hxxps://raw[.]githubusercontent[.]com/yuankong666/Ultimate-RAT-Collection/main/README[.]md

Resubmissions

07/05/2024, 11:03

240507-m53ljafg94 7

07/05/2024, 11:00

240507-m38d1ada8w 7

Analysis

max time kernel
142s
max time network
154s
platform
android_x64
resource
android-x64-arm64-20240506-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
submitted
07/05/2024, 11:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://raw.githubusercontent.com/yuankong666/Ultimate-RAT-Collection/main/README.md

Score

7^/10

collection discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

Reads the content of photos stored on the user's device. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://media/external/images/media	com.android.chrome

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
5	raw.githubusercontent.com
8	raw.githubusercontent.com
9	raw.githubusercontent.com
12	raw.githubusercontent.com
15	raw.githubusercontent.com

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
- Reads the content of photos stored on the user's device.
PID:4728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Data from Local System

T1533

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
1KB

MD5
774d459bb822066ca7a11aeaa79d3fd7

SHA1
18be9151bcd563a6fb27099a3326d0f46aba9c47

SHA256
6fb2ab017e37ba0a3bdb007dc4c04848d08946cfa0fc5f520f47a17c38e17b9c

SHA512
9ba06fdb7761a8afc7a071b95ae95fec6b3ef1bc371e0eedb4ebf04be0bb3b7998ca9fdcca4768cfa25674b434c33f694bd72077cf6a72b4ce43dec96ca4b039

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads