888rat | cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb

Analysis

max time kernel
2763540s
max time network
146s
platform
android_x64
resource
android-x64-20231215-en
resource tags

androidarch:x64arch:x86image:android-x64-20231215-enlocale:en-usos:android-10-x64system
submitted
24-12-2023 04:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb.apk
Size

5.4MB
MD5

f150e5b51f7d33b2350e236fb3ab5ff1
SHA1

e0f569e935a4c8c0238ad170824bf2b21a65b63a
SHA256

cd4cfb25cd47e1e3f52de6be00547fcde3ee7f058bda0febb86ccd9c2c2a82cb
SHA512

8eb4505a0ab64270802546285095de5aab979a0a7ba47850221f6827db2d4930ac3185d95c7c993c16321fd5b7c4711aceb8addb1cca627fb3e183e5a29a27b8
SSDEEP

98304:VoXm4EjEm7H+dXPgGvpfyfrl6yTL+pfOUxDY00/SCEIzczRZvpiBdf/piVA5tvgG:VoXegm7UvpoaDYLCvp+DiyfgAN

Score

10^/10

888rat evasion infostealer rat trojan

Malware Config

Signatures

888RAT
888RAT is an Android remote administration tool.
trojan infostealer rat 888rat

Android 888 RAT payload 1 IoCs

Processes:

resource	yara_rule
/data/data/com.protectstar.antivirus/cache/volley/-4440143562082814216	family_888rat

Acquires the wake lock 1 IoCs

Processes:

com.protectstar.antivirus

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.protectstar.antivirus
Checks the presence of a debugger
evasion

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.protectstar.antivirus

com.protectstar.antivirus
1⤵
- Acquires the wake lock
PID:5053

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.protectstar.antivirus/cache/volley/-4440143561595694984

Filesize
737B

MD5
af1f707bb593b313d25ed57030fce012

SHA1
6e4e5a41a22d517d5461fb68a6382d4c000d8fbf

SHA256
ee6c4831aadf0bbf3dcbed26026578c2ceedd29b9fa26a4cb4a20bffaa22f7c3

SHA512
3a6ae2183e50e9450172a7a6a69d1b6e132b82e2662166410201b39eb0619e1b902c49071cce2a3f718b33bdb5e70ae9b12714bbff3763f35de2026ee9e026a2

Download Submit
/data/data/com.protectstar.antivirus/cache/volley/-4440143562082814216

Filesize
737B

MD5
146701ac39c2ea8472a376031d096128

SHA1
6044056b5a476dea76ac02cd0e42d14927ddb997

SHA256
53bb8c7eb1c47ec0c7c783c589aababb5d4c67b118b6fe311565bc927d586e7e

SHA512
5fb736471a6f268ac21c9fd5a5b7f0ffb2d6dcfaf3b94fe86c13b3808276d1f0c5d0fe9b023c501949d1d7ef3b029f9f8b4ba0243ea522561bb746389dd3c752

Download Submit
/data/data/com.protectstar.antivirus/cache/volley/-4440143562082814216

Filesize
397KB

MD5
3607645dfa7d572f800e6affae2d3d2c

SHA1
6de136ce1ea6a1e22af7badb66d91ce42463df9a

SHA256
ed20eb7fc2a43e224b8c41a228b40aedc3484f0bc3ca2c5db4b6394374cfd10d

SHA512
8d38604d7e2a07f0c9f6190a503f0248edffe80804817012177ba3efe950a6312f5b364bd078305fbff0f18cf61807f1729a6db144e0d792d4e9f737ad0cbb4c

Download Submit
/data/data/com.protectstar.antivirus/cache/volley/1832329520563655267

Filesize
954B

MD5
81f57c9cf68d6a5468911691725af40a

SHA1
d0b6ec493aacdd12bb1646c6558084f0aa382417

SHA256
f26c1bc41174072e5016978c6dafcee7965482ac074346b2cb214dec4f94b8b8

SHA512
b35fdf5cfe993c44b5a2fea29e04dd4b3e5b5cd3dea03dafedcd7d7aaab13d20c45956db091c79ac7829bdc8fe5361a1f884f68c4486b7877203cb5baba916d4

Download Submit
/data/data/com.protectstar.antivirus/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
e28a20b50cf71b1a92e5e42e0a31452d

SHA1
b64051a03330d72149ff1629b9d3c7d5f90560f4

SHA256
09b32b580f0534bc3e6b93523f33c6d1afa2629dc53d63e1a49a73e1dc33e392

SHA512
b25e6c726ed72acad4e9282530c26f28733b0e35da12f7467400d307858021c3170f37f6dbc9587193621d924779184e4d87a1f469a6f5255e173d653c961c86

Download Submit
/data/data/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
bfe509dbb4f1cc9688a2f0203390a19d

SHA1
964c43ccc2328d4bf6af912e6f553ebdad9ba8dc

SHA256
05c5cb4a8e42828e992811a232627c2f52bac74f69ad44a0679dd76c3c67dc7f

SHA512
8ce93663687064cf6b4138619cc05f0d8381d115e4a00c94278959b5f87ecdacbef8ccddaf507ad1fa85f0016127f069b1a158d68ee37ed7b2d7da89b58ce88a

Download Submit
/data/data/com.protectstar.antivirus/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
08faca13d6bf90e37a306cd51945498f

SHA1
6da9a8fa2d150170ef374fbeed42f0766c4fe02e

SHA256
07f6bdb611a4eb7c3b1cbcde87bd3d857192ace1c17fb089339749268e2fffd5

SHA512
7cb60bfeb2de41b23056c1ec3f4f9341c8c1ff9c928f10893e38bc0dfabd6f43e07a7df2f4c6d9cbd5c21ea82edfa06f673faf1f1ce0f67783bc5b94e1eb072c

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2b202d438fc45c37f9bad0cfb4279620

SHA1
d6cd659a096bc0b5ed76cbe167aefaee62deb9a7

SHA256
d6c8956be9fdb78c8e8f43cd5e9a7d353a7a824076a96f59d3f05eed5ae7de65

SHA512
74f5235c82fdd50c95b3e05e117d2905252e85765348571c941864d311289ef9436e6986de2e365f06b05a310f8c9d080231a39a274d1914f803bd00737f8a6b

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
725a7c348d3169ada6d6b5b54b7021c8

SHA1
83c15929b99e1ba471397d94b8e3e6ae96789e44

SHA256
2de28e81caf1c5f0206e36a954dfb70d6ed92439ddfa30c99a05698a9165d9b2

SHA512
cc587e331c4e57d0e10fb8d62a63da2f3c734ab797767427e13dd3dae6fb95532a6691f1c5fa5cede6a48ab771b93b5e303bfbc35f318fab651404e3a009b409

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b6b2e253a10dee1f7b1a1e3ad8aececf

SHA1
f6b68067654cf6a7db9f6b43119ac78664f71223

SHA256
066ea4f525e0101fff4d8231569d77ff15260622437468ac9c46149f29c8479d

SHA512
bc463c68f997db7ad04e6ff57e8a7cd5410585cdf6e72dc045ad9723d39f123027e88be2739e7c3cbce03c0be61a814bdd65b573292d6414079feafd6a973c22

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
e4bb0190fa477fd246f71f077d522e47

SHA1
6fc5d5f19f125a8271571d06b33315c48fc0e2d7

SHA256
54814270dffc20c4529565163a7608061724fbb54853b993547be4e7f70a25c2

SHA512
7f5f210d556a19b12acc361e984b37a07d680a8bd093e98b5ad0582e00dc795375d802f0d38153d634abf80bd57fa3585a89968c7c381199d3df849c8ff6e60e

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
01ee7342cff90b4cd8eb0da985ef90db

SHA1
a02a119e9e8b2af27ec6146755e2279a9cd2b074

SHA256
6f380e7696985522ec70d118275296bffbed7e024e311cd0033d42ba911e3d13

SHA512
45899493792acb68493464f39d76291f9635d6a369adc9aefaace9742ba10711acafdd7fe1c83d8fff36b66ea1c5180530b865e8f2b0f938764d8ca90cb08f92

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c1561958b5d9683711354c6bf9c57eba

SHA1
6ea139646692dba4583fd41d55e45218110b5dba

SHA256
b097c33e2a6a288b443b2c6aea05303918ce5ca35cea0663bd4d74791c33967b

SHA512
ec964895fb74cf60e6eb83ba433aaeb33897380965379e2147580d131cbd825951d05ab455c6643062094fe59bd9fa9267ed9d647c34607e2a261a13f86fe93e

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
9e8c14e2c95570f3c1697893f1f0145c

SHA1
8c0cdc31b06f8a186e73238d2d735a94e4760f03

SHA256
3f7c62561ef9d95160a9ba4c0da43c874d347ea84b61714195c716105bd4f8f6

SHA512
e2f4116dd67f3163e439260a97b43e54c3fa27fab72d577de336ade50d9eb0b798fb48cabd59efb9a6abc80c3cb19cdfef71f4c8956dfe4109bbc6120a653470

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e113e9dd53eba92512a3baa7265c345f

SHA1
119a121b36ac167c79d0b982e8d10b086f77368b

SHA256
75ed796565596bb26762d43c3092111304f0be349d9040aa07e6bdff94634c89

SHA512
f804e421ff6b3dcc52d800d45ecc91a97eb2461dc6f8dd786914a8c7545116aaa37c5e23e90617906942f3f8f0f0364c5e12c08271b4d598a5b560fc73bcbfc5

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
6f3d825239f6260b2b3e00bedc1420ff

SHA1
5752337f5f937d9d937c3a67cd3303ac826f188d

SHA256
35379563fd9886638b6a95d705e529fcd6a41211d0fa20db3eadf8ca6650ae73

SHA512
9b441b99530fd28345cc241462fae3c42ff49947d456cedb5709e5832f43ed15cf1f0fbef97031e55a42f14d4ea213609d23f5a1a62d6ab6719621989224e375

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
59551c47182d0884ad2e2e2f153fa1be

SHA1
24492c794b68c62656efc30d48653fa2066f3da4

SHA256
518296d78ae0acff8361b3db9276dec15bc22972d24ddab014219dd607ee3114

SHA512
05f0cc2632806c28ccfdbbc875abfdfeb6bf948fb04ee0dc0f03c9dea5e5ab33eff8510e7d5f5ae4a378c9dc72fd16b6da7bfaf73355efb496a49b4d9a70ce1d

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
556edf6bcd0278bef0a57859b371f3c7

SHA1
9abbf9561f1cf3b16d51ea151e646a063a6461ec

SHA256
a4288a3d3f9b40653d4c5d978149d29c812aa055e04022b3b30e3436135c565a

SHA512
19e6d692a36fd1f613c12d51188318f2a53790e47872da41793d163771e0438cb964f0213c9a99ac22a524655ce0cdf1d85383e0e6848b798e0ac657923cc773

Download Submit
/data/data/com.protectstar.antivirus/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d60cab45fe75f5e8cd8a170daf64fa38

SHA1
6d5392c113df93f9fd3e3926fd3a3984071c8968

SHA256
64d9c1246b49cbca213cf9ce2db607b2f6d69a60a2c294ead1082b8bd581209f

SHA512
5255229fe4cc715b98fbd99971370f9fca6de34474e8718565b0342029b3fdd5a03f3ab87556a42a5352aa18f3a8ed092c0d4e8ce71d01156aa1821bec69d869

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/658A6C710241-0001-13BD-CC1C75F651E7BeginSession.cls_temp

Filesize
75B

MD5
09cad73f2cdf7b2da31e0252fcc57b10

SHA1
a03df74fb5b5b2c8535286e2ee48ab69e9458e68

SHA256
e124f53e18020745ca5488616f879c1f6ee151ce614df968b2bc8a3984014479

SHA512
afa246b7383ca2067f1fd73ed87740d2343d631ae52a213108727364738e96ef53e90858744089b9658ece5ed74a4d97a413ba20f3616e21bd2b4d14aa121155

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/658A6C710241-0001-13BD-CC1C75F651E7SessionApp.cls_temp

Filesize
78B

MD5
741ea4b6e65ea05433cedb0b588a64ba

SHA1
ad2c09fd1adbcfa0f75dde450b701c05c8bd705d

SHA256
1064938e0fac4cda3b119f862b936b076b5beb3603fe89934c1c9e63652cc5be

SHA512
5c2c7d020c842a0b208a50a81d4e869c570174b9ab226c99bbbf12c8217e0af4db42f73320582455b79d66cd8efb77c3c207e76dbadf32adf68bd707397811d3

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/658A6C710241-0001-13BD-CC1C75F651E7SessionDevice.cls_temp

Filesize
48B

MD5
2390c1f21db00b20c07107e3ec7275fe

SHA1
e663a646460acc071aebee942cc1776c23d77655

SHA256
d348072a01496839cfcde3a18866423aee74aefd613fa3bf1ff4a203ef46a699

SHA512
43ff60754eb60795ca1c318f44dcfe49194add26cc3d92c2eac7bef538fd65b6290f2e5953b8f1693b9425ebbcdd022ab16a18280146ee0b0c2eefe27bc0bd63

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/658A6C710241-0001-13BD-CC1C75F651E7SessionOS.cls_temp

Filesize
15B

MD5
2566d27ce8c28d8961f082c375d7535e

SHA1
92fe585b1a2c9c523d2fa1f65ab5c1b6a1a6edaf

SHA256
5acdb54ddba2e264f6822fbdbc4e9b5158f57d43785c2f01d981956b18f7a90a

SHA512
1c70679bbd25a57f9ac02083d5af0fe72b1417cf3070a195497f03d6f492e87b1ed3f570de7ea7c814c995a1530e32610d9570f31a480648f4062e8d3287be8f

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
720B

MD5
b6ce1fd986940c12c66e498f61045d10

SHA1
60c7b1652fde68a56dd6e9ee10b039da2ac44cce

SHA256
48860de682bf0d221a92f7ce4430421fcebcc66f98dc9817cf026428b5ffa91d

SHA512
0fcf8931b549c7f9f87649b3a843e38d9490d90913c6dcb0c38d010e14426ed0d81ad43355eb513e5873e239c1bd805ba469e85c5643037b3f2e07b9d3b4de3f

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-658A6C710241-0001-13BD-CC1C75F651E7.temp

Filesize
198B

MD5
96e40bd56cc5ffb1bc5231f5189264f7

SHA1
c73f972d7be51a5de3c664987764126a3dbaea71

SHA256
6f54c45cb564d2c2d4c313b094c6a03cb59987b53cb15952042ffbee2dd25926

SHA512
2f57d0abccb738350c4fd0f1d42d8ceb588265a3d33f2135295f80f4912ae9299bd7a5511c9d432eeed08a8f3b2cc2c00325eeeb4db79f73dd5daa872087b4ed

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-658A6C710241-0001-13BD-CC1C75F651E7.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.protectstar.antivirus/files/.com.google.firebase.crashlytics/report-persistence/sessions/658A6C710241000113BDCC1C75F651E7/report

Filesize
754B

MD5
ca00b8e98279a5b7f5b38c58ebb3c0df

SHA1
80e16f9f4fbe9d0b51bc4161b87bb6d0acbf700b

SHA256
70bb2680c5108d01d9af30460a431fa5481d72abe8337eeffb8d64b90a0d523d

SHA512
3b3640ef592d50685553c962bcb10de0d18400b4beedd23444472d852cd24384cf45440ae750a3aa17db91c829be9655c80814d57e958039faffd0733a41e9ed

Download Submit
/data/data/com.protectstar.antivirus/files/PersistedInstallation8557589097563842933tmp

Filesize
90B

MD5
e2dd4ea62a852c5bb190f64d7a533240

SHA1
e3e4b4bb6591443d88f5fa83ad1b12f73824f47a

SHA256
243966a52f874e1ed3fc382d14327f73dd1c29b03b005682c5f129cebc8181fa

SHA512
567d9463a5e135694baa4094e24305331547fa379d5a7331c9ec037c449cfdeab73758ab99a02629e0f60012c0a959174c806fc54ef388456f6acc8838bc35da

Download Submit
/data/data/com.protectstar.antivirus/files/PersistedInstallation8889818896946008399tmp

Filesize
570B

MD5
c6ea3fcda06bfc322200436ea9841ed1

SHA1
f927c93cee3f9094167c900066d02ce762b5984c

SHA256
96cc06c1cba59578f8502dce9b2dda56adf6ee3a6dcebb1c31a2d431e01c2a03

SHA512
6923d9b904db377def2d23a01a687634865b976b90fb42cbf98d503a83e47118b086dc737c44174a75947e7b6109046aac3a91cc0134f3365b5e794e443ac4f6

Download Submit