irata | bfaf5a89c27e0a1b7eafc47fb9c408d98a5214275168d72e2e9749b4e7aeb3cd | Triage

Sharing

General

Target

eblagh.apk
Size

2.4MB
Sample

241118-mrm9pavjhv
MD5

d19af56235d6c03a465f2095a86a6da3
SHA1

3e4fed9caa3f3eef68148f2519c42c1916dacd12
SHA256

bfaf5a89c27e0a1b7eafc47fb9c408d98a5214275168d72e2e9749b4e7aeb3cd
SHA512

f648b8b5770bf77f1b0f6aed59e8068737cd52fc491be5b31ff94528f4550111675b06c80269a0e51d912637041b28eaa17b9e87af6e14dbd96d617088bec6cc
SSDEEP

49152:5/iYJslyMdUVjtKuLm3crRnJOu5Ef8TPxs1fY7WYKI:h/Iy+CtKoNlDxsGCYn

Score

10^/10

irata android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  eblagh.apk
- Size
  
  2.4MB
- MD5
  
  d19af56235d6c03a465f2095a86a6da3
- SHA1
  
  3e4fed9caa3f3eef68148f2519c42c1916dacd12
- SHA256
  
  bfaf5a89c27e0a1b7eafc47fb9c408d98a5214275168d72e2e9749b4e7aeb3cd
- SHA512
  
  f648b8b5770bf77f1b0f6aed59e8068737cd52fc491be5b31ff94528f4550111675b06c80269a0e51d912637041b28eaa17b9e87af6e14dbd96d617088bec6cc
- SSDEEP
  
  49152:5/iYJslyMdUVjtKuLm3crRnJOu5Ef8TPxs1fY7WYKI:h/Iy+CtKoNlDxsGCYn
Score

7^/10

discovery persistence collection credential_access impact
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoverypersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence

behavioral3

collectioncredential_accessdiscoveryimpact