Overview

overview

10

Static

static

10

SpyNote_v6...pi.dll

windows7-x64

1

SpyNote_v6...pi.dll

windows10-2004-x64

1

SpyNote_v6...6.html

windows7-x64

3

SpyNote_v6...6.html

windows10-2004-x64

3

SpyNote_v6...2.html

windows7-x64

3

SpyNote_v6...2.html

windows10-2004-x64

3

SpyNote_v6...9.html

windows7-x64

3

SpyNote_v6...9.html

windows10-2004-x64

3

SpyNote_v6...SM.dll

windows7-x64

1

SpyNote_v6...SM.dll

windows10-2004-x64

1

SpyNote_v6...SL.exe

windows7-x64

1

SpyNote_v6...SL.exe

windows10-2004-x64

1

apktool/apktool.bat

windows7-x64

1

apktool/apktool.bat

windows10-2004-x64

1

apktool/apktool.jar

windows7-x64

1

apktool/apktool.jar

windows10-2004-x64

1

apktool/signapk.jar

windows7-x64

1

apktool/signapk.jar

windows10-2004-x64

1

SpyNote_v6...va.jar

windows7-x64

1

SpyNote_v6...va.jar

windows10-2004-x64

1

SpyNote_v6...sS.exe

windows7-x64

1

SpyNote_v6...sS.exe

windows10-2004-x64

1

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...pi.dll

windows7-x64

3

platform-t...pi.dll

windows10-2004-x64

3

platform-t...db.exe

windows7-x64

3

platform-t...db.exe

windows10-2004-x64

3

platform-t...mp.exe

windows7-x64

1

platform-t...mp.exe

windows10-2004-x64

3

platform-t...ol.exe

windows7-x64

1

platform-t...ol.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    358s
  • max time network
    365s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    19-02-2025 00:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SpyNote_v6.4/Resources/Clients/KingB_354051091211537/Settings/2021-11-9--11-07-16.html

  • Size

    5KB

  • MD5

    ebbd85872881ea5b9062e582425e133b

  • SHA1

    dbe89aabc9f3330205893c1e81e4f75a4adaa253

  • SHA256

    c403aca8d1faf420dec4ce43fc27e8f5e980cc68619c79265a555227ab6c0f6b

  • SHA512

    836edded1673c5a508d28fabaf970e098c0237177cacb901a5c95cccd641b1c8726ea7aa7fb77fb20a08b9b41e096eaf4bded8065afb90e35b5ba2e7444fe498

  • SSDEEP

    48:yfUp0WhAx1FYVFdFqxyyTaqgD6FT1hg7tT/fd1/ha1B5dNM121H7/B9sWVYP0u1N:qRFAwO96Fuf6/HWP5RnjefI

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\SpyNote_v6.4\Resources\Clients\KingB_354051091211537\Settings\2021-11-9--11-07-16.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b6db8523fdcaa6ff039a6ef8b2696d1

    SHA1

    3c0eede039b326ddae2e1abbfce07e4a4d2f58c2

    SHA256

    d7835ab963aa9e1d5c3df3942b783ee51a154fe11f6807061ab0083390e7e21c

    SHA512

    2e83b0e971cd44b24f09256bc01f213c7543b2aad0680bb298123bcfbee23c7d6ce7ef23f88a2d59e175145a28c8dd37b05f1df5b5279191740427ced952f4ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    034ef3261dbd14b04bb80550f42fe76d

    SHA1

    0b5ee88f92f4ebb3cc161aa895c5e20684ae7ea2

    SHA256

    3e2384dc970a20661b8e3651d60ff25fef2edb8f3fca96fff3066311c67a0812

    SHA512

    a00a9546d5223f6fb7921dd8148ec2e908db6acecd5922af9c5efaaa445e7ec49f7248d09faee53dec925f78f42dbdb3f89e0d4b565a3533a8599d914ec8753d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5e221c3f625485fd006273aa810f3dc

    SHA1

    79ed06f642254a7d09bec001683e44f34a4e4f30

    SHA256

    c2074e390d30a9c08a441e63f8895f9a425a07b3346c1811a542ae7dcd965cda

    SHA512

    bc08734a9edbfb88792db86841f0a514e582603edb46f12fd85c0351de15cc25e270d6b73c1f529045687a834c74f07b6ae780191703c510c39a42759f394c30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43b5fcc2a327780ba5c211c520b19c66

    SHA1

    311be99bf9e2e0769b46b7ca9a199b8710674b40

    SHA256

    9936d57d10f45c5b4d8c231f7b714fa09b9287efa0ecfaaa9a18c41639a8d733

    SHA512

    eba87e2621262a9ea0c4f443c0d812684c50bef958993462f3e6af96a4d04a86ec8e9fe88c916a9805717b3d640bdf35319e76f17c201a66676babd270673aec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e269a41a5615288e5be41226736393d1

    SHA1

    094e798c7cfecccbc67a7ef62f3de725f87d7196

    SHA256

    894e3025f460e61bb1f834c2af33f38ec0044c30bfc143437bf22f79534d70b3

    SHA512

    cb7355c2934d0f32404a03863ce2cf67d984f3730147263e22c501348912be900011f4da7350daba9429ffc30588ab1177a635743a0e539dbcfd1210dc1b96ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3287966efe1c5147927c5b6b3efce1b5

    SHA1

    3266aa655febb17bdbf00f482525d7ef0961940d

    SHA256

    679b22d6cb65a451db55d6fbbfcdf467d696661f4041615a370ede9a741bc594

    SHA512

    4b2aaa2a532035294ecb350126e0bcba00426abf1b4f4449ac4f2eca777ca63a87c8887d0418ca279c0c645dc66bfccb104e4d40312357ea9a6e188736f23332

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c1c2fefc0dc14766494f26e57b9b2ba

    SHA1

    7205da48e2e6c7cbafd4cd17bcdeb4552540bacc

    SHA256

    25119a74ff0495f00b2f238399186b06caf8846f915ae08781eb39d9fd4fe363

    SHA512

    185feea918255c06572cb245163be3431d9266bc69bd282af3fb6eedaa4bc2a588da9d10a58b9c0fead944b632518b82aebf3847917f0dc959cf7eb74af56dc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6722342a10ab7e807298145c08447318

    SHA1

    12bf265e2570f0a8cad2833cc368472e4615e3aa

    SHA256

    d48cabebd5156d175ac5f64fe930f3a54fb66d0fb9a74e4fd35c8eef433ae5af

    SHA512

    6d029db1f5db78ede5e3a2fdd8bfafd3651c1963522ba99ff48cc9425b2fa6b23a89a53bfe15affb592ab9b9241989a2392701c3244137953101707a61daa7b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a343f291ca42efa3a88718df4119223

    SHA1

    1ebe087815e5495255858f368d1e082a1f851fee

    SHA256

    82075f19b2ba2df9278f4e78a6df6c9decbdfc2b71803e001e193d4297d162cd

    SHA512

    da0d59990f63b900822ac7ca614dd721d10d79f302c9fe12ebbb7bd9a587452d7e83902ee7a3337c3886de8cff490b6342cb92ff5e2a287aec64e36c1ac5f61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    314f8b2815a9c04553400f7d0c6b3b2a

    SHA1

    604606f019c5e2a6477d92bd0562a75f23918f00

    SHA256

    fd75e279f9c9b12f1b548ed9ea383a44ee7d0ecec92931e657bbd44147b80f18

    SHA512

    31a085a9e95fc665c7a9c06930c5029fb79bf423251d23c96d773e39fee88ada9c421f219cdafbd0eec2db7ac0e3eaed48b5ba7f4974b0623b8d5496680360f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e34a7329c2d63898f30f8b179d9ba95

    SHA1

    9ae17b8f245dd7dceb811a714b3b7888f3d4beca

    SHA256

    ce014bd82477e7d71cbca8869c5d4b3d8479982b29b08cbf9c0450cbd5198a39

    SHA512

    1de344c2deee9b3dbd7d806cd5d76b4298caa8c4908415518dc6909f8e9f7564c8eb8358d5762eee8e5838b375a8d8a88584ff38cf1523e26767445738d7fb41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0ebbf6d7333e60af6eb9d1e10853cfda

    SHA1

    20de089c66a6adf359f2ddaa0407b2d66e9fc752

    SHA256

    41e1602b224e161d3fa0ae24a902a5adb7e96b2b29789f2317281f5ede9ebf31

    SHA512

    7b0dfbe2fef6f2a69e96e88139f4a6ee8378cc1317e6791296faff32d3c42edf46943dfa8fcc60b4a4aa330d6340c88697911feb0c0f53b52d8f367c79c56e72

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54bfc1464e2859b3900dbfb2d28a536c

    SHA1

    0cc0feb8fd05b63c0d958edfc03f1abca83e3a94

    SHA256

    f73b4c45f82c3aa77b5a33979306a1813ca9c8d989868299e229b0357f819a2b

    SHA512

    4865e72609f4772d999cf3176121b6c49ccdc61c31e8b90302e6bd06dd9dc972441105214ba0dcf9be80c9f762bbc710331d43ed04db7b850593dbcac6db226d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    edf3b25e032b478a437fd9029ecb0eb0

    SHA1

    d086d2e98fbff3c9aa03bb3e3e25cfb04870dd84

    SHA256

    0ef44d7667d61f31a2035559e4cb7c48be215be2904a1f199bce9c348adeef43

    SHA512

    6578c21f431dfc44e4da11dd65dbceadb40a98c7790a76bf97a3c4e512304d3b62975c87851c9946c565a157d3e3f90a33564d8965e3bb2f85b7a641393c4fd3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ef63b5f35612c57023a73bcc3a6c0b5

    SHA1

    218b729503a0e9a1adc30a2cc7bff2f9d02a17e9

    SHA256

    ac2e5619544ba8f36dc928a63550ea48066866ab22cac3783d8841c933eb5611

    SHA512

    2b29e4ea93f040aadefb51ca641083606e8cfb744373b25e09b79cf8a0347af9860b33e6b31f4fb3b7a81a9b770d3145d9127e505dda61861c408d2c214f606d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    595f71892ff9e318ee4ade7d1441db1e

    SHA1

    8e7adb289d104d664979c0fd76cbe4315ada8754

    SHA256

    1deb7aeabd442073c7b935fc0e12fb14c642b47b0f7f4bd17f6b4235c026cf27

    SHA512

    aeee15f580091ebe24225860eed28b3b7fd20c455d582ef4c2951f40d01870ff3f364ed42ed17d54c0bd0313f2c2459f14786b75204a6dc079d5b45795ea3b4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69ac74cceaab8c2b8fa27da17f67d858

    SHA1

    66171e24eb548fa7234495407c4f473030b04f29

    SHA256

    6dd0f3e035000b85767eb7ae351fbc587fa60062e4411255b2ffeacc91283540

    SHA512

    574771316f290dde4f6996febd3d9657c69247baae744ffcb2a74708a070d3f02ade988568617b421a9b0090561db66b55d471e3823d60dc717e6db4a186dd03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fec85772421de898aedb564aa8948392

    SHA1

    529b5a50451390ce1967fc505710c551a8af8884

    SHA256

    e9321e3bf460f5665d3b828f69b01eb95aae073a330c27d76db810e2d742d806

    SHA512

    cf34a95a1a508f0f58034ba1389b2ba55b19336029d67532d41b6345ed2ed30b0c8ac44029db5736919d7cb68b780dff013cd6bec3e8d983407b750a0e7cf726

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb3b9720438908d38a42a5451be0b3a7

    SHA1

    1a54a840399165c824709a508bac729f75b0eb0d

    SHA256

    0e2bea09dc5647a2dd78d180aefc2729c97f8ea3161dbe2f175ee8b09ba358f6

    SHA512

    988aa64424ba3f887260ae6fc0c1163eec9a31e9d9b1f4f420b632f6f2007182360e03f42927a4f8810133d593e7d196c37980a8f2b4f70940defe24360d5d98

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab85B4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar877E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit