IOC Radar
TLP:WHITE5 IOCs

Glitch SPY: An Emerging Android RAT Distributed Through a Fake Polish Rental App

CY
Cyble
Published June 30, 2026Original Report

Threat Actors

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYPlayTA0027INFRASTRUCTUREsportypointsrewards.c…gich.etherraffleexcha…https://tutaj-dompl.c…CAPABILITYPlayVICTIMunknown
Adversary(2)
Infrastructure(3)
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise5

TypeIndicatorConfidenceScoreFirst Seen
SHA25680af5e921cf8a3052fe4483bb2eb15953590e72ed003ac61c0b9135575c32075
file-hashintel-blogloader
Medium
53
Jun 30, 26
SHA256d439475bf09af7b474cdba2c19e136a1dd38e62b088537445ac3c8e4c2d3a8b1
file-hashintel-blogloader
Medium
53
Jun 30, 26
Domainsportypointsrewards.com
intel-blogmalwarenetwork
High
58
Jun 30, 26
Domaingich.etherraffleexchange.us
intel-blogmalwarenetwork
High
58
Jun 30, 26
URLhttps://tutaj-dompl.com/Tutajdom.apk
intel-blogmalwarenetwork
High
58
Jun 30, 26

IOC Relationship Graph

IOC Relationship Graph5 total IOCs
SHA256DomainURL
SHA2562Domain2URL1Actors2Malware1REPORTGlitch SPY: An Emerging AnPlayTA0027Play
scroll to zoom · drag to pan · click IOC to open