androrat | 5abe451539bdb230d34edca5bc2ea333572d83220be7163eb46e4f4c2f444344 | Triage

Sharing

General

Target

rat.apk
Size

2.2MB
Sample

250330-fjkp9sspy8
MD5

09a3156200f624d7e99841429b297e34
SHA1

6a8046070df3d3cd82486dca7460ea04c47e1f8c
SHA256

5abe451539bdb230d34edca5bc2ea333572d83220be7163eb46e4f4c2f444344
SHA512

d7c5532921dc3b6e503a687b6ae9e611198bb6211e14642033f462b07ed9d7ccc5f7d1df3c47dfb61f28302139f4048be722d51ee40ab2c0f7ab93affc78b9b3
SSDEEP

49152:MX01o6fxgvYZsRT4SVYr8cKrIszayzaLcTnQCITCiU77:ME19ZoT4wYocKVz0MnQhU7

Score

10^/10

androrat android evasion stealth trojan

Malware Config

Extracted

Family

androrat

C2

172.17.0.1:8000

Targets

- Target
  
  rat.apk
- Size
  
  2.2MB
- MD5
  
  09a3156200f624d7e99841429b297e34
- SHA1
  
  6a8046070df3d3cd82486dca7460ea04c47e1f8c
- SHA256
  
  5abe451539bdb230d34edca5bc2ea333572d83220be7163eb46e4f4c2f444344
- SHA512
  
  d7c5532921dc3b6e503a687b6ae9e611198bb6211e14642033f462b07ed9d7ccc5f7d1df3c47dfb61f28302139f4048be722d51ee40ab2c0f7ab93affc78b9b3
- SSDEEP
  
  49152:MX01o6fxgvYZsRT4SVYr8cKrIszayzaLcTnQCITCiU77:ME19ZoT4wYocKVz0MnQhU7
Score

8^/10

evasion stealth trojan
- Removes its main activity from the application launcher
  stealth trojan evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Suppress Application Icon

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionstealthtrojan