caprarat | afc9fbb1ff8cfdd79a781bf493dc426bb059916debbb98c1b7c20a9d0f24a5f7 | Triage

Sharing

General

Target

afc9fbb1ff8cfdd79a781bf493dc426bb059916debbb98c1b7c20a9d0f24a5f7
Size

6.9MB
Sample

240410-qpwd3ahc55
MD5

3de894e4606b26ed3c7e3182d948a7c8
SHA1

b4c7e17d2cea86ebd412e8cd0f3bcae228a03522
SHA256

afc9fbb1ff8cfdd79a781bf493dc426bb059916debbb98c1b7c20a9d0f24a5f7
SHA512

d87db63d64cc92de85cd1c8c2ebf89ad0066b2af4bbae6de66e6c54368015127cc81805fcbc7c24103a5f6474375787fd3a974f6e05ad82d8c503ec98bf7b90a
SSDEEP

196608:IGxWSCgvZIo47OF9/pJ3HvaSO1Uh+w1Lwzd4ZI4Xv4pWfBJ:/W/8Io47Q/pJ3HvpO1UwbX4+QBJ

Score

10^/10

caprarat android evasion

Malware Config

Extracted

Family

caprarat

Version

D.A.U.6

C2

173.249.50.34:12182

Targets

- Target
  
  afc9fbb1ff8cfdd79a781bf493dc426bb059916debbb98c1b7c20a9d0f24a5f7
- Size
  
  6.9MB
- MD5
  
  3de894e4606b26ed3c7e3182d948a7c8
- SHA1
  
  b4c7e17d2cea86ebd412e8cd0f3bcae228a03522
- SHA256
  
  afc9fbb1ff8cfdd79a781bf493dc426bb059916debbb98c1b7c20a9d0f24a5f7
- SHA512
  
  d87db63d64cc92de85cd1c8c2ebf89ad0066b2af4bbae6de66e6c54368015127cc81805fcbc7c24103a5f6474375787fd3a974f6e05ad82d8c503ec98bf7b90a
- SSDEEP
  
  196608:IGxWSCgvZIo47OF9/pJ3HvaSO1Uh+w1Lwzd4ZI4Xv4pWfBJ:/W/8Io47Q/pJ3HvpO1UwbX4+QBJ
Score

6^/10

evasion
- Requests dangerous framework permissions
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

User Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3