ir.siqe.holo.MainActivity
android.intent.action.MAIN
General
-
Target
99a168e33252358824a7d10aacf8e8a4ce8104ea89013d53b62931a26f90e0bf
-
Size
3.8MB
-
MD5
4e45b15cf374348b4ab640e96a58e06c
-
SHA1
5b1454384de007cc1d2ef7052a7f70f888f2995d
-
SHA256
99a168e33252358824a7d10aacf8e8a4ce8104ea89013d53b62931a26f90e0bf
-
SHA512
a632860b1c99c72f593e2cea9e21175dad6c9bdd94ac4524385b4b8ad9892fe5193be6d5c5d2326ac2eaabc7d9a18cc85e29f4ed5248b3247b32e8237eff7f21
-
SSDEEP
98304:SHMCZGjMT+BjDg2cDcccoc2cBcjcRckcVcrc8cfc1ckcl:SvKBVcDcccoc2cBcjcRckcVcrc8cfc1y
Score
10/10
Malware Config
Extracted
Family
irata
C2
https://ler-shaprak.ga/Dostyabi/?e=27259
https://ler-shaprak.ga/SmsRequest.php?phone=
Signatures
-
Irata family
-
Requests dangerous framework permissions 2 IoCs
Files
-
99a168e33252358824a7d10aacf8e8a4ce8104ea89013d53b62931a26f90e0bf
realrat.siqe.holo
ir.siqe.holo.MainActivity
Android Permissions
99a168e33252358824a7d10aacf8e8a4ce8104ea89013d53b62931a26f90e0bf
Permissions
android.permission.INTERNET
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.RECEIVE_SMS
android.permission.READ_SMS