irata | 1e6cccce8a46aff2c607ee4092f5d2c778e3b0b6d7ae0ed7ac673e5702d0ddec | Triage

Sharing

General

Target

1e6cccce8a46aff2c607ee4092f5d2c778e3b0b6d7ae0ed7ac673e5702d0ddec.bin
Size

3.5MB
Sample

240628-1z2zpstcjc
MD5

39f9c0603e5a3422f5c41071680ebd81
SHA1

2ccdea0c77d2c3447f0d89cd43379f64eadb934f
SHA256

1e6cccce8a46aff2c607ee4092f5d2c778e3b0b6d7ae0ed7ac673e5702d0ddec
SHA512

2a0a1591103e2a911edc3c4a32627838da6437f07c17b4378c229a11f54251fac597e928542fe233c1b6e26f04f55f2651a3c94ddcd75808dc1bb9edf3078dc7
SSDEEP

98304:t/uLod7dpDnoagxlToTwr5LCzdOGAXk0Ji0KV:E69XY/9XkOM

Score

10^/10

irata android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  1e6cccce8a46aff2c607ee4092f5d2c778e3b0b6d7ae0ed7ac673e5702d0ddec.bin
- Size
  
  3.5MB
- MD5
  
  39f9c0603e5a3422f5c41071680ebd81
- SHA1
  
  2ccdea0c77d2c3447f0d89cd43379f64eadb934f
- SHA256
  
  1e6cccce8a46aff2c607ee4092f5d2c778e3b0b6d7ae0ed7ac673e5702d0ddec
- SHA512
  
  2a0a1591103e2a911edc3c4a32627838da6437f07c17b4378c229a11f54251fac597e928542fe233c1b6e26f04f55f2651a3c94ddcd75808dc1bb9edf3078dc7
- SSDEEP
  
  98304:t/uLod7dpDnoagxlToTwr5LCzdOGAXk0Ji0KV:E69XY/9XkOM
Score

7^/10

discovery impact persistence collection credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryimpactpersistence

behavioral2

collectioncredential_accessdiscoveryimpact