irata | 5b4b1144f1026eff5bb29ca5cf87c14cb6c588c4446fb02f42858ba495fbb3d3 | Triage

Sharing

General

Target

Eblagh.apk
Size

3.2MB
Sample

240824-q6ahxsvdkm
MD5

274c51ac1b22e4867883ebc90cacc65f
SHA1

b09741e7d09c433a68d902a6e98ef3a968d09cda
SHA256

5b4b1144f1026eff5bb29ca5cf87c14cb6c588c4446fb02f42858ba495fbb3d3
SHA512

49bd0a9f1021335cd29cc8c110b19e9fca29c11f2e7dc5361948f9397feb880271d4b3ad5ea2bf19bf774f534cadfdad6b88c6e7500e4d3b0e539aa86724f355
SSDEEP

49152:h/iYJsl5pIC9rOMZyEZhVU7218RMvfiNU9hZsot7XEXVVmcjPNSEi5I5pRWTN+NP:p/IDxOMgEqzSHSUpsotYdrAEi52RWTgN

Score

10^/10

irata android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  Eblagh.apk
- Size
  
  3.2MB
- MD5
  
  274c51ac1b22e4867883ebc90cacc65f
- SHA1
  
  b09741e7d09c433a68d902a6e98ef3a968d09cda
- SHA256
  
  5b4b1144f1026eff5bb29ca5cf87c14cb6c588c4446fb02f42858ba495fbb3d3
- SHA512
  
  49bd0a9f1021335cd29cc8c110b19e9fca29c11f2e7dc5361948f9397feb880271d4b3ad5ea2bf19bf774f534cadfdad6b88c6e7500e4d3b0e539aa86724f355
- SSDEEP
  
  49152:h/iYJsl5pIC9rOMZyEZhVU7218RMvfiNU9hZsot7XEXVVmcjPNSEi5I5pRWTN+NP:p/IDxOMgEqzSHSUpsotYdrAEi52RWTgN
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact