irata | 078970dac378d5ce28d98bbe2f89855d1067edaca4e10077151f3a4dfc5287ff | Triage

Sharing

General

Target

adl.apk
Size

3.9MB
Sample

241118-e6grfsyjdx
MD5

ce55cf6d05e81bcc4d71e7f9d7bcfcdf
SHA1

cb0a74dfba654c37729be778a6d74768d96799e9
SHA256

078970dac378d5ce28d98bbe2f89855d1067edaca4e10077151f3a4dfc5287ff
SHA512

bf2a4e2a449dc7167634f95e539eac7affae0f8e55cb4078c2957df5b5cef1d8c77de75c5bf7f25716a58fbd43b81f77adf23f84ca41be5e0a423d6f6de5de5b
SSDEEP

98304:/vmWXyiA7w8IxdDjcAT/2QedTGWRPdywjOmdUnvSJaD:HmmLvDjcAT/7eU6+

Score

10^/10

irata android discovery evasion persistence

Malware Config

Targets

- Target
  
  adl.apk
- Size
  
  3.9MB
- MD5
  
  ce55cf6d05e81bcc4d71e7f9d7bcfcdf
- SHA1
  
  cb0a74dfba654c37729be778a6d74768d96799e9
- SHA256
  
  078970dac378d5ce28d98bbe2f89855d1067edaca4e10077151f3a4dfc5287ff
- SHA512
  
  bf2a4e2a449dc7167634f95e539eac7affae0f8e55cb4078c2957df5b5cef1d8c77de75c5bf7f25716a58fbd43b81f77adf23f84ca41be5e0a423d6f6de5de5b
- SSDEEP
  
  98304:/vmWXyiA7w8IxdDjcAT/2QedTGWRPdywjOmdUnvSJaD:HmmLvDjcAT/7eU6+
Score

7^/10

discovery evasion persistence
- Checks Android system properties for emulator presence.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasion