484693afc9555b03f66d30efa7d614b3f83f6395cfa19653

    SHA512

    53e0717b217c5a78594b0e175c8b85389221098f01793e3cf6841ddc17a7df1ee6249561194bf62e7a86686bd60d7ee5547e4951fe1db15a97d0b846610cf498

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d9434f9cb19a90bf321d8d96c08cb265

    SHA1

    248e0ef6e6682c112169c2b68ccedd9bb030ac43

    SHA256

    91e28366ae80d06f95aceb56d4baff2d41c579f032394b900ec4a8c502b3cf2f

    SHA512

    a203e39617349b181a3c5d21414ce2f5ed7dd009a68f90ac4a71d5291dc4ed1378b13554a5e2a753c57b866779cfcf3736d85f1cbf9505a74e6e2cc08cabd4b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d54b4df9358425d3d4030c6e80bbf97d

    SHA1

    ebc41da85c0d25e278ddf62123e3b752c672030b

    SHA256

    212fe252ee21a9d5d48060831f75bb82b0b53dcddab7e2acba1f21198fc1ccb9

    SHA512

    e9befedc9ec6f40e3dada913761d0ec581ea739b04359904efdd24df1ee1b9b986d98b3c48627b11ed211b73cc5bb14f5aa6e12930dc592ecf8bdd60b1a3c757

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bef45a5aa432aca18e382c5ca7810dde

    SHA1

    503e585764443f057af991606850cc0aae048e2c

    SHA256

    7f8de05204bfac7a4c41f065658cc8c13c64447a88f0e1d9978b28cd35704b0d

    SHA512

    fdb5b738963ee2da7d6ecb7a39eeacd5d96605fa138233fdb2063da6ecc6dc05fda7c0258d7ab3b1a68e45e81faa8b0e17365a985e48631fea5f6940bb99800b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edd6405c7a93a5a401f1bd836ba8b2d1

    SHA1

    923068d3abd55fb27479a48e47a5b0162cba5be9

    SHA256

    1934ccc3b6f2fcbdffba02e2019d200a8cfbee3ac748e0f104800e7a8d434266

    SHA512

    769953f8dbf0f2e208f80cb8bed95c04a17e7e46c0e7b8d0dfc17b6150de46f283f4742ce500e1088b4c71faf79fe3f42ce297f16c325d97d517e2be3403985a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84bbe2d86c6118019ba6412415e04cab

    SHA1

    f04718dc78aaad3c59fc341e7bb7610bbef9e8ac

    SHA256

    d0645e952f8ac4c02d6e457c71d78c6302d4fd160e04984659d5a7a25dd357f4

    SHA512

    6628bafadbfe4783eb8fbf12199fa61da66dd069fd1904ab95921e7b0fef652a06a2ce86751bf689983c27fc94d9d915f6b1c8b8d3640d508bec86a4a5ca9b6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab13C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDFB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit