Resubmissions

10-12-2023 02:15

231210-cph7vabeel 10

07-12-2023 12:32

231207-pqktaaaf54 10

General

  • Target

    355cd2b71db971dfb0fac1fc391eb4079e2b090025ca2cdc83d4a22a0ed8f082.zip

  • Size

    2.4MB

  • MD5

    0f0ff78730522fe90105efd30fe1d88d

  • SHA1

    c3e71322acb265d656510c5387e14d420fb524ef

  • SHA256

    26ef4c1a0767150f94a85a4b4641d4e684606d4e67ef9e9733d3a70fefc91576

  • SHA512

    af1ee1403df975fa862200d44df6e807ab3ec60212bed7e367328e1187fd3a2ae6f1095d59e4e5c6881582bafb68903e0059d56b974d4e7b65bd69b2d21f3146

  • SSDEEP

    49152:8lOmE2IO/Spq//3r+xPlcm2q9M+DawKS4dOcYrl+shbnZVgLEFb:8lOX2DSw//3kPKmn1qS4dOcYB+s1nZh1

Score
10/10

Malware Config

Extracted

Family

irata

C2

https://eblaqie.org/pishgiri

https://eblaqie.org/ratsms.php?phone=

Signatures

  • Irata family
  • Requests dangerous framework permissions 2 IoCs

Files

  • 355cd2b71db971dfb0fac1fc391eb4079e2b090025ca2cdc83d4a22a0ed8f082.zip
    .zip

    Password: infected

  • 355cd2b71db971dfb0fac1fc391eb4079e2b090025ca2cdc83d4a22a0ed8f082.apk
    .apk android

    Password: infected

    realrat.siqe.holo

    ir.siqe.holo.MainActivity