Overview

overview

10

Static

static

10

4c52e6a16b...dd.apk

android-9-x86

7

4c52e6a16b...dd.apk

android-10-x64

7

4c52e6a16b...dd.apk

android-11-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2bf79ecbf3a9cf2b7e8e4d99087a74a5.bin

  • Size

    3.3MB

  • MD5

    ee21116473b2c9385a0f07f4eb065b50

  • SHA1

    b91f448f224c30b42cffe935d92b9aba1eee9f93

  • SHA256

    c1ca73792690ae205a4c3f55a3f01ed01906568fc96f31e5e130120a9165d203

  • SHA512

    866b33de7f35bdb5cd8793005f453f8fdab2f81ed4af29f0d855a634757fc90e158869cfa4514f4b80347ae574d5171a6089ba36d114248be5e8f88b8d42ff7b

  • SSDEEP

    49152:o3C+FeOYTT/xBLMZ/EnM6TI2qlMkE2D7L6qkhOc08MvHyIv/Mk+Du9+134CLgadX:4CxfTDxBLM+fJCP/k1uv/MkQgugcZ

Score
10/10
irata

Malware Config

Extracted

Family

irata

C2

https://uploads.dachhost

Signatures

  • Irata family
    irata
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • 2bf79ecbf3a9cf2b7e8e4d99087a74a5.bin
    .zip

    Password: infected

  • 4c52e6a16bf9df19fa77455a7c87eaba81fcd094d547004306122d83dda36bdd.apk
    .apk android

    Password: infected

    ir.shz.shzkisi

    .main


  • Toxic-Port.txt
  • lmain.bal
  • url.txt