Index of /publicDatasets/Android-Mischief-Dataset/AndroidMischiefDataset_v2/RAT06_Saefko

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]RAT06_Saefko_Screenshots/2021-05-07 15:53 -  
[DIR]RAT06_Saefko_zeek/2021-05-07 15:53 -  
[TXT]README.md2021-05-07 15:53 2.2K 
[TXT]README.html2021-05-07 15:53 2.7K 
[   ]RAT06_Saefko.log2021-05-07 15:53 5.4K 
[   ]RAT06_Saefko.apk.zip2023-04-18 09:31 1.4M 
[   ]RAT06_Saefko.pcap2021-05-07 15:53 47M 

Details of the execution of the RAT Saefko Attack Systems.

Author: Kamila Babayeva (kamifai14@gmail.com, @_kamifai_), Student Researcher at the Stratosphere Laboratory. https://www.stratosphereips.org/

RAT downloaded from: https://www101.zippyshare.com/v/cpeEy6E0/file.html

Executed RAT Contoller Environment:

Executed Victim Environment:

Phone Status Before The Infection:

RAT APK (RAT06_Saefko.apk):

- File Name when put into the phone: app-release.s.apk

Packet Capture (RAT06_Saefko.pcap):

- Controller:
    IPv4: 192.168.131.1
    IPv6: 2001:718:2:903:f410:3340:d02b:b918
    Link-Local IPv6: fe80::8052:f37c:25e9:69f0
- Victim:
    IPv4: 192.168.131.2
    IPv6: 2001:718:2:903:b877:48ae:9531:fbfc
    Link-local IPv6: fe80::2efc:36f:ce23:fac1
- First Packet of the Infection: 36728
- UTC Time of the Infection: 2021-04-10 14:55:09

All captures were done in CEST time (GMT+2). Which means that your tools looking at the pcap files may show a different time depending on your time zone. Since the time of capture inside the pcap file is 000000, then if you are in timezone GMT+1, you will see in your tools the packets with 1hs less of when they were captured. The real capture time is in the log file.

Files with information about this execution:

- Log file RAT06_Saefko.log - very detailed and specific time log of all the actions performed in the client and the server during the experiment, such as taking a picture, etc.
- Screenshots folder RAT06_Saefko_screenshots - a folder with screenshots of the mobile device and controller while performing the actions on the client and server
- Packet capture RAT06_Saefko.pcap - network traffic captured on the victim’s device
- APK RAT06_Saefko.apk - APK generated by the RAT’s builder
- Folder RAT06_Saefko_zeek - generated Zeek logs of RAT06_Saefko.pcap