Resubmissions
07-12-2023 11:05
231207-m6zahahh25 10General
-
Target
Gen (1).exe
-
Size
70.9MB
-
Sample
231207-m6zahahh25
-
MD5
73ad2032f4d740e4cac02184e7f523b0
-
SHA1
6e636935fc8d9afc1e65a9ce088e34d36afe670d
-
SHA256
0183f676a448fc1aaeb561dc84aa400e4ae792b707641560f2b534f6bb353021
-
SHA512
aa2b8147a82272d7c75e5e9d3af6c5c3ec16dcc59f0f45924b08fc7b1916994123195d52b8d007efc2e0c2187530321c207caa3b1a6978af4c76126269058baa
-
SSDEEP
1572864:fU4/4rzOchPKZ3QBDvQ3Vhb7/0ogoL9oZI7Kk1TeLAjSu3I7:ffkqcdoivYhUuBoZw4tT7
Static task
static1
Behavioral task
behavioral1
Sample
Gen (1).exe
Resource
win11-20231129-en
Malware Config
Targets
-
-
Target
Gen (1).exe
-
Size
70.9MB
-
MD5
73ad2032f4d740e4cac02184e7f523b0
-
SHA1
6e636935fc8d9afc1e65a9ce088e34d36afe670d
-
SHA256
0183f676a448fc1aaeb561dc84aa400e4ae792b707641560f2b534f6bb353021
-
SHA512
aa2b8147a82272d7c75e5e9d3af6c5c3ec16dcc59f0f45924b08fc7b1916994123195d52b8d007efc2e0c2187530321c207caa3b1a6978af4c76126269058baa
-
SSDEEP
1572864:fU4/4rzOchPKZ3QBDvQ3Vhb7/0ogoL9oZI7Kk1TeLAjSu3I7:ffkqcdoivYhUuBoZw4tT7
Score10/10-
Irata
Irata is an Iranian remote access trojan Android malware first seen in August 2022.
-
Irata payload
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-