General

  • Target

    73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f.apk

  • Size

    6.0MB

  • MD5

    341a8467de34ed980f463df9e464668c

  • SHA1

    bfb966575c285122e4c7deb35b8f0d4befe84fad

  • SHA256

    73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f

  • SHA512

    4d7982daaba408b9c0f46011e53ad6441297d68c32259eed20bc1ee6ee64ec421434b782231ba1661bc0d87f7317702c634f7de38e5db8d0a1173e107775ee84

  • SSDEEP

    98304:9sYgxq7b6+w77NRDS5J/wZkGB8wXV5mJQ9cZfOlN5wEQ9gPUcrcU1DrDvHfrmy:r7Bwtc5RCkGiwXn4Q9cZfOr5wEQeJ139

Score
10/10

Malware Config

Extracted

Family

ratmilad

C2

http://api.numrent.shop/api/v1/

Signatures

  • Ratmilad family
  • Requests dangerous framework permissions 13 IoCs

Files

  • 73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f.apk
    .apk android

    com.example.confirmcode

    com.example.confirmcode.MainActivity


Android Permissions

73d04d7906706f90fb81676d4f023fbac75b0047897b289f2eb34f7640ed1e7f.apk

Permissions

android.permission.ACCESS_WIFI_STATE

android.permission.INTERNET

android.permission.READ_PRIVILEGED_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.READ_PHONE_NUMBERS

android.permission.WAKE_LOCK

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.GET_ACCOUNTS

android.permission.READ_SMS

android.permission.READ_CONTACTS

android.permission.READ_CALL_LOG

android.permission.READ_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.RECORD_AUDIO