General

  • Target

    b6c115a3579945890f88e9228c334661cfd7568e37299acbad11c0836f71379a

  • Size

    2.2MB

  • MD5

    f493d784d06d6ecf87d38152146aa85c

  • SHA1

    bc426caedd1a210e8bfd8974a1efb5774823257c

  • SHA256

    b6c115a3579945890f88e9228c334661cfd7568e37299acbad11c0836f71379a

  • SHA512

    63c3cbb436ce4b347c0cf38cd08d4a48cfdb22b116af12834cec7a4f6e6bbceaa5f63b6e95926b3cf6e5830568d9759c06895aa4594ef1c51818572568654be4

  • SSDEEP

    49152:YzL7ZBnlz6QWz9Ert9kWmNzQj4EYc5VZfuH9Z7ybg8058bdxZC+gSyp:o9Nlz6QWz9Ert9kWmNzFc/ZfSOg80yZi

Score
10/10

Malware Config

Extracted

Family

irata

C2

https://edu-center.eu/Rat.php?phone=

https://edu-center.eu/apk.php

Signatures

  • Irata family
  • Requests dangerous framework permissions 2 IoCs

Files

  • b6c115a3579945890f88e9228c334661cfd7568e37299acbad11c0836f71379a
    .apk android

    realrat.siqe.holo

    ir.siqe.holo.MainActivity


Android Permissions

b6c115a3579945890f88e9228c334661cfd7568e37299acbad11c0836f71379a

Permissions

android.permission.INTERNET

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.RECEIVE_SMS

android.permission.READ_SMS