{
  "name": "Technical Analysis of Copybara",
  "slug": "technical-analysis-of-copybara",
  "description": "This report presents a comprehensive technical analysis of a newly discovered variant of the Copybara Android malware. The malware, which emerged in November 2021, is primarily spread through voice phishing attacks. It utilizes the MQTT protocol for command-and-control communication and abuses Android's Accessibility Service to exert control over infected devices. The malware downloads phishing pages mimicking cryptocurrency exchanges and financial institutions to steal user credentials. The analysis covers 59 supported commands with detailed functionality descriptions, providing valuable insights into the malware's capabilities.",
  "published": "2024-08-22T16:16:26+00:00",
  "created_at": "2024-08-22T16:16:26+00:00",
  "modified_at": "2024-08-22T16:52:39+00:00",
  "created_at_opencti": "2024-08-22T16:16:26+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-08-22",
    "android",
    "copybara"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "46.249.35.219"
      },
      {
        "id": "",
        "name": "213.109.192.177"
      },
      {
        "id": "",
        "name": "213.109.147.35"
      },
      {
        "id": "",
        "name": "212.237.217.111"
      },
      {
        "id": "",
        "name": "193.31.41.93"
      },
      {
        "id": "",
        "name": "193.3.19.37"
      },
      {
        "id": "",
        "name": "176.126.113.210"
      },
      {
        "id": "",
        "name": "159.100.20.184"
      },
      {
        "id": "",
        "name": "176.124.32.39"
      },
      {
        "id": "",
        "name": "159.100.13.181"
      },
      {
        "id": "",
        "name": "146.19.143.42"
      },
      {
        "id": "",
        "name": "146.103.41.28"
      },
      {
        "id": "",
        "name": "80.251.153.96"
      },
      {
        "id": "",
        "name": "194.99.22.182"
      },
      {
        "id": "",
        "name": "scarica-app.site"
      },
      {
        "id": "",
        "name": "scarica-app.icu"
      },
      {
        "id": "",
        "name": "scarica-app-token.com"
      },
      {
        "id": "",
        "name": "la-nuova-app.cc"
      },
      {
        "id": "",
        "name": "la-mia-app.com"
      },
      {
        "id": "",
        "name": "generali-verifica.com"
      },
      {
        "id": "",
        "name": "installa-app.com"
      },
      {
        "id": "",
        "name": "entrar-y-confirmar.com"
      },
      {
        "id": "",
        "name": "enlace-cliente.com"
      },
      {
        "id": "",
        "name": "descarga-app-sign.com"
      },
      {
        "id": "",
        "name": "datos-cliente.com"
      },
      {
        "id": "",
        "name": "clienti-dati.com"
      },
      {
        "id": "",
        "name": "clienti-verifica.com"
      },
      {
        "id": "",
        "name": "descargar-e-instalar.com"
      },
      {
        "id": "",
        "name": "f91fd4f9b6594446144ba865356fde07669ea0b46a62ddd926bb8cac0aa04dc9"
      },
      {
        "id": "",
        "name": "f6975b1a9ab8935d45d6c2d94540b67b2374827734593c126785924afffb6634"
      },
      {
        "id": "",
        "name": "f703f31f7b9ef95f820a724ebcee36377e2f4a42c92756b819bea6f34ec96cac"
      },
      {
        "id": "",
        "name": "eb779ec4ed2c85e114a18db89b8ef9c7a19adc907748d1f18076e167f79bf04b"
      },
      {
        "id": "",
        "name": "eb1f89b2edaeda18023a6ea5cd7a4b2997e4839e1f3d57e54c5b7a1b64407874"
      },
      {
        "id": "",
        "name": "e82b0023abcc4bdb549f319389620c4cbd8ffabe8648168db31db62fd84a6904"
      },
      {
        "id": "",
        "name": "e57565bd3f398508321470f857dfb07c195ed9b7b494ba00dc7c407ac8b8f3e1"
      },
      {
        "id": "",
        "name": "e3875e3b20be42f38f457cf0b0d85683535472b47535635ec42da52b73b27e6e"
      },
      {
        "id": "",
        "name": "e328dde9fa6db3da195e813696973657cc4fe636601cb0061a75c5086b04aa95"
      },
      {
        "id": "",
        "name": "e097bb08da761ae5780e6c600c79738e36285a59589098dde53c88611c1ac66a"
      },
      {
        "id": "",
        "name": "de242d9428a378a1b0dacb2e8d481fdfb062a47450f815c13e105975d5a41663"
      },
      {
        "id": "",
        "name": "d887be78f443fabeb348ac2f85e1d42ed4d1c2cfc87d9e314c4b812c0b1fcfd8"
      },
      {
        "id": "",
        "name": "d852f48e1c8a37d11f9dfb90f339316a5a3fa012bf152db43de1e81b45a69ba7"
      },
      {
        "id": "",
        "name": "d23ef9fe27b116d982f8ebafb99587ffc9cc6c9b932f1b2d5efab2dad156e65e"
      },
      {
        "id": "",
        "name": "cad56908abd1508451a5af4a5304de092f0342ec6a24bbbeb9b3988683483c84"
      },
      {
        "id": "",
        "name": "c8c73080a2eb18ad1434ac408e916f3f819637550dfe07f20ad79e66ec1b2cf9"
      },
      {
        "id": "",
        "name": "c32eb3b850a20e4715a6db40635de9fc6cefad840ce7e64e9c68c2b3e378ee7e"
      },
      {
        "id": "",
        "name": "bff6fb5cbb1c0f8d05e2c6acefcf499a9c22f10d7db8aeda994638bf75018fbf"
      },
      {
        "id": "",
        "name": "bcae6ea26fe1dd1fa5652e05c1b888186307ad277ce238a255908061b837a484"
      },
      {
        "id": "",
        "name": "b99fc0a9eea993d6b5a04b0a0b05fe103f164fb85281fcddb04ac686daee065f"
      },
      {
        "id": "",
        "name": "b5c206d8f980c8fa12a29886fad49f6a1469264055740cdf763efa7f726cd8d7"
      },
      {
        "id": "",
        "name": "b4379324c7dc1fc623bcd9d2e8099dc3588ac23f87f33151d1c1005a1f33e713"
      },
      {
        "id": "",
        "name": "b217e4f8143a6fbbad2e0667ce8242fc207274a78ce464af9b122df8ba12690b"
      },
      {
        "id": "",
        "name": "b1b6a2d91e6fcc07322edce92aa75c13763b6844b2a1a549eeaf0f536bdc6183"
      },
      {
        "id": "",
        "name": "b009ad0ed336f1e4bff3f452e238b3ea83d3bc7773f52d16d057298c116a95ea"
      },
      {
        "id": "",
        "name": "ad1182d8bf3b1976e09f45b91085167559bc24e8f5e3f7315f96f344532cbcf8"
      },
      {
        "id": "",
        "name": "afa3c43141a5b6f2473d49cdfa0bce1bf0af235a40f3ec092299287291137841"
      },
      {
        "id": "",
        "name": "ab85b62cad1a4009bf99c621b4950ee23c413b5c424952f225497bca7a318a99"
      },
      {
        "id": "",
        "name": "a8cc088426c6406f03ccedbb854e8dc83543d38c98a405db15074e9531731ade"
      },
      {
        "id": "",
        "name": "a46537ccf4a188091f973a47b7186ee805539a0e5d94c62867cec08cec1c33e6"
      },
      {
        "id": "",
        "name": "a1a1fbdb6070ff388642974b1616d1955c2a89fbb8702caa02fa6927adbdad6c"
      },
      {
        "id": "",
        "name": "9f693923e5641c046bdcadf10b4e2b553d078b98afc2e30f2d72660b1e0161ed"
      },
      {
        "id": "",
        "name": "9c136701362e2d661805257c02e23c9aa01b9081e1a559571f947390522fc51b"
      },
      {
        "id": "",
        "name": "9b204f839aed79d4c27f8d28198ef596dec9848a27a51f0672743a91e618677c"
      },
      {
        "id": "",
        "name": "989cf5faf307304f86db03180978ba4bd93c909bb458db83fcebe4fb48d7a002"
      },
      {
        "id": "",
        "name": "9830b91dfcf987a2556afd85893f8569c6ba03e3ebb194ecb6b32dafbc22e1e1"
      },
      {
        "id": "",
        "name": "9762eba15b893609b9461125c5adbcaf3bac7fea9536ffca72566abfa1bed084"
      },
      {
        "id": "",
        "name": "91fda73902e1a2a76b999df11caa4532c9c440d6f3da63dc03e0a78109d7583a"
      },
      {
        "id": "",
        "name": "8bbb6cd5277177beb86b037ef77d6fcbae4a51a19668063d4d1b40ce2453dad3"
      },
      {
        "id": "",
        "name": "8a2f6ff8aa1a6b416cb0aaa1530a8178c53760a69ce5c14d1d16ee880c335a4f"
      },
      {
        "id": "",
        "name": "8b05684a73f44ed82c0faf424b2d41a0c7b00c2fef4d7dc232c5433739a59f6c"
      },
      {
        "id": "",
        "name": "878bb68727daf025c0c9619d1d12337c289489f1190410ca4025c47f39357aa5"
      },
      {
        "id": "",
        "name": "85901707c7d058269820671e10af027eeadd39ee15f079cff340eed0f0ac9c2e"
      },
      {
        "id": "",
        "name": "868ce8fa932c46b6de18455dfc0935a75029cc10c7b484bc358cdfabf0b0c533"
      },
      {
        "id": "",
        "name": "7ffbc88e97be67214ad17325142ceb54823a5bdcebdbd4e4c9d0c65b3f0a1813"
      },
      {
        "id": "",
        "name": "7fa3d58a0056e8492a84894a6fd3b3d0d87ff1f9656f5e54b10580b9a4a4fd6a"
      },
      {
        "id": "",
        "name": "7b3262b6c3ad52e50e2ec6faf1ffb12ca08f0d17ac4f90420f13a6053b7f9622"
      },
      {
        "id": "",
        "name": "7a165645df48f6bde0fd5939a3e15d160826d944e603c34d46a7285f02f0941e"
      },
      {
        "id": "",
        "name": "790b166081fd763cc6239881a78ba5c4d757b8f98d1b5d5f7abfdede76f54c05"
      },
      {
        "id": "",
        "name": "767e4c42cefc4a29921f612f14611cf56b7d950ba91ccdd3a59adb57f25b7d18"
      },
      {
        "id": "",
        "name": "731a58248c7b467bc9d9a7482d8cb010242b3a534904ddc39471fa0620752d22"
      },
      {
        "id": "",
        "name": "6bc1ac4f844a6940c9e083c32bbf3f469b1322cc5aa83e12ab1a7f35cdb51c23"
      },
      {
        "id": "",
        "name": "6da8e49d8e083ec705985effa03cdb60cdd736f04ed711211b2a3842c815a708"
      },
      {
        "id": "",
        "name": "5bc6f1986a6e794e8feb78c763fef5f8cbb59f3696daa468aba058fb79befbf0"
      },
      {
        "id": "",
        "name": "6b15d8508e6782c25dc48618bbbe9b53c8c9a822655a8e52b7370e034fae7564"
      },
      {
        "id": "",
        "name": "4daf21a708afc06c0da4ee6e192a6db6405efb1e3a9eb6905cc69d501e781c8b"
      },
      {
        "id": "",
        "name": "4b43f7145eebe4c07d208911b9d74c7c996a5037a04d52e4c38a80c2456d1187"
      },
      {
        "id": "",
        "name": "472feeabc60fdcc87345574586a7599ead1625c94bf75f373e9086b4a6cfedbe"
      },
      {
        "id": "",
        "name": "447c387fca23aea2b0b78f1cf9ee1c369078196fe3c3051bb99309268d4a9f79"
      },
      {
        "id": "",
        "name": "41b61acc644add0a40ec6dbda231ae41f9de478fbf8cc029bc89d95a2829a53e"
      },
      {
        "id": "",
        "name": "40df5d874ed86aa65454d3d7becc334b7ca2dcb11754f9131135071a98752691"
      },
      {
        "id": "",
        "name": "376ff4dbea2e3570a5cb98a8b335c0503d050fecd7bb4f65d252b1b596d14fc7"
      },
      {
        "id": "",
        "name": "2d5e80f752608faa23f05e6558a695fcac261d78b9979d6746dc11dc995665e3"
      },
      {
        "id": "",
        "name": "2a5d05a6bfb3a73a91d88c15384c9b384d9309e8db0ed4e348d1a85d0f6729db"
      },
      {
        "id": "",
        "name": "2a1118c91d97a34e06344191eff546c062f81ccf58a7fa7bf1ec206a42d36c2b"
      },
      {
        "id": "",
        "name": "28323f93a6657363a0637341358303485d2cf240995457fc8393fb6b74f10d30"
      },
      {
        "id": "",
        "name": "29e642ef6bd41f343f66210e924724bb343432affd1ed25bf386d638ae79ee87"
      },
      {
        "id": "",
        "name": "24a58d1168d02009c97095e75387765e63b320a0dde1f8a9a7c8e3689a3f6dfb"
      },
      {
        "id": "",
        "name": "230f3d74004fee235055e786aba413abff2ed5cf4faa1987a070493be28c75d1"
      },
      {
        "id": "",
        "name": "22988cbb286f387036ced6fca6bb72b9f5e326706ad99065bc04bb8cb5dc4a12"
      },
      {
        "id": "",
        "name": "22046aaef8a6439d1f5f2980b4d6282e7b69e98c95a0f52010d8953f0cb5e736"
      },
      {
        "id": "",
        "name": "1a3e682c924edc1dc0a525f7f1c3e2534cb2945dfaf5bad52089592d216c6c7b"
      },
      {
        "id": "",
        "name": "1487cfbb6d702b8b2cfa88a6d586c092cdfbb472274ff54f894df35edd2f9d3e"
      },
      {
        "id": "",
        "name": "19e74d9f5649e9180b2b32b95c654e7fe448d989a44c15c9b3c245fa3150df5a"
      },
      {
        "id": "",
        "name": "13b904ed2391fed303979b8b8fe0ac72a356cab091057600237fc8ac784db82a"
      },
      {
        "id": "",
        "name": "136efade44da726858480a9b56aab5a9509e7c04b71fec08e9b779c069632d8c"
      },
      {
        "id": "",
        "name": "11470b5107f563c19ab92929a0e0ee5cf1b0c95fdd146f69ff9f9d4123f908cb"
      },
      {
        "id": "",
        "name": "0280536885bb406bc8cd90631bb48ddd809dcf16ecfb5acdc2e75c40171a63af"
      },
      {
        "id": "",
        "name": "01b0e9cb7e864e753261b94e3e652254968d8188562a5abfc240d19fa783bc5f"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:7ac5a69a144c54bc",
        "name": "Copybara",
        "slug": "copybara"
      }
    ],
    "attack_patterns": [
      {
        "id": "5086ed63-99c3-4498-9809-6063fb8e5dc0",
        "name": "T1600.001"
      },
      {
        "id": "bf00a05b-873c-4341-9d91-0aa52b28def2",
        "name": "T1592.001"
      },
      {
        "id": "974c830f-44ef-4037-a4f8-c0aa492a78de",
        "name": "T1600"
      },
      {
        "id": "88fd8eb3-cc2d-4ff0-92ff-d047dafc7855",
        "name": "T1592.002"
      },
      {
        "id": "d048ac4b-dd28-4c66-b62b-fe25cefef481",
        "name": "T1548.002"
      },
      {
        "id": "5a32ed20-a829-486a-a501-df0874217745",
        "name": "T1537"
      },
      {
        "id": "1e043fe4-2413-4b8e-887c-0fe45d095a24",
        "name": "T1583"
      },
      {
        "id": "1f2ce0cc-430c-4317-a332-83a27cbad1d3",
        "name": "T1548"
      },
      {
        "id": "6660b66c-3909-4927-a22f-c6d2b806b06a",
        "name": "T1530"
      },
      {
        "id": "32817170-4c07-427e-b8a5-80a733ae2550",
        "name": "T1497"
      },
      {
        "id": "cf746a02-00ea-419e-912d-7b03f969c491",
        "name": "T1518.001"
      },
      {
        "id": "29398669-98ed-4766-9dac-f9632f7175ff",
        "name": "T1518"
      },
      {
        "id": "6d618903-d9f6-4747-aec2-7630f43c1908",
        "name": "T1496"
      },
      {
        "id": "747c7b95-79ff-4132-8ea5-397cb6665ebd",
        "name": "T1498"
      },
      {
        "id": "29f7ff93-033b-4f8d-8691-5bcaa438c80f",
        "name": "T1592"
      }
    ]
  },
  "external_refs": [
    "https://www.zscaler.com/blogs/security-research/technical-analysis-copybara",
    "https://otx.alienvault.com/pulse/66c7807a25c0da4218ce424c"
  ]
}