goatrat | goatrat[.]apk

General

Target

goatrat.apk
Size

31.0MB
MD5

d5784a846f5f48fbdbcba517ecaa2275
SHA1

2d7acc5005da645727ddee8a7e5e32240cb6ddf1
SHA256

45d5b2fa6e5a0674485896769fd10be36a6b8bb6274d3828cf5067e68029f9d8
SHA512

0d4c14c0a8653e1cf59134c7e77ee90495e989ff035482bfd89b9714da2ed8f4d9645c4670adb8270654734cc1f7764eaf28734665ceade1dfd0264d7e668432
SSDEEP

196608:MfPhi3Zu9yzhLrzRRgNP3X3Ima6TIpd7A+cs1sgAXFNgI7adsPYCENv4AnzvU5yX:kPhi9zhL3RRAHIF1dXhs3FNgIuIY1vH/

Score

10^/10

goatrat

Family

goatrat

C2

https://srv.yakuzacheckers.com/web-admin/

Declares services with permission to bind to the system 1 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to record audio.	android.permission.RECORD_AUDIO
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Permissions

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECORD_AUDIO

android.permission.FOREGROUND_SERVICE

android.permission.SYSTEM_ALERT_WINDOW

android.permission.ACCESS_WIFI_STATE

android.permission.WAKE_LOCK