Analysis
-
max time kernel
705s -
max time network
153s -
platform
android_x64 -
resource
android-x64-arm64-20220823-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20220823-enlocale:en-usos:android-11-x64system -
submitted
22-10-2022 14:10
Static task
static1
Behavioral task
behavioral1
Sample
30e1dcf1dd0ecd61a6ecc52f473b022d80b0c64b96f37f0c2c125000444b260b.apk
Resource
android-x86-arm-20220823-en
Behavioral task
behavioral2
Sample
30e1dcf1dd0ecd61a6ecc52f473b022d80b0c64b96f37f0c2c125000444b260b.apk
Resource
android-x64-20220823-en
Behavioral task
behavioral3
Sample
30e1dcf1dd0ecd61a6ecc52f473b022d80b0c64b96f37f0c2c125000444b260b.apk
Resource
android-x64-arm64-20220823-en
General
-
Target
30e1dcf1dd0ecd61a6ecc52f473b022d80b0c64b96f37f0c2c125000444b260b.apk
-
Size
3.2MB
-
MD5
4a64e81624de5995ea2f1f2d91fc7f85
-
SHA1
4e44a8153e5375d818c9d4cc84fe595bbf890568
-
SHA256
30e1dcf1dd0ecd61a6ecc52f473b022d80b0c64b96f37f0c2c125000444b260b
-
SHA512
455f92f9db006194b3a3464f5bc45fa612df78a7406679816b3c04cfd4d4c9b3e598b2beeddbe7a73f2f45bf698bec13045a0296ca19880293f122928eafb915
-
SSDEEP
98304:TdN1VyIlDyCL3b9JKDxyD7sCSDWzeX5LtIf6NLEo3r:fbTj0sD7sCGX5LtIf6pX
Malware Config
Signatures
-
Brata
Brata is a banking trojan malware first seen in 2019.
-
Brata payload 6 IoCs
Processes:
resource yara_rule /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata2 /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata3 /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata2 /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata3 /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata2 /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex family_brata3 -
Acquires the wake lock. 1 IoCs
Processes:
com.mtsfreegames.unicorn.runner.magical.little.ponyrundescription ioc process Framework service call android.os.IPowerManager.acquireWakeLock com.mtsfreegames.unicorn.runner.magical.little.ponyrun -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
com.mtsfreegames.unicorn.runner.magical.little.ponyrunioc pid process /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex 4232 com.mtsfreegames.unicorn.runner.magical.little.ponyrun /data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dex 4232 com.mtsfreegames.unicorn.runner.magical.little.ponyrun
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dexFilesize
3.8MB
MD55e459004f0c2f90e913a132888c3688b
SHA127443fa1b1c74c8d0651c0d8f25b50d903cf7613
SHA256abcae2d1b121e3d469f0708733ddd85af2713115a2b0cbc540a3f701a4413784
SHA51253cc7a0a4068d7b5617887394b4da54409f85487553bc0e44a9aef6e4bd1176481d47371fcf9b04aeae7a5fe52c1fcd79baba7de2975dc28100f82cc006afd4d
-
/data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dexFilesize
3.8MB
MD55e459004f0c2f90e913a132888c3688b
SHA127443fa1b1c74c8d0651c0d8f25b50d903cf7613
SHA256abcae2d1b121e3d469f0708733ddd85af2713115a2b0cbc540a3f701a4413784
SHA51253cc7a0a4068d7b5617887394b4da54409f85487553bc0e44a9aef6e4bd1176481d47371fcf9b04aeae7a5fe52c1fcd79baba7de2975dc28100f82cc006afd4d
-
/data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/app_ded/6AeekGciwyR4RfyTqYmr6x3ZmjW1mN9p.dexFilesize
3.8MB
MD55e459004f0c2f90e913a132888c3688b
SHA127443fa1b1c74c8d0651c0d8f25b50d903cf7613
SHA256abcae2d1b121e3d469f0708733ddd85af2713115a2b0cbc540a3f701a4413784
SHA51253cc7a0a4068d7b5617887394b4da54409f85487553bc0e44a9aef6e4bd1176481d47371fcf9b04aeae7a5fe52c1fcd79baba7de2975dc28100f82cc006afd4d
-
/data/user/0/com.mtsfreegames.unicorn.runner.magical.little.ponyrun/files/a11yFilesize
8B
MD52e5d8aa3dfa8ef34ca5131d20f9dad51
SHA13cc1d5a427a45820b04fe30f78a972b784952460
SHA256cde0fb0dec1400c54a0f7e7eafa73624c53e4da258bbd34b3380a0defeba95c1
SHA512a0527c1de9df8c529337f73be73cf98fcde155fcf00c7522f67a4a6298b52853d9767815d8811c2a7e5e829871a5dea9174b2b7e90fb7c98a62467240dd78434