androrat | 3438bc077550138a51a2cf35f41e54a86f0654ac5452782b69f6f95c713e78cc | Triage

Sharing

General

Target

help.apk
Size

2.2MB
Sample

250330-eyt2taslt4
MD5

0471827cca1e413182ecc5b25fae2d16
SHA1

f565d14584951f53dc79964331f6d211399bb87e
SHA256

3438bc077550138a51a2cf35f41e54a86f0654ac5452782b69f6f95c713e78cc
SHA512

eb14ad9589352e409c48155f4e5f3d8408320f0775b38def6d11ad9f6cd0464781df3207484757e37068124f1278ba5b9e466d61a16bb6eb25b1bc8c24da1cf3
SSDEEP

49152:uPiLwsl1gvYcXYThnzFDLtGCvIh88YWtSZ7+N2fFzHVuwJLitXnA:u6LNHnxDLt/LGIZqSFDvLKQ

Score

10^/10

androrat android evasion stealth trojan

Malware Config

Extracted

Family

androrat

C2

10.0.10.28:8000

Targets

- Target
  
  help.apk
- Size
  
  2.2MB
- MD5
  
  0471827cca1e413182ecc5b25fae2d16
- SHA1
  
  f565d14584951f53dc79964331f6d211399bb87e
- SHA256
  
  3438bc077550138a51a2cf35f41e54a86f0654ac5452782b69f6f95c713e78cc
- SHA512
  
  eb14ad9589352e409c48155f4e5f3d8408320f0775b38def6d11ad9f6cd0464781df3207484757e37068124f1278ba5b9e466d61a16bb6eb25b1bc8c24da1cf3
- SSDEEP
  
  49152:uPiLwsl1gvYcXYThnzFDLtGCvIh88YWtSZ7+N2fFzHVuwJLitXnA:u6LNHnxDLt/LGIZqSFDvLKQ
Score

8^/10

evasion stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionstealthtrojan