Overview

overview

10

Static

static

10

Retired Rumbles.apk

android-9-x86

7

Retired Rumbles.apk

android-10-x64

7

Retired Rumbles.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Retired Rumbles.apk

  • Size

    6.1MB

  • Sample

    250115-eg8tmsskbk

  • MD5

    e03aad4f22160e1c82f1dc3c6bfbc060

  • SHA1

    ad57b23ad7b8abd5fb713b23c05f33458c540052

  • SHA256

    5eaff2870481eb1a8258c9531b28e29bb65135500ebcc4d43dc5254d66f0177c

  • SHA512

    9f4c5cc1e67d84f88e6f95e8304396ca0111c5f8559769c1f6614fa27cad7c218a5de72fc736008e50ad5b2ff46afb30b58d11f5810103b60f24229d80052d1a

  • SSDEEP

    196608:N9jtxcUCmZVm/SPgLz5iH3Jw2VdXsJ8820:TjrcM5PE5ifVG8820

Score
10/10
spynoteandroidcollectioncredential_accessevasionexecutionpersistence

Malware Config

Targets

    • Target

      Retired Rumbles.apk

    • Size

      6.1MB

    • MD5

      e03aad4f22160e1c82f1dc3c6bfbc060

    • SHA1

      ad57b23ad7b8abd5fb713b23c05f33458c540052

    • SHA256

      5eaff2870481eb1a8258c9531b28e29bb65135500ebcc4d43dc5254d66f0177c

    • SHA512

      9f4c5cc1e67d84f88e6f95e8304396ca0111c5f8559769c1f6614fa27cad7c218a5de72fc736008e50ad5b2ff46afb30b58d11f5810103b60f24229d80052d1a

    • SSDEEP

      196608:N9jtxcUCmZVm/SPgLz5iH3Jw2VdXsJ8820:TjrcM5PE5ifVG8820

    Score
    7/10
    collectioncredential_accessevasionexecutionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasioncredential_access

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks