androrat | 2a73b8e26d5665197066db7e5ffdf64b89657e6dfb91585b9971a400b6760253 | Triage

Sharing

General

Target

karma.apk
Size

2.2MB
Sample

240929-rkjp5sxeln
MD5

2c9c318fa49a26f591ba3ae5ba9a43ac
SHA1

124fedf7341487007c4f78a8836f81a72acedfae
SHA256

2a73b8e26d5665197066db7e5ffdf64b89657e6dfb91585b9971a400b6760253
SHA512

b6d48c4ded2101cbc5960d52e242ebe5ada245ccfc3ee277efe64aefdc68b38ee57a2c5beb789c433a25481b16caa5bf98705528227ca9eb245d1cafe0783a21
SSDEEP

49152:d8sIATgHkmd602RcNWnHl0VLYZDEwrwJ1jEDnbIgvYRa:yNATgHkmd602iknHl0NlwrwinbS4

Score

10^/10

androrat android evasion stealth trojan

Malware Config

Extracted

Family

androrat

C2

166.182.85.122:8080

Targets

- Target
  
  karma.apk
- Size
  
  2.2MB
- MD5
  
  2c9c318fa49a26f591ba3ae5ba9a43ac
- SHA1
  
  124fedf7341487007c4f78a8836f81a72acedfae
- SHA256
  
  2a73b8e26d5665197066db7e5ffdf64b89657e6dfb91585b9971a400b6760253
- SHA512
  
  b6d48c4ded2101cbc5960d52e242ebe5ada245ccfc3ee277efe64aefdc68b38ee57a2c5beb789c433a25481b16caa5bf98705528227ca9eb245d1cafe0783a21
- SSDEEP
  
  49152:d8sIATgHkmd602RcNWnHl0VLYZDEwrwJ1jEDnbIgvYRa:yNATgHkmd602iknHl0NlwrwinbS4
Score

8^/10

evasion stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionstealthtrojan

behavioral2

evasionstealthtrojan

behavioral3

evasionstealthtrojan