Analysis
-
max time kernel
10s -
max time network
151s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
06-11-2024 03:20
General
-
Target
a6004de6a426ae936ba9980ca175456849790596b634fc5be4874a232a3247d7.apk
-
Size
14.7MB
-
MD5
48658d5ec9903cd3afb15ac5b217b066
-
SHA1
06793939a4880f27060ababe90bbf2435a3dea23
-
SHA256
a6004de6a426ae936ba9980ca175456849790596b634fc5be4874a232a3247d7
-
SHA512
be844f7a3d1d733127c6bd8ff45efcf476ac9aff68531b0c35c74890e8079b2b6edde550d652b9ade7bc455c9860f0cbde32b4dd3c41331e83452ba05dd0731f
-
SSDEEP
393216:u1ko++UEBhPQT75d5Zb8RuI1rhMlIPDNQPa0hAcdylFPqC/Dwxa:uFdUZ5dTKuMMlILMrjyHPEa
Malware Config
Signatures
-
Makes use of the framework's Accessibility service 4 TTPs 1 IoCs
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Checks CPU information 2 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.brata.rat1⤵
- Makes use of the framework's Accessibility service
- Obtains sensitive information copied to the device clipboard
- Checks CPU information
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Input Injection
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Clipboard Data
1Input Capture
2GUI Input Capture
1Keylogging
1