General

  • Target

    Insomnia.Core-8.4.5.exe

  • Size

    142.1MB

  • Sample

    231218-vpk1jsddd6

  • MD5

    57226fd52e2861473c22bf811e44df64

  • SHA1

    9dfd1ecc64447acdd0c7c44d47652b98ff53510d

  • SHA256

    71f39570512da5614436bdff0536deadfabbbfd7d0ad8b92ed85d588d231a01a

  • SHA512

    1c17cc159e0f96787bd779fbfd51b91c8d66025eb365eb421722786e71eb367ac78bc4cf6105dea2b7d19c8a1f259c810b0752e783550dc473248ec8669b0c6e

  • SSDEEP

    3145728:O+IF4fL8YZQ6Fu9gro6nh6sqSDS+7GsomAa6vPCs5+HreGNFXRWK4D5D8IFAN:OTcLNQkCgkmqSDT7j9A7XCs5geMFXRLD

Malware Config

Targets

    • Target

      Insomnia.Core-8.4.5.exe

    • Size

      142.1MB

    • MD5

      57226fd52e2861473c22bf811e44df64

    • SHA1

      9dfd1ecc64447acdd0c7c44d47652b98ff53510d

    • SHA256

      71f39570512da5614436bdff0536deadfabbbfd7d0ad8b92ed85d588d231a01a

    • SHA512

      1c17cc159e0f96787bd779fbfd51b91c8d66025eb365eb421722786e71eb367ac78bc4cf6105dea2b7d19c8a1f259c810b0752e783550dc473248ec8669b0c6e

    • SSDEEP

      3145728:O+IF4fL8YZQ6Fu9gro6nh6sqSDS+7GsomAa6vPCs5+HreGNFXRWK4D5D8IFAN:OTcLNQkCgkmqSDT7j9A7XCs5geMFXRLD

    • Irata

      Irata is an Iranian remote access trojan Android malware first seen in August 2022.

    • Irata payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks