irata | 654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc | Triage

Sharing

General

Target

654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc.apk
Size

2.8MB
Sample

240517-mvy6csef36
MD5

beccc97980716f98f9edd058018bc90f
SHA1

a0f0da9b1306f2a1ce64246161467b2694190ec6
SHA256

654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc
SHA512

461e298e37e57c075dd2dd43c3dda5f223c6b62d5a910215ed7701318e2db9940c79f0a5234297b3abc712eaa7ce35e9a034663de92edd1ec7bd64197ce226c5
SSDEEP

49152:4/QsZrOCIQVl2KGQx472EXF0/BgrUIwGoKUOPNUzgwcLAB3nxNd3JFaWY:m26lZS72EXF0/8VwxKjPWzMLAhxP3Haf

Score

10^/10

irata android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc.apk
- Size
  
  2.8MB
- MD5
  
  beccc97980716f98f9edd058018bc90f
- SHA1
  
  a0f0da9b1306f2a1ce64246161467b2694190ec6
- SHA256
  
  654e2cd54529f03d48dd196c65051db18af984e59f88c48a5f2bd8c538581bcc
- SHA512
  
  461e298e37e57c075dd2dd43c3dda5f223c6b62d5a910215ed7701318e2db9940c79f0a5234297b3abc712eaa7ce35e9a034663de92edd1ec7bd64197ce226c5
- SSDEEP
  
  49152:4/QsZrOCIQVl2KGQx472EXF0/BgrUIwGoKUOPNUzgwcLAB3nxNd3JFaWY:m26lZS72EXF0/8VwxKjPWzMLAhxP3Haf
Score

7^/10

discovery collection credential_access evasion impact persistence
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3