Obfuscation and Anti-VM Code:
App logs into the sensitive information of user which should never be logged.It also has ability to read and write into the external storage.
Android API used:
Running app dynamically on emulator [ android VM ] . App for sometime the App crashes.
Communicating Files with C2:-
Spynote malware is been active recently on Google Play Store with the signed valid signatures which makes its harder to detect and millions of such apps are being available with such similar configurations.
That’s all for today.