irata | 19a121a5d544cdd1d5a6839f81bf9dd005ae73fa3b9d6f56ea179fdb746c9547 | Triage

Sharing

General

Target

9334d10838e3482cb33e6130ea8397c30cc9edacd9597f1c21aa321d736cd80f.zip
Size

2.3MB
Sample

240402-mcmdvafb85
MD5

82e73f9c1d1908c803e6c2290f486831
SHA1

9079daf6bc4a471508de5e22f3a167940f00b7b1
SHA256

19a121a5d544cdd1d5a6839f81bf9dd005ae73fa3b9d6f56ea179fdb746c9547
SHA512

6f51672092b2f22e7ca7073bd7e368dd34886561e0566769af377caea1ced5d5491d508e542b7e553dc809da5c4fddd62e3f43c4a31b216d04b48ec7dc3cbead
SSDEEP

49152:BiRq2SQ+YWdeI1Ip3o1HbaT5G1cSfkymC0utY9y44rrJE9b:a5+YWdv1/5aVG1cSfkQ0C1ib

Score

10^/10

irata android banker discovery

Malware Config

Targets

- Target
  
  9334d10838e3482cb33e6130ea8397c30cc9edacd9597f1c21aa321d736cd80f.apk
- Size
  
  3.4MB
- MD5
  
  fb469b2453333babf92789c8a05b7019
- SHA1
  
  eaa47b8dbc32ebb7d2d090f41ed6eac8793e6388
- SHA256
  
  9334d10838e3482cb33e6130ea8397c30cc9edacd9597f1c21aa321d736cd80f
- SHA512
  
  dea36e544d2529407a9334dc7e175eebe9f060d7926db0af1400e3cb3c7505cb6d200919c5043d58322bc12fae2d36a46e55f5dec1b86eeb40f9cb3905f12519
- SSDEEP
  
  98304:RA+u4Y1sNALlOUajvXoTwr5qr5+l9ks5TJGAK86j:RAk8OdgtuJgj
Score

8^/10

banker discovery
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Acquires the wake lock
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscovery

behavioral2

bankerdiscovery