Overview

overview

10

Static

static

10

1c110a129b...6b.apk

android-9-x86

7

1c110a129b...6b.apk

android-10-x64

1

1c110a129b...6b.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c110a129bdaab64320d8f0f40fc1c5397735e91c86cbef9024027d98636db6b

  • Size

    4.7MB

  • MD5

    6d0ebb01c1a099b0b9fc1fb22d3c727b

  • SHA1

    617b87a3f072da3442d16f91cab97ecc67273d09

  • SHA256

    1c110a129bdaab64320d8f0f40fc1c5397735e91c86cbef9024027d98636db6b

  • SHA512

    d33ff1762668ba25a20153e732e6ec24879ee277fb173973fc26b082a3e3bd8230aac58ecfe0069a1a6b872d118539cad843faebceae143afa25cd04c153918c

  • SSDEEP

    98304:lanAA75bLAHAYi0kaZVYeLfxc2TNrQzVgzGz5Gc0I+In4ATubXWfVY3EaMI:dA5UgYPZNLfxc0NrgKzGzUc4GYXwVX2

Score
10/10
airavat

Malware Config

Extracted

Family

airavat

C2

https://insta-vip-default-rtdb.firebaseio.com

Signatures

  • Airavat family
    airavat
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 11 IoCs

Files

  • 1c110a129bdaab64320d8f0f40fc1c5397735e91c86cbef9024027d98636db6b
    .apk android

    sigma.male

    .MainActivity


Android Permissions

1c110a129bdaab64320d8f0f40fc1c5397735e91c86cbef9024027d98636db6b

Permissions

android.permission.INTERNET

android.permission.VIBRATE

android.permission.ACCESS_NETWORK_STATE

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.RECORD_AUDIO

android.permission.FOREGROUND_SERVICE

android.permission.READ_SMS

android.permission.RECEIVE_SMS

android.permission.SEND_SMS

android.permission.BROADCAST_SMS

android.permission.SEND_SMS_NO_CONFIRMATION

android.permission.CALL_PHONE

android.permission.WRITE_CALL_LOG

android.permission.READ_CALL_LOG

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.SET_WALLPAPER