Overview

overview

10

Static

static

10

Retired Tr...r .apk

android-9-x86

7

Retired Tr...r .apk

android-10-x64

7

Retired Tr...r .apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Retired Traveller .apk

  • Size

    4.4MB

  • Sample

    241212-ha5eesxpbj

  • MD5

    c8e706facc7b2e8fcdf792f420f17bef

  • SHA1

    4bf2526a0e993496180269115d0193c82248e308

  • SHA256

    e69481b32b45228f88a55648cd61dc76e51670430c864db9923167e8ce492823

  • SHA512

    0f3a4b8743e374f4761c5df97c7bd57b0d8dc7ced753da14b621518cf6ba3ee46b1a1050804e8996e999a51b1f6137447a5b2ac568304a2830c67ea8699b90df

  • SSDEEP

    98304:Q/k0fzBlTZmzVl0ty3E8ILL3C50gAvFgjCP:6Jsz0y01LsAm+P

Score
10/10
spynoteandroidcollectioncredential_accessevasionexecutionpersistence

Malware Config

Targets

    • Target

      Retired Traveller .apk

    • Size

      4.4MB

    • MD5

      c8e706facc7b2e8fcdf792f420f17bef

    • SHA1

      4bf2526a0e993496180269115d0193c82248e308

    • SHA256

      e69481b32b45228f88a55648cd61dc76e51670430c864db9923167e8ce492823

    • SHA512

      0f3a4b8743e374f4761c5df97c7bd57b0d8dc7ced753da14b621518cf6ba3ee46b1a1050804e8996e999a51b1f6137447a5b2ac568304a2830c67ea8699b90df

    • SSDEEP

      98304:Q/k0fzBlTZmzVl0ty3E8ILL3C50gAvFgjCP:6Jsz0y01LsAm+P

    Score
    7/10
    collectioncredential_accessevasionexecutionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks