Overview

overview

10

Static

static

10

d86da41bba...4e.apk

android-9-x86

6

d86da41bba...4e.apk

android-10-x64

6

d86da41bba...4e.apk

android-11-x64

7

Resubmissions

22-09-2022 17:06

220922-vml5tscab5 10

13-09-2022 03:06

220913-dl3mraeef6 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d86da41bbac1a8c9e04313f0db3c76ab661692e83c218b673e038cb75e42994e.apk

  • Size

    2.2MB

  • MD5

    c863eac37df1b80de26334d6dfce8aec

  • SHA1

    ddd76dd8e4de655d7d67aacbec36694e8e221612

  • SHA256

    d86da41bbac1a8c9e04313f0db3c76ab661692e83c218b673e038cb75e42994e

  • SHA512

    cb376ddf558f47d92a53fd281600f2bf9ff760daf2fd53e20ceb1c941d5d3a400d8717a0588fa8676fc6a8fe4beee5d417fdc1581e587631bd3913bed0264135

  • SSDEEP

    49152:B/tI21hWuaWaTxuh0J9ZGc1d30O8xz1EUQq28I3Plb5:JtI21hWua7TxSKVwO4+598Y95

Score
10/10
irata

Malware Config

Extracted

Family

irata

C2

https://cosmidi.xyz

Signatures

  • Irata family
    irata
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • d86da41bbac1a8c9e04313f0db3c76ab661692e83c218b673e038cb75e42994e.apk
    .apk android

    com.psiphon3

    .main


Android Permissions

d86da41bbac1a8c9e04313f0db3c76ab661692e83c218b673e038cb75e42994e.apk

Permissions

android.permission.INTERNET

android.permission.READ_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.psiphon3.permission.C2D_MESSAGE

android.permission.SEND_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS