General

  • Target

    97385a971614680d0989be024edd007d1ccde5ca6075d5146ce965aa171a66d4

  • Size

    2.0MB

  • MD5

    56680f9334b6e5dc4f3f07ec0a530368

  • SHA1

    df73f8d4d264f48c34b2d70db7a4ec0006799ec5

  • SHA256

    97385a971614680d0989be024edd007d1ccde5ca6075d5146ce965aa171a66d4

  • SHA512

    77d2b09cba42c8973ed6f8e161cedcbf164713e51834424106e5384aa5ee1bc84ea7a8cba9bf730aac59a6297ac453b84a307932a934dfff18146ba9c6bb5590

  • SSDEEP

    49152:sASerW/HN+7tvGjqQ/cG7VhgC9LaW4tC6JA:sTfN+dGmObgCQnJA

Score
10/10

Malware Config

Extracted

Family

irata

C2

https://iranplms.cf/data/83563/index.php

https://iranplms.cf/data/83563/sms5.php?phone=

Signatures

  • Irata family
  • Requests dangerous framework permissions 2 IoCs

Files

  • 97385a971614680d0989be024edd007d1ccde5ca6075d5146ce965aa171a66d4
    .apk android

    Caco333.siqe.holo

    ir.siqe.holo.MainActivity


Android Permissions

97385a971614680d0989be024edd007d1ccde5ca6075d5146ce965aa171a66d4

Permissions

android.permission.INTERNET

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_SMS

android.permission.READ_SMS