androrat | cc96f0c815257af63a0293bb4b7dd77535a27c7cc017c276b7e61ccd986d50cb | Triage

Sharing

General

Target

karma.apk
Size

2.2MB
Sample

240623-elc8jashkk
MD5

21b361f212fa7aa921c6aec7ef8e30d1
SHA1

3597bd37d434e9bd506af2c4ad8888c98715fbb1
SHA256

cc96f0c815257af63a0293bb4b7dd77535a27c7cc017c276b7e61ccd986d50cb
SHA512

c99a2d580ad195022113e42f1f06febae2ad80bea215bf851e176a3d298da3bb2ade8a1fc2e2ca0817de630f36d5d0fce5930b1cd926f0b703bdd0295513b9f5
SSDEEP

49152:zabPwG+lnlw6Ztkh+UyetN5yvTVSL68ICFZq801/zkTqcgvYw7b:zabPwGY9petNwu68ICPYkqOw7b

Score

10^/10

androrat android evasion stealth trojan

Malware Config

Extracted

Family

androrat

C2

192.168.229.58:69

Targets

- Target
  
  karma.apk
- Size
  
  2.2MB
- MD5
  
  21b361f212fa7aa921c6aec7ef8e30d1
- SHA1
  
  3597bd37d434e9bd506af2c4ad8888c98715fbb1
- SHA256
  
  cc96f0c815257af63a0293bb4b7dd77535a27c7cc017c276b7e61ccd986d50cb
- SHA512
  
  c99a2d580ad195022113e42f1f06febae2ad80bea215bf851e176a3d298da3bb2ade8a1fc2e2ca0817de630f36d5d0fce5930b1cd926f0b703bdd0295513b9f5
- SSDEEP
  
  49152:zabPwG+lnlw6Ztkh+UyetN5yvTVSL68ICFZq801/zkTqcgvYw7b:zabPwGY9petNwu68ICPYkqOw7b
Score

8^/10

evasion stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionstealthtrojan

behavioral2

evasionstealthtrojan

behavioral3

evasionstealthtrojan