irata | 0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e[.]zip

General

Target

0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.zip
Size

4.8MB
MD5

6cab35d5f68f60a64dfd58cf78bbb997
SHA1

cdc2fdb5ac5ad9217e05d5426587c4af0ea7f55f
SHA256

d334e283c7e8f3cba04a75ac172e8288a9896ef47b395af33168882c617b61da
SHA512

4430006fa57476f519fa7df5e4d6d8ec7f9f038636990fc1e46abe35eb731b9bef477dbe6c9fcfd5d51f3af079168cac53f4d21fd8a182a5eca548bf193d80f3
SSDEEP

98304:Ei5YFV4Pl5ru3sd9IsTPsWd/zn14z3SrbSOcEJAKZT05pZZWI8tT7umuvy:1tXfd9I947nMRE2cKr4umWy

Score

10^/10

irata

Irata payload 1 IoCs

resource	yara_rule
static1/unpack001/0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.apk	family_irata4

Requests dangerous framework permissions 2 IoCs

description	ioc
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE

0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.zip
.zip

Password: infected
0c41a6b7c502d2b21d3a42817339dcb64f4d00ce94941d7b951cef899bb9e68e.apk
.apk android

Password: infected

android.upgaraa.shah

.main

Activities

.main

android.intent.action.MAIN

Permissions

android.permission.RECEIVE_SMS
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

.k$k_BR

android.intent.action.BOOT_COMPLETED

.ss$ss_BR

android.intent.action.BOOT_COMPLETED

Services