Overview

overview

10

Static

static

10

75bc0a1913...4f.apk

android-9-x86

6

75bc0a1913...4f.apk

android-10-x64

6

75bc0a1913...4f.apk

android-11-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f

  • Size

    3.3MB

  • MD5

    8971f70b6ddcad8077f0832e4e96a249

  • SHA1

    9c03b3d74df86166e747bc85f3ac9651886e0175

  • SHA256

    75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f

  • SHA512

    7db1fc5e9d2e5433759ec5819ce95425685ba1874dd799279fa3b851e823c98520a41b63cab3162181fa6abc20789fca499103f601445941875b374dd83ee2b1

  • SSDEEP

    98304:ZEVF6aL7fDW3v0AMYfccAteMOQ/97o1einVQL1wviIu:Z46x3vKcAti+QeinIpIu

Score
10/10
irata

Malware Config

Extracted

Family

irata

C2

https://uskgavm.gq

Signatures

  • Irata family
    irata
  • Irata payload 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • 75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f
    .apk android

    ir.shz.shzkisi

    .main


Android Permissions

75bc0a1913c404f1c02eea4a95900226a53b3775af78ee035e0b39c369d44b4f

Permissions

android.permission.INTERNET

android.permission.READ_SMS

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

ir.shz.shzkisi.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.SEND_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS