Overview

overview

10

Static

static

10

be6716415c...JC.apk

android-9-x86

7

be6716415c...JC.apk

android-10-x64

7

be6716415c...JC.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be6716415c8f117ac0d290833825ac7ddab7f18666cd6e68218db31f3da357c2_JC.apk

  • Size

    2.8MB

  • MD5

    8b8d7db29e70be64c18a1cc8d02da680

  • SHA1

    7211bd56ac1466abc6a6202b800156c38e111c9d

  • SHA256

    be6716415c8f117ac0d290833825ac7ddab7f18666cd6e68218db31f3da357c2

  • SHA512

    3656c4d3ec2b33288b0c6d1e99b020da4b75c32021d0cdacc49d8d13efb0da44dbf3b3f92ca97b69daa135c5131357791266a72f7229feeacdb7a08afaa1db00

  • SSDEEP

    49152:Ddt/H72XiLaqL6UGM5QS6D/pK/nGx5gmoq1gPXK/5Yv7xqiS92PbvuMVI:D7vCiLaIduZ/p2q1gPXKBwO2aMVI

Score
10/10
irata

Malware Config

Signatures

  • Irata family
    irata
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 8 IoCs

Files

  • be6716415c8f117ac0d290833825ac7ddab7f18666cd6e68218db31f3da357c2_JC.apk
    .apk android

    com.geek.girl

    .main


  • mainpage.bal
  • port.txt

Android Permissions

be6716415c8f117ac0d290833825ac7ddab7f18666cd6e68218db31f3da357c2_JC.apk

Permissions

com.geek.girl.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION

android.permission.INTERNET

android.permission.WAKE_LOCK

android.permission.FOREGROUND_SERVICE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.READ_CONTACTS

android.permission.READ_SMS

android.permission.CALL_PHONE

android.permission.VIBRATE

android.permission.POST_NOTIFICATIONS

android.permission.WAKE_LOCK

android.permission.FOREGROUND_SERVICE

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.geek.girl.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.READ_PHONE_STATE

android.permission.GET_ACCOUNTS

android.permission.QUERY_ALL_PACKAGES