Analysis Overview
SHA256
8bed9331434439b7068e69a531209d9a8620f33ea59aee6c82211ea89701c422
Threat Level: Known bad
The file 8bed9331434439b7068e69a531209d9a8620f33ea59aee6c82211ea89701c422 was found to be: Known bad.
Malicious Activity Summary
Irata payload
Irata family
Requests dangerous framework permissions
Acquires the wake lock
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-20 06:31
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-20 06:31
Reported
2023-12-23 00:03
Platform
android-x86-arm-20231215-en
Max time kernel
2482621s
Max time network
139s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
com.frankygoes.myapkspro
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| FR | 216.58.204.78:443 | android.apis.google.com | tcp |
Files
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 50cb1d9313b2d8d47ea1cb3f32fa1607 |
| SHA1 | d5c8c509bcc3c2730dc754d6c906c79373bf175b |
| SHA256 | bf209056a9143621026907d8f0a25e0ac196a85d332e8c6653be0b1ad83738b7 |
| SHA512 | a05a9b8b4c2312e3c6ff7cf2ea20af4ad05c56395ee321e2e998199b2f7708bec489dd5408689e7d4f4b75f4d5227f56a6557f0e466679c7de3f214ce436d946 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 57cc334497f08a7f7c4f0803b608d9b3 |
| SHA1 | eac5a6c3ce57a042e5ca5c6b620ae03fdf53a019 |
| SHA256 | 0282f38c3d46954a8ba9613e098b7f679d2ca5680b1a769f188f2ea72bc5585f |
| SHA512 | 326aa8565114b8a0d9180f860383fb056b6c1f9a58dbb56fa25935e3359fc5c75145d99e009e90c6f7e1a0c7bbb0a26e82c508c2101c210d059466a0cbe90132 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 72a0bd9ecf251b58f0ee1d24d701cc7b |
| SHA1 | 6e35e4862473cfba41e168c082d943ffea61b5c7 |
| SHA256 | 133a846290b64f65c3e85cc3c624d617f2667c6bb1fd195238e6cb4cc750c368 |
| SHA512 | 163d136aecf00c6cb0a05e7497010406ce4b1585a2b8338f903ff52de85529a478f0e01698005f19f40d504154943536954ab8a34c4358bf4a9e6a75013e6bf8 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | f79660f724dd700bf3b656777332b40e |
| SHA1 | 28323f27d535e0425bf9c79850ea5b59ce02d763 |
| SHA256 | ef1266068b974782b3adc784cc429120259d15bb93769362376e1f4a43178463 |
| SHA512 | 4ba0c2e53575162ff145777f250a24c305d96983471dab916885be94be3ab3fa06c6d910b6a9ba5d85571db159d70cb069a281c4220a16c7d446b5925e891767 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | b141deb4a3c0fabb535b152681a5c436 |
| SHA1 | f2a46a183b73ae63d2d8e4dc2c2b723d49e027b5 |
| SHA256 | 3539a9466ff719aab520ec3598f9c02d6b597cd8cebb171852eac03fe7ab0b6b |
| SHA512 | d4d819c3ad2c24c4220ce270a543607147900b520ce0011c7a9dac23ce5e8d83e9145063a5d914ea9a2545ab1bba551a510a51ab7e7a4e0addf27fa5f07f24be |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-20 06:31
Reported
2023-12-21 17:59
Platform
android-x64-20231215-en
Max time kernel
2374411s
Max time network
161s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
com.frankygoes.myapkspro
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
| GB | 142.250.187.228:443 | tcp | |
| GB | 142.250.187.228:443 | tcp |
Files
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | a5311e1b6a01aa957b56e2809a21ac9d |
| SHA1 | 2fa871dc639cdb8b452f08feb545f33c462dcefa |
| SHA256 | 54263cef4bf2a50f52629df8b58b163fab4b8926a65cbb47e484b52111214090 |
| SHA512 | f6b53d248d83e87b3c9a753063ea16551eb93c1312bf91cbf4b1066d41d868b9cc9a37cae713db65165bfe9de0f9e009a48ddd5e21dd307c4f7da6ccf4c968d4 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 3962a862a5e1d6b73f492cafc6ad9845 |
| SHA1 | a43612c4da1c32c2751252a8a3cfa4886d610519 |
| SHA256 | f5912946dedb3280c387dc25110a0ee7f3fefce53159cb61501171b99ade1d5e |
| SHA512 | d92d38736012a7f1d48290c0f00ea11050128235032d779ce1cf1ff7940e1270e62ac67705c06a603c629db983d35748b3fb799c505a8d7a937759ac9e0b70f6 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 76d4e03da85d746bfb0dbd942e7344b6 |
| SHA1 | 7d7eff0742864e3dd40895a27d647aec2f857d5c |
| SHA256 | 1b0acd53326705a7394e045ab72d0544593cc3ba2d34f2701bedba87431da392 |
| SHA512 | 31924886425fe5585efffdf17910dd193941b24d5379188bf5571511dd325fdaffd09309ecdaaefcca06fa51a218a85e1c3ad3ba5a7cf0e0bf6aecf93f376436 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 368b2230efbc44547e3fc16485efdf89 |
| SHA1 | ba3a6103f66df98600f410e533365514155012df |
| SHA256 | 83c4aece05d9d5e319668ed0dcfca0b56ca1975015c80786c4185c2cda51bcdf |
| SHA512 | 5b8ecb2833016d5791a6d02c158ff2299fe4f19c312165744924766c39998f5e4a2022e4cd737aa21225484373afff4da1d3b22d293d27d0c39a3a5a099127e1 |
/data/data/com.frankygoes.myapkspro/files/settings.dat
| MD5 | f1b1295fbadf50a69b6c6c04ebb8956e |
| SHA1 | 94563ecd002ea006237fe292cd9baaf9240bf9bf |
| SHA256 | 690584bb33c4b02a59e2d36e3e9d9899740c62f84df7b1de7770eb48a2b2c210 |
| SHA512 | 6e646dbd2a98cebaa9364b32f615c3ef32af6185aff453fdfd2d932d33852e39de002df5b12df8e2f713c4129a03443d8c26fec88956520900a9584069b632d7 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-20 06:31
Reported
2023-12-21 18:00
Platform
android-x64-arm64-20231215-en
Max time kernel
2374420s
Max time network
149s
Command Line
Signatures
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
com.frankygoes.myapkspro
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.10:443 | udp | |
| GB | 142.250.178.14:443 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| FR | 216.58.204.74:443 | tcp | |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| FR | 216.58.204.74:443 | tcp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| FR | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp | |
| GB | 142.250.180.4:443 | tcp |
Files
/data/user/0/com.frankygoes.myapkspro/files/settings.dat
| MD5 | fb785e929ad0b68b19cc52838f9c4a02 |
| SHA1 | 19a7cf541a6039d2e8bda7baa7f842355d66faf2 |
| SHA256 | ad39b0c468b903b3cfadb47b661b1c3ce7f68ce5f4ef301a6eed0bc68b69de6f |
| SHA512 | 68af48242dcc09a2b089728a0b10dfeadef42d2a8228dbae93be00ecb348928f0d5f5684809b1fdc2b3c15b7cc6f358957df490bfddb957ba87c04ab3d0ac6fc |
/data/user/0/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 988095b2c00c14944711609d944e765d |
| SHA1 | 8071eef638ef32199f992cb078675b75dbd1b904 |
| SHA256 | 6608a447699dd7ee4a8052c109262008e1644062a8263dec1f5e7de3c958a16e |
| SHA512 | eaa0cc33e5020bc6a1b51176cff2f824d6f2343b22131fd65e4e69360efaaeaeb0db4977193a5a9b01d67b140ba71db6adfa982bf28d26f081204fbdb7c7a087 |
/data/user/0/com.frankygoes.myapkspro/files/settings.dat
| MD5 | fd1baa5c666bb26b415b20822be7b2b9 |
| SHA1 | a830c080872b11e0eec1cb9db5df9029eda79ddb |
| SHA256 | ff622399a316c707db1ab3092d641a36811a142efb3eba412ff81b7332054121 |
| SHA512 | ef201b7b2740ae980bad5bae855e6f10b5fbb8dd6451a748888e39c49188681ee511de3e5af6f95fa029d0526694116833f622b6f0e030827ecd09fe7504b236 |
/data/user/0/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 21f019953852dedbac8b6534cf022f54 |
| SHA1 | 8443888173ff6706ca341e6caf86b48239ee3b22 |
| SHA256 | 5b3cb1bc971b663bfb01d94b667f3cb8b9d4ce85531b5ece34978f570aa4b5c1 |
| SHA512 | 74201d148bf591411feb32a012b0f7f266173a95992498a7fcff9167b41a6b37e8638062e5ceed9c9efc8fe28e884f2af01e729cf1f2c985fd77898c45b0e813 |
/data/user/0/com.frankygoes.myapkspro/files/settings.dat
| MD5 | 608942539e0bb9793cc40e6d79b927b2 |
| SHA1 | 119ca96926b0c5ecda72279fbd7c5aedf801b9cf |
| SHA256 | bcd935161c05940a65320c3db82923756fa5b303a21690491b8b13b26e2ef604 |
| SHA512 | ff797b76b1b86c90a469e2c132ac4c5eba71da8262e01cd979d9d6d90f52d3c30590fbe7b8ea7994215f44c2f194b629f730560e77ab294fb2f61719455c4541 |