General

  • Target

    fefd0a9dcbbed5363888b63e134879288e645e1eea389c76af6ed5b44947bbb0_JC.apk

  • Size

    2.1MB

  • MD5

    f3050a7ca81c7173a6780de0d78d8b45

  • SHA1

    651e3356a4df6f64c26d7f638336c3db5416a85f

  • SHA256

    fefd0a9dcbbed5363888b63e134879288e645e1eea389c76af6ed5b44947bbb0

  • SHA512

    1677f898f53d80828004a4957fc25bf82bc48cdecb68463ce4a3acea886459556532750237794cd879d2f1b2c81edfe7821e1508dc34d05654ba265a3375040a

  • SSDEEP

    49152:AEj5TF+O+bZuvnW5fZQXB/PdhUGnrY8ezD1dCCvFA3rJpbAqXHKY:Aa5YO+bZuvW5hQXxVhzngC0u3rJSqXHn

Score
10/10

Malware Config

Signatures

  • Irata family
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • fefd0a9dcbbed5363888b63e134879288e645e1eea389c76af6ed5b44947bbb0_JC.apk
    .apk android

    com.MrXnxVip.global

    .main


  • layout.bal
  • port.txt

Android Permissions

fefd0a9dcbbed5363888b63e134879288e645e1eea389c76af6ed5b44947bbb0_JC.apk

Permissions

com.MrXnxVip.global.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

android.permission.INTERNET

android.permission.READ_SMS

android.permission.WAKE_LOCK

android.permission.VIBRATE

android.permission.POST_NOTIFICATIONS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.MrXnxVip.global.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.ACCESS_WIFI_STATE