Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://youtubevance...

android-11-x64

10

Resubmissions

22/02/2025, 12:36

250222-ptcxvawqhl 1

Analysis

  • max time kernel
    931s
  • max time network
    943s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    22/02/2025, 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://youtubevanced.com/

Score
10/10
888ratinfostealerrattrojan

Malware Config

Signatures

  • 888RAT

    888RAT is an Android remote administration tool.

    trojaninfostealerrat888rat
  • 888Rat family
    888rat
  • Android 888 RAT payload 1 IoCs
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs
  • Requests dangerous framework permissions 18 IoCs
  • Checks CPU information 2 TTPs 5 IoCs
  • Checks memory information 2 TTPs 5 IoCs

Processes

  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:4243
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:5600
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:7034
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:7257
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:7974

Network

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • files/dom-0.html

    Filesize

    56B

    MD5

    cecb649cb1fb79c3736936fcbef3bbf2

    SHA1

    2c95183d7d2b0cd68d15b3c4115189351fc08720

    SHA256

    09bda72e7c32a69e3268e0ebd8caa33684cbc954dd00c7d93a38830e348ef324

    SHA512

    b8aca3cf0ea838093bd29b70ead608597260b0e35886d491d17c304878f99510fd885d96a191080acb5b706a642253bd9cbe5065ff234472b048fcce282061de

    Download Submit

  • files/dom-1.html

    Filesize

    70KB

    MD5

    4d74c17449e01a5c1fd46f45d8981e70

    SHA1

    f3e68fb2f54c9a4df7c04add09f33b0e9b6f86da

    SHA256

    fbbc412711de7251404cef18eeb79c24996e79bdd6cb898002166b0076fb197e

    SHA512

    171eea1b83f61270473fcf41dc2e324ef3633f1590fe4160e6f6d060b0e45ac3562de6be354f4d6b61cfb12d8a80566c54017c151cb0a7bb2e92ea97dcb15fbc

    Download Submit

  • /storage/emulated/0/Download/.pending-1740835688-YZNMDB.apk
    Filesize

    1.9MB

    MD5

    113bf9a690e87995f9096604cc5dae93

    SHA1

    5e29a840ea633a3ff32a8bcc522aecd8ce03ca0d

    SHA256

    d701f8e812f1ce493fd0befed6fb63cebcf1284966e0c861afd5cb1c6e6085e4

    SHA512

    366d483e1dfbabf7b99499732442931bf502dfaa3e86666d752573f4749f0a0d88ddbc61ff6303552b65dd11d8bf82d54e743e31e7668217b9f6eb8f8c925387

    Download Submit

  • /storage/emulated/0/Download/.pending-1740835688-YZNMDB.apk (deleted)
    Filesize

    512KB

    MD5

    59071590099d21dd439896592338bf95

    SHA1

    6a521e1d2a632c26e53b83d2cc4b0edecfc1e68c

    SHA256

    07854d2fef297a06ba81685e660c332de36d5d18d546927d30daad6d7fda1541

    SHA512

    eedb6cadbceb2c991fc6f68dccb80463b3f660c5358acd7d705398ae2e3df2b4327f0f6c6746486848bd2992b379776483a98063ae96edb45877bb0314874668

    Download Submit

  • /storage/emulated/0/Download/.pending-1740836078-YZNMDB (1).apk (deleted)
    Filesize

    2.4MB

    MD5

    f3f4f3e913e3790cd49feef9f96a3960

    SHA1

    713f74b8a475d8424db4f382c28fa076c59c8924

    SHA256

    82eeee5a9e0b5d5951e62e87869bd29eda78e1ce0555479d10e994d2826b5606

    SHA512

    36aa8d2dfc4cf924c0fddb7adfe0c3c9afc597261fb8d3643c24876cf34874e6b3165d60067047baafc4f5f7d79148864b859b884c952342764fc4450ea98ac5

    Download Submit