irata | NEAS[.]912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772aapk_JC[.]zip

General

Target

NEAS.912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772aapk_JC.zip
Size

3.4MB
MD5

e8c9849cef5703a8418e97bbf2dd1cd6
SHA1

21a6dd109b157631b830a68ef4313e0ec8958cf3
SHA256

912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772a
SHA512

301ad9b984489f6c1b6895bfbdd7f09568ed64895abf9871df59f38565315888953117dff542ee919038af3068a6088b739d8ec6aa30088a962f737b23d769fc
SSDEEP

49152:RPSQWc/ktinEJkJLIET4HrIL/yFgLCrgDqj6xZr67ZfvmD+D:Bd/xEJkJLpTEgLCrgDk6bri+D+D

Score

10^/10

irata

Malware Config

Signatures

Irata family
irata

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

Files

NEAS.912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772aapk_JC.zip
.apk android arch:arm arch:x86 arch:arm64 arch:x64

com.drnull.v3

com.drnull.v3.MainActivity

Activities

com.drnull.v3.MainActivity

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.POST_NOTIFICATIONS
android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND
android.permission.FOREGROUND_SERVICE
android.permission.WAKE_LOCK
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
com.drnull.v3.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Receivers

com.drnull.v3.smsReceiver

android.provider.Telephony.SMS_RECEIVED

com.drnull.v3.FMReceiver

com.google.android.c2dm.intent.RECEIVE

com.google.firebase.messaging.directboot.FirebaseMessagingDirectBootReceiver

com.google.firebase.messaging.RECEIVE_DIRECT_BOOT

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.drnull.v3.FMService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT
baseline.prof
baseline.profm
chat_id.txt

Android Permissions

NEAS.912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772aapk_JC.zip

Permissions

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.POST_NOTIFICATIONS

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.READ_EXTERNAL_STORAGE

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.drnull.v3.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

Sharing

General

Malware Config

Signatures

Files

com.drnull.v3

com.drnull.v3.MainActivity

Activities

com.drnull.v3.MainActivity

Permissions

Receivers

com.drnull.v3.smsReceiver

com.drnull.v3.FMReceiver

com.google.firebase.messaging.directboot.FirebaseMessagingDirectBootReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.drnull.v3.FMService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

NEAS.912f779a26acd7ea345c37fbba8b3b9151193a0ac74986c077330d523fb2772aapk_JC.zip