Overview

overview

10

Static

static

10

Retired Traveller.apk

android-9-x86

7

Retired Traveller.apk

android-10-x64

7

Retired Traveller.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Retired Traveller.apk

  • Size

    4.4MB

  • Sample

    241212-hye5fatpgx

  • MD5

    8174d0f6836f0c0df417485deeb889cc

  • SHA1

    d735502a62fca2e3920aefc31f2e429598a65aac

  • SHA256

    b506a91bca23d75af33624ebe15e2cacec31e08b74db2bb47d3d9d35d73d2eba

  • SHA512

    99a82dfdb111d5a53aa53df5cd6cc79b10136d04071cb1f059fee20d2c1fb049cb8f69018b2e07e7ae5730d9882967b5a3e28ff7f06c86c9dac8e4535da1a39c

  • SSDEEP

    98304:Bkk0bzBjT2mzLW0tcfZBTIzyFyZR410REBHkWrbEIbM9:OfBzhcfGyFyG0WaObEe6

Score
10/10
spynoteandroidcollectioncredential_accessevasionexecutionpersistence

Malware Config

Targets

    • Target

      Retired Traveller.apk

    • Size

      4.4MB

    • MD5

      8174d0f6836f0c0df417485deeb889cc

    • SHA1

      d735502a62fca2e3920aefc31f2e429598a65aac

    • SHA256

      b506a91bca23d75af33624ebe15e2cacec31e08b74db2bb47d3d9d35d73d2eba

    • SHA512

      99a82dfdb111d5a53aa53df5cd6cc79b10136d04071cb1f059fee20d2c1fb049cb8f69018b2e07e7ae5730d9882967b5a3e28ff7f06c86c9dac8e4535da1a39c

    • SSDEEP

      98304:Bkk0bzBjT2mzLW0tcfZBTIzyFyZR410REBHkWrbEIbM9:OfBzhcfGyFyG0WaObEe6

    Score
    7/10
    collectioncredential_accessevasionexecutionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks