General

  • Target

    888 RAT 1.0.9.exe

  • Size

    22.0MB

  • Sample

    231224-f13bmsgddq

  • MD5

    32004e656640aad1672f0ee98434bc3c

  • SHA1

    d665b4e03e9d75f87079d65cff791147b7ee6e4f

  • SHA256

    beb837e8832f27dacfd3719cf617310f1b9e74badbfca8705ecafce3ed5e6a33

  • SHA512

    1cd55008d6352469a937f168d6d72cfd202d81c24a6be4c6256a4c73c576577aefe8da912c5cb09e12f12a58e46f99381fa9834b58bc356e0c530908b236785f

  • SSDEEP

    393216:TufwMCigvYFChWbRT5OV7lAUl+9o0okMLeDuq3+QAk5ubWWBwBvJ5wV:aXZgvYYhQDOVPl+9l2+OZuhQwR/

Malware Config

Targets

    • Target

      888 RAT 1.0.9.exe

    • Size

      22.0MB

    • MD5

      32004e656640aad1672f0ee98434bc3c

    • SHA1

      d665b4e03e9d75f87079d65cff791147b7ee6e4f

    • SHA256

      beb837e8832f27dacfd3719cf617310f1b9e74badbfca8705ecafce3ed5e6a33

    • SHA512

      1cd55008d6352469a937f168d6d72cfd202d81c24a6be4c6256a4c73c576577aefe8da912c5cb09e12f12a58e46f99381fa9834b58bc356e0c530908b236785f

    • SSDEEP

      393216:TufwMCigvYFChWbRT5OV7lAUl+9o0okMLeDuq3+QAk5ubWWBwBvJ5wV:aXZgvYYhQDOVPl+9l2+OZuhQwR/

    • 888RAT

      888RAT is an Android remote administration tool.

    • Android 888 RAT payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks