.main
android.intent.action.MAIN
General
-
Target
sahamedalat.apk
-
Size
2.1MB
-
MD5
cc7c7ed39be8209efad50e2082204a01
-
SHA1
8bb50aa056ba49f41b846499bde01dc04be492bc
-
SHA256
787c97c60bc80116fc6d83d2087ee283e3431ea3e466a5924ea7643df7d5aaf6
-
SHA512
31da02192a76e516aa2c7fd0bb70d91304f92ca824b0982e8479d22d312024de82788783f440d1f3a7d0670924904b74aeb3f3128bf07505ab33ed1cab9b6775
-
SSDEEP
49152:AEKLaQq99XNEFTMcIkynI4Ctv3MeNtPiffyLpm822Yy3mX:AR+QqPSFTMcIbI4SNrxph2ce
Score
10/10
Malware Config
Signatures
-
Irata family
-
Irata payload 1 IoCs
-
Requests dangerous framework permissions 4 IoCs
Files
-
sahamedalat.apk
com.MrXnxVip.global
.main
-
layout.bal
-
port.txt
Android Permissions
sahamedalat.apk
Permissions
com.MrXnxVip.global.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
android.permission.INTERNET
android.permission.READ_SMS
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.POST_NOTIFICATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_NETWORK_STATE
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
com.MrXnxVip.global.permission.C2D_MESSAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.ACCESS_WIFI_STATE