General

  • Target

    NEAS.d9e0892578de9679d5520535f83386443b1a4d97426c528e47ee562b727f8ebe.zip

  • Size

    4.1MB

  • MD5

    8f1ed3a90a31128c227583cfbba826f6

  • SHA1

    8190bb865c30752b8dd80c4b537e7c80abf703fb

  • SHA256

    d9e0892578de9679d5520535f83386443b1a4d97426c528e47ee562b727f8ebe

  • SHA512

    2288e7ec2b008fba880ecfda9beb9e256ccecb526bd610f8d87649303edc7e9b896e6ff02569792360c3349aba175972ecf21b2573f365d8937a88ca5e8c6b50

  • SSDEEP

    98304:OcdEaUBfjygLCr8MmLtci79c8WdLqyXgDxW:OciaSj4m5FhcLdJQVW

Score
10/10

Malware Config

Signatures

  • Irata family
  • Requests dangerous framework permissions 6 IoCs

Files

  • NEAS.d9e0892578de9679d5520535f83386443b1a4d97426c528e47ee562b727f8ebe.zip
    .apk android arch:arm arch:x86 arch:arm64 arch:x64

    com.drnull.v3

    com.drnull.v3.MainActivity


  • baseline.prof
  • baseline.profm
  • chat_id.txt
  • url.txt

Android Permissions

NEAS.d9e0892578de9679d5520535f83386443b1a4d97426c528e47ee562b727f8ebe.zip

Permissions

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.POST_NOTIFICATIONS

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.drnull.v3.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION