← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Rafel RAT, Android Malware from Espionage to Ransomware Operations - Check Point Research
WHITE Threat Armature_TIP 2025-02-22 Modified: 2025-02-22
22
IOCs
MEDIUM VOLUME
A study by security firm Check Point Research has identified a range of malicious software designed to target Android devices, and identified an espionage group using Rafel RAT to carry out such operations, as well as ransomware.
androidrafel ratrafelandroid malwarecheck pointpakistandevice admininternalservicegoogleresearchlifelodaransomindonesiapixelnexuspatchmalwareransomwareaprilthreattrojansoctoberaugustandroid versionfebruaryattack
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Trojans Android Threat Rafel
Indicators of Compromise (6 / 22 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 21c2de1ee0ea905c3c9ed6ab1bb09ced MD5 of c94416790693fb364f204f6645eac8a5483011ac73dba0d6285138014fa29a63 2025-02-22
FileHash-MD5 4a40410e3ed082aa20d4eaa508ed451d MD5 of 5148ac15283b303357107ab4f4f17caf00d96291154ade7809202f9ab8746d0b 2025-02-22
FileHash-MD5 4e604e03cba3ad8da5f1ebbd7ba100bb MD5 of 9b718877da8630ba63083b3374896f67eccdb61f85e7d5671b83156ab182e4de 2025-02-22
FileHash-MD5 578ab3fb6d1b6313f106518128053931 MD5 of 344d577a622f6f11c7e1213a3bd667a3aef638440191e8567214d39479e80821 2025-02-22
FileHash-MD5 94bca3926cd70f60d54be7218dd7ac55 MD5 of d1f2ed3e379cde7375a001f967ce145a5bba23ca668685ac96907ba8a0d29320 2025-02-22
FileHash-MD5 d92eecc462e59f3e2061a6a568935b96 MD5 of 442fbbb66efd3c21ba1c333ce8be02bb7ad057528c72bf1eb1e07903482211a9 2025-02-22
References (1)
↗ https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/