General

  • Target

    91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3

  • Size

    3.3MB

  • MD5

    871d021d89e2c1f08d2ee8da43aef4f7

  • SHA1

    7941b06247ec6e4faefcf5dbb371c5dc61b5666e

  • SHA256

    91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3

  • SHA512

    29a8d38d0ecaddcf5cbabd562d7a63edf126453c3f686ac0cb1f881b48ee84e7500dc20e51c3c148d71cc703e4958d24120dcdd05d7f98b3de1d98521769cd3d

  • SSDEEP

    98304:QEVF6aL7fDW3v0AMYfccAe2pwFT0rIU3B8jtC8ikX:Q46x3vKcAXGTnUqjskX

Score
10/10

Malware Config

Extracted

Family

irata

C2

https://liveumusk.gq

Signatures

  • Irata family
  • Irata payload 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • 91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3
    .apk android

    ir.shz.shzkisi

    .main


Android Permissions

91f989ba53006d7710488227a800a5ee28e731cbaaa4ba71c5ab4f30c743cfe3

Permissions

android.permission.INTERNET

android.permission.READ_SMS

android.permission.VIBRATE

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

ir.shz.shzkisi.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.SEND_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS