ratmilad | 73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f | Triage

Submit
Reports

Overview

overview

Static

static

73d04d7906...7f.apk

android-9-x86

7

Resubmissions

14-11-2022 10:34

221114-ml4dqabh6x 10

12-11-2022 19:45

221112-ygpwbacc91 10

Sharing

General

Target

73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f
Size

6.0MB
Sample

221114-ml4dqabh6x
MD5

341a8467de34ed980f463df9e464668c
SHA1

bfb966575c285122e4c7deb35b8f0d4befe84fad
SHA256

73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f
SHA512

4d7982daaba408b9c0f46011e53ad6441297d68c32259eed20bc1ee6ee64ec421434b782231ba1661bc0d87f7317702c634f7de38e5db8d0a1173e107775ee84
SSDEEP

98304:9sYgxq7b6+w77NRDS5J/wZkGB8wXV5mJQ9cZfOlN5wEQ9gPUcrcU1DrDvHfrmy:r7Bwtc5RCkGiwXn4Q9cZfOr5wEQeJ139

Score

10^/10

ratmilad android evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f.apk

Resource

android-x86-arm-20220823-en

android-9-x86

4 signatures

1800 seconds

Malware Config

Extracted

Family

ratmilad

C2

http://api.numrent.shop/api/v1/

Targets

- Target
  
  73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f
- Size
  
  6.0MB
- MD5
  
  341a8467de34ed980f463df9e464668c
- SHA1
  
  bfb966575c285122e4c7deb35b8f0d4befe84fad
- SHA256
  
  73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f
- SHA512
  
  4d7982daaba408b9c0f46011e53ad6441297d68c32259eed20bc1ee6ee64ec421434b782231ba1661bc0d87f7317702c634f7de38e5db8d0a1173e107775ee84
- SSDEEP
  
  98304:9sYgxq7b6+w77NRDS5J/wZkGB8wXV5mJQ9cZfOlN5wEQ9gPUcrcU1DrDvHfrmy:r7Bwtc5RCkGiwXn4Q9cZfOr5wEQeJ139
Score

7^/10

evasion
- Acquires the wake lock.
- Queries the unique device ID (IMEI, MEID, IMSI).
- Reads information about phone network operator.
- Removes a system notification.
  evasion
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy