General

  • Target

    saham.apk

  • Size

    4.7MB

  • MD5

    28a9fb7993181a0f59befaa669054301

  • SHA1

    82f7f0ade19ef8153d07c11c38350cf7aa315716

  • SHA256

    c99b939853d2113c4c5bef3a57bbe461bce322209273fc4de794a6ff3ffd7042

  • SHA512

    6773832876481cc062c47e1a5f08e3695e5ad479b5a5079e81272baad892f1dde853865b739f4ae89381410cd562b6193f360228dfb97e9cc454c18e3d6bcc73

  • SSDEEP

    98304:CyDpMtmyeB5v6gLCr8JxvcftoIwWWt0z3bdtwW/tpor5W:pDq7u1xv2toJcbzwQor5W

Score
10/10

Malware Config

Signatures

  • Irata family
  • Requests dangerous framework permissions 6 IoCs

Files

  • saham.apk
    .apk android arch:arm arch:x86 arch:arm64 arch:x64

    com.drnull.v3

    com.drnull.v3.MainActivity


  • baseline.prof
  • baseline.profm
  • chat_id.txt
  • url.txt

Android Permissions

saham.apk

Permissions

android.permission.CALL_PHONE

android.permission.INTERNET

android.permission.POST_NOTIFICATIONS

android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.SEND_SMS

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

com.drnull.v3.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION