irata | 0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e[.]zip

General

Target

0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.zip
Size

4.8MB
MD5

050a72107fb760df201a9cb76b1b8bc1
SHA1

4759845926f1c54521aca1800801c146062ca051
SHA256

1743cafcb977a1dd865bb148eb0a9782407ca73d6de4ae512840eed226e0fdc6
SHA512

03eb85b248f8fe162e451d4440ea3e7aa533393d69f17eb64b4291d05d711d3f5d91090102ee25a52cb4651ba0552d8e4150af0c65ef3e060398f37f4e33dab8
SSDEEP

98304:X7W3bnC7T7lSZhPXWcb2TErs8wxplUvcLLxepLNK1Hpwv2q:XCm7T70PGtwQpukLLxep2Hpm2q

Score

10^/10

irata

Irata payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.apk	family_irata4

Requests dangerous framework permissions 2 IoCs

Processes:

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.zip
.zip

Password: infected
0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.apk
.apk android

Password: infected

android.upgaraa.shah

.main

Activities

.main

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.k$k_BR

android.intent.action.BOOT_COMPLETED

.ss$ss_BR

android.intent.action.BOOT_COMPLETED

Services