irata | 89745e413fe440e12fa3e2f73a889a7545405c7495f48a84102db5ee53d738d4 | Triage

Sharing

General

Target

eblagh.apk
Size

2.4MB
Sample

241117-e4a6ws1gmr
MD5

140cb3883adbb6af12be3f46508fd64d
SHA1

c69468d7bde973770bc2fb29d3ca01fb9937b992
SHA256

89745e413fe440e12fa3e2f73a889a7545405c7495f48a84102db5ee53d738d4
SHA512

cead257622a015f6eb8e4f50792385068d6bdd9f91e5bf711ef384ef3151301ba8f60f5cfafca5e83e52303f54f96171deee074a7cea852cca8503eaf1491f2f
SSDEEP

49152:a/iYJslyM9rLQG4PK+dduC8YuUL2fbzl9SqcT5x:w/Iyaehdu7x9x9Sr5x

Score

10^/10

irata android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  eblagh.apk
- Size
  
  2.4MB
- MD5
  
  140cb3883adbb6af12be3f46508fd64d
- SHA1
  
  c69468d7bde973770bc2fb29d3ca01fb9937b992
- SHA256
  
  89745e413fe440e12fa3e2f73a889a7545405c7495f48a84102db5ee53d738d4
- SHA512
  
  cead257622a015f6eb8e4f50792385068d6bdd9f91e5bf711ef384ef3151301ba8f60f5cfafca5e83e52303f54f96171deee074a7cea852cca8503eaf1491f2f
- SSDEEP
  
  49152:a/iYJslyM9rLQG4PK+dduC8YuUL2fbzl9SqcT5x:w/Iyaehdu7x9x9Sr5x
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact