888rat | 2a4cf22220b95ad1f802efd1ae8abea56e83dc598d66eb073d75882d20858e39 | Triage

Resubmissions

16/03/2025, 03:52

250316-efh7latrx5 10

06/10/2023, 08:12

231006-j3vlcshh7x 8

09/09/2021, 12:48

210909-p13rvagbf2 8

Sharing

General

Target

up4net-Xwakurk-1-0-4.apk
Size

15.3MB
Sample

250316-efh7latrx5
MD5

ae866cd8ff9ad51b09bc2799fbdef3d2
SHA1

43f36c86bbd370884e77dfd496fd918a2d9e023d
SHA256

2a4cf22220b95ad1f802efd1ae8abea56e83dc598d66eb073d75882d20858e39
SHA512

3d70132d84524a0fc4f98079471c0ab9c59dadabb14a353b22e678d8b96fe38a6115a3acd6a0ce00e17eb55a26be34b54f74af4eb57ad7ae9caa67036d317fc7
SSDEEP

393216:zV8ZRS/ppA21NdpalnK/VndDjJK29KGOeuAhKXaJ6M71k2zmz48:JWRQpR1RmK/VndDjJQGOjAQXa0Mppzml

Score

10^/10

888rat android defense_evasion discovery infostealer persistence rat trojan

Malware Config

Targets

- Target
  
  up4net-Xwakurk-1-0-4.apk
- Size
  
  15.3MB
- MD5
  
  ae866cd8ff9ad51b09bc2799fbdef3d2
- SHA1
  
  43f36c86bbd370884e77dfd496fd918a2d9e023d
- SHA256
  
  2a4cf22220b95ad1f802efd1ae8abea56e83dc598d66eb073d75882d20858e39
- SHA512
  
  3d70132d84524a0fc4f98079471c0ab9c59dadabb14a353b22e678d8b96fe38a6115a3acd6a0ce00e17eb55a26be34b54f74af4eb57ad7ae9caa67036d317fc7
- SSDEEP
  
  393216:zV8ZRS/ppA21NdpalnK/VndDjJK29KGOeuAhKXaJ6M71k2zmz48:JWRQpR1RmK/VndDjJQGOjAQXa0Mppzml
Score

10^/10

888rat defense_evasion discovery infostealer persistence rat trojan
- 888RAT
  888RAT is an Android remote administration tool.
  trojan infostealer rat 888rat
- 888Rat family
  888rat
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  defense_evasion persistence
- Queries information about active data network
  discovery
- Requests dangerous framework permissions
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

888ratdefense_evasiondiscoveryinfostealerpersistencerattrojan