General

  • Target

    641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823

  • Size

    9.5MB

  • MD5

    790c5d08427133b278814a634a66b373

  • SHA1

    ad04de30db0853f03d0481f3d9d7767b2ecce29d

  • SHA256

    641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823

  • SHA512

    6b074c3e676741ce8b5d7214fe620c5849f066f2bfeb6857f7674caecb43f04fde153f27ced60eeb5979feb5750c272ce49ba2a4bd95039bb3d3b8caa7ee81ef

  • SSDEEP

    196608:Fdk710HuHigflHUXdBP2zsU3pAeaoQA6tDGDKHlexSKdhiU1rrsOMgXjF:nbHuHig+BPksU3pAeaoS42HYQKdhtrsy

Score
10/10

Malware Config

Signatures

  • Irata family
  • Irata payload 1 IoCs
  • Requests dangerous framework permissions 3 IoCs

Files

  • 641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823
    .apk android

    ir.ziba.pankeik

    .main


Android Permissions

641927a434192face33577742da11e6917014e02be9cf684930984d2e4481823

Permissions

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.ACCESS_NETWORK_STATE

android.permission.VIBRATE

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.READ_PHONE_STATE

android.permission.RECEIVE_BOOT_COMPLETED

com.google.android.c2dm.permission.RECEIVE

ir.ziba.pankeik.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

aandroid.permission.RECEIVE_BOOT_COMPLETED