Overview

overview

10

Static

static

6

27e0ec79db...f8.apk

android-13-x64

10

27e0ec79db...f8.apk

android-9-x86

10

Analysis

  • max time kernel
    9s
  • max time network
    149s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    02-04-2024 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27e0ec79dbb7c7f99b43c8c01a94188d1071d1245b1745d0e066ae774c78a8f8.apk

  • Size

    3.1MB

  • MD5

    aa294efd44594b64eb93904dbb3c7a2c

  • SHA1

    91639afbface1289c1f35ed1e822843ad75514a7

  • SHA256

    27e0ec79dbb7c7f99b43c8c01a94188d1071d1245b1745d0e066ae774c78a8f8

  • SHA512

    659ed5447cc8b6b79c162464e941547b63702f9387ec4b2ae01a4bea1c522ee2a66327fae35c98ea962b46feaba9ba7c8af74acb68b0f4ba90900e936f0ee43c

  • SSDEEP

    98304:1eVM3OTHHj0B8GJPl1LUV9dcKUQA1QgfJRbdpA52:sVM3OvGdLMdXUb1QMRhp02

Score
10/10
bratairatabankerevasioninfostealerrattrojan

Malware Config

Signatures

  • Brata

    Brata is a banking trojan malware first seen in 2019.

    bankertrojaninfostealerratbrata
  • Brata payload 2 IoCs
  • Irata

    Irata is an Iranian remote access trojan Android malware first seen in August 2022.

    trojaninfostealerratirata
  • Irata payload 1 IoCs
  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.xd.craft.school
    1⤵
    • Loads dropped Dex/Jar
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4280

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.xd.craft.school/app_ded/OW4kr0V35JtBb8Uaey8wmgx6pB7gXa5r.dex
    Filesize

    3.8MB

    MD5

    295ed823d46c31cef4135633633daf3b

    SHA1

    bb3569427f6e34114bce6eff08b5b283f5195393

    SHA256

    906d5dbff4fd804294ca836d71ee7a8c1d145e2b482592458aa8413a076efe79

    SHA512

    effb517c5c1cf11329fd0d3cde9e7999245bc51b7e7d56451eb34472e719c3cde64532a2d2cc0c234af2fb9ccf80e446c2d81c9d1f841199ec68c27450d5074e

    Download Submit