General

  • Target

    cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb

  • Size

    5.4MB

  • Sample

    231224-elzrjahga6

  • MD5

    f150e5b51f7d33b2350e236fb3ab5ff1

  • SHA1

    e0f569e935a4c8c0238ad170824bf2b21a65b63a

  • SHA256

    cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb

  • SHA512

    8eb4505a0ab64270802546285095de5aab979a0a7ba47850221f6827db2d4930ac3185d95c7c993c16321fd5b7c4711aceb8addb1cca627fb3e183e5a29a27b8

  • SSDEEP

    98304:VoXm4EjEm7H+dXPgGvpfyfrl6yTL+pfOUxDY00/SCEIzczRZvpiBdf/piVA5tvgG:VoXegm7UvpoaDYLCvp+DiyfgAN

Malware Config

Targets

    • Target

      cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb

    • Size

      5.4MB

    • MD5

      f150e5b51f7d33b2350e236fb3ab5ff1

    • SHA1

      e0f569e935a4c8c0238ad170824bf2b21a65b63a

    • SHA256

      cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb

    • SHA512

      8eb4505a0ab64270802546285095de5aab979a0a7ba47850221f6827db2d4930ac3185d95c7c993c16321fd5b7c4711aceb8addb1cca627fb3e183e5a29a27b8

    • SSDEEP

      98304:VoXm4EjEm7H+dXPgGvpfyfrl6yTL+pfOUxDY00/SCEIzczRZvpiBdf/piVA5tvgG:VoXegm7UvpoaDYLCvp+DiyfgAN

    • 888RAT

      888RAT is an Android remote administration tool.

    • Android 888 RAT payload

    • DiamondFox

      DiamondFox is a multipurpose botnet with many capabilities.

    • DiamondFox stealer

    • Acquires the wake lock

    • Checks the presence of a debugger

MITRE ATT&CK Matrix

Tasks