androrat | 0db62718e0ac2ce8cb86d208d1a687a9bb453de620b2236521bc2cd65626e30a | Triage

Sharing

General

Target

test.apk
Size

2.2MB
Sample

240713-va698syfpm
MD5

6a0757584118a4f7f66df31b023c3b2c
SHA1

26cfaf2b1917006935a41939cc70099ac8c2dacc
SHA256

0db62718e0ac2ce8cb86d208d1a687a9bb453de620b2236521bc2cd65626e30a
SHA512

5ec783ffdafcdce24f83aed07c4f345657b4a4867d619a099dc26d2234f6ef1f9d1336096fa5e59e4665d3b11d05afb060e328cf48dea1c369601ae6ecd742c1
SSDEEP

49152:9rM7sQSgm6ZUp63VW2yzll5J4OV3LszmYQffUrKcgvYma:i4Q3j305V3LsTpKOd

Score

10^/10

androrat android evasion stealth trojan

Malware Config

Extracted

Family

androrat

C2

193.161.193.99:59263

Targets

- Target
  
  test.apk
- Size
  
  2.2MB
- MD5
  
  6a0757584118a4f7f66df31b023c3b2c
- SHA1
  
  26cfaf2b1917006935a41939cc70099ac8c2dacc
- SHA256
  
  0db62718e0ac2ce8cb86d208d1a687a9bb453de620b2236521bc2cd65626e30a
- SHA512
  
  5ec783ffdafcdce24f83aed07c4f345657b4a4867d619a099dc26d2234f6ef1f9d1336096fa5e59e4665d3b11d05afb060e328cf48dea1c369601ae6ecd742c1
- SSDEEP
  
  49152:9rM7sQSgm6ZUp63VW2yzll5J4OV3LszmYQffUrKcgvYma:i4Q3j305V3LsTpKOd
Score

8^/10

evasion stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionstealthtrojan