Overview

overview

10

Static

static

10

Retired Traveller.apk

android-9-x86

7

Retired Traveller.apk

android-10-x64

7

Retired Traveller.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Retired Traveller.apk

  • Size

    4.4MB

  • MD5

    8174d0f6836f0c0df417485deeb889cc

  • SHA1

    d735502a62fca2e3920aefc31f2e429598a65aac

  • SHA256

    b506a91bca23d75af33624ebe15e2cacec31e08b74db2bb47d3d9d35d73d2eba

  • SHA512

    99a82dfdb111d5a53aa53df5cd6cc79b10136d04071cb1f059fee20d2c1fb049cb8f69018b2e07e7ae5730d9882967b5a3e28ff7f06c86c9dac8e4535da1a39c

  • SSDEEP

    98304:Bkk0bzBjT2mzLW0tcfZBTIzyFyZR410REBHkWrbEIbM9:OfBzhcfGyFyG0WaObEe6

Score
10/10
spynote

Malware Config

Signatures

  • Spynote family
    spynote
  • Spynote payload 1 IoCs
  • Attempts to obfuscate APK file format

    Applies obfuscation techniques to the APK format in order to hinder analysis

  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 3 IoCs
  • Requests dangerous framework permissions 15 IoCs

Files

  • Retired Traveller.apk
    .apk android

    Password: spf200

    encouraged.cup.kid

    encouraged.cup.arbmzkyqpairlrtnfnsodxtorhplruhkayekwqviacfrmulpau2.MainActivity


Android Permissions

Retired Traveller.apk

Permissions

android.permission.SEND_SMS

android.permission.SET_WALLPAPER

android.permission.READ_SMS

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.GET_ACCOUNTS

android.permission.CAMERA

android.permission.RECORD_AUDIO

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_FINE_LOCATION

android.permission.CALL_PHONE

android.permission.DISABLE_KEYGUARD

android.permission.FOREGROUND_SERVICE

android.permission.READ_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECEIVE_BOOT_COMPLETED

oppo.permission.OPPO_COMPONENT_SAFE

oplus.permission.OPLUS_COMPONENT_SAFE

com.huawei.permission.external_app_settings.USE_COMPONENT

android.permission.INTERNET

android.permission.SYSTEM_ALERT_WINDOW

android.permission.READ_PHONE_STATE

android.permission.WAKE_LOCK

com.android.alarm.permission.SET_ALARM

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.REQUEST_INSTALL_PACKAGES

android.permission.REQUEST_DELETE_PACKAGES

android.permission.USE_FULL_SCREEN_INTENT