Overview

overview

10

Static

static

10

Craxs rat ...V1.apk

android-9-x86

1

Craxs rat ...V1.apk

android-10-x64

1

Craxs rat ...V1.apk

android-11-x64

1

childapp.apk

android-9-x86

8

childapp.apk

android-10-x64

8

childapp.apk

android-11-x64

8

Resubmissions

11/02/2024, 02:09

240211-ck4yradd23 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Craxs rat mobile V1.apk

  • Size

    5.4MB

  • Sample

    240211-ck4yradd23

  • MD5

    5957b575bb39d2ae9cf18325d754938f

  • SHA1

    2e7f4ce732c1f7f00b10c929bfcc70753693dfc9

  • SHA256

    837b92efaa65bd18df1885dc06401f3edf2609eb51aa85b537f21eda1abc61c5

  • SHA512

    cd332a7d1d9e1a44794f05e866c42c7d0f23d8b48ad56a59ccda877f6e10617073e55afee4289956dca530a2286ba5d3ab00812b43e6b6026873862a448ff849

  • SSDEEP

    98304:zuq6DHpO1xrQs/y64AJ+IDkaP5LUT2cUxtjnmUKMyhrFZIAFANHg1vTNqE/t:z6DpUFnjkaPxWUXmUKtrFfWNH2L4E1

Score
10/10
spynoteandroidbanker

Malware Config

Targets

    • Target

      Craxs rat mobile V1.apk

    • Size

      5.4MB

    • MD5

      5957b575bb39d2ae9cf18325d754938f

    • SHA1

      2e7f4ce732c1f7f00b10c929bfcc70753693dfc9

    • SHA256

      837b92efaa65bd18df1885dc06401f3edf2609eb51aa85b537f21eda1abc61c5

    • SHA512

      cd332a7d1d9e1a44794f05e866c42c7d0f23d8b48ad56a59ccda877f6e10617073e55afee4289956dca530a2286ba5d3ab00812b43e6b6026873862a448ff849

    • SSDEEP

      98304:zuq6DHpO1xrQs/y64AJ+IDkaP5LUT2cUxtjnmUKMyhrFZIAFANHg1vTNqE/t:z6DpUFnjkaPxWUXmUKtrFfWNH2L4E1

    Score
    1/10
    behavioral1behavioral2behavioral3

    • Target

      childapp.apk

    • Size

      61.1MB

    • MD5

      0b164382ea5279ba6baaa2f0f6fc99af

    • SHA1

      58bf6ab3f5f854431d14f162e926759aed59e2e5

    • SHA256

      613dfad45a7696818e1fb73d6892bb52cad7231c305f70db1c9cbbbcfab2c76d

    • SHA512

      056e6c41a6bdb0f715a1f46d97da168d135c411dd978295fb73137f2d027f906f1d4601685fa5776f118ec662eee2d85886506237185f44931829ebcab94536c

    • SSDEEP

      98304:zrp2DuCvLN44WzpF1Cuqmsf5RjaECmzzzBCTW0t4n67Yn:+uCv1WHEugf5gEtzcdb8n

    Score
    8/10
    banker

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

      banker

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    behavioral4behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks