.main
android.intent.action.MAIN
android.intent.action.SEND
android.intent.action.SENDTO
General
-
Target
71896aa37e39028680b628cb05080028.bin
-
Size
3.9MB
-
MD5
f95bf385b00e64bc09f3951b5ed45e2f
-
SHA1
1209ac96b1dc6c12c8d05dbe68f926598c6927a1
-
SHA256
96710ffdfe1c9a72d74339c5136f92d813dfbccd4943d426f1acd864481128e7
-
SHA512
01129861530f045d47be130c0ddec3407572cc0ca37ea21332c10192fdd6cf824e8defee7cdf94a6e2ce9a3855caa8b3e7d047373361ed33cc1232f96a16655f
-
SSDEEP
98304:tsNSeLXWMF4riiC+rcDkf9wZvAq9FDCXWYDLBsqszIxH:Suih+wQf9wZ4q9QGKG30xH
Score
10/10
Malware Config
Signatures
-
Irata family
-
Irata payload 1 IoCs
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 18 IoCs
Files
-
71896aa37e39028680b628cb05080028.bin
Password: infected
-
9c136701362e2d661805257c02e23c9aa01b9081e1a559571f947390522fc51b.apk
Password: infected
com.bnltoken.appnuovatoken
.main