The fully decompiled code and assets of 421and.apk can be found here: FinSpyMobileAndroid-decompiled.zip (no password).
This particular APK, although not the latest, is not obfuscated and easily reveals most capabilities of the malware:
- Location tracker
- Information stealer (calendar, contact list, text messages, Whatsapp databases, etc.)
- Remotely controlled through encrypted communication over SMS and data