.main
android.intent.action.MAIN
General
-
Target
NEAS.042744f8880dc7c4c90fc393c2c5641327df6a9a1865c591f3a2a79c00a1bbbdapk_JC.zip
-
Size
3.0MB
-
MD5
b8f569d5fbebc9aa461deb7a883a68b6
-
SHA1
9489afab8cfbd22489060053499c56f7e99c0cce
-
SHA256
042744f8880dc7c4c90fc393c2c5641327df6a9a1865c591f3a2a79c00a1bbbd
-
SHA512
0c0584035a4c59919c36b6565f5a44a185ed3073939434b671caf7f1e7533a8b3b39e1d6ba92f76e271edc2a71a75e88cee0d3b923a5c216476a6a78cef7d205
-
SSDEEP
49152:J1PQ6WVc7eq/ZZKaB02y2vatAs0qyy10ZappUonYhqO9u6nupWJI:J1PtWVc7eq/ZA+y2vakz2capGSRO9BnE
Score
10/10
Malware Config
Signatures
-
Irata family
-
Irata payload 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
NEAS.042744f8880dc7c4c90fc393c2c5641327df6a9a1865c591f3a2a79c00a1bbbdapk_JC.zip
ir.shz.forosh
.main
-
layout.bal
-
port.txt
Android Permissions
NEAS.042744f8880dc7c4c90fc393c2c5641327df6a9a1865c591f3a2a79c00a1bbbdapk_JC.zip
Permissions
ir.shz.forosh.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
android.permission.INTERNET
android.permission.READ_SMS
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.POST_NOTIFICATIONS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.ACCESS_COARSE_UPDATES
android.permission.READ_PHONE_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.FOREGROUND_SERVICE
com.google.android.c2dm.permission.RECEIVE
com.google.android.gms.permission.AD_ID
ir.shz.forosh.permission.C2D_MESSAGE
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.ACCESS_WIFI_STATE