irata | 7e4143dd27644a0aedc66130c2a0a56e7aa556e75135f2c6a40c1106228e3fad

General

Target

7e4143dd27644a0aedc66130c2a0a56e7aa556e75135f2c6a40c1106228e3fad.apk
Size

1.9MB
Sample

240429-brrrbsee7v
MD5

1f5c2daab9da9349c61abe950c661aba
SHA1

6da1a8574e1cd927a139c7be328b867c243070d5
SHA256

7e4143dd27644a0aedc66130c2a0a56e7aa556e75135f2c6a40c1106228e3fad
SHA512

cea9bc240975e13c373125dfe83ea6aed144f11e7935282669a74843b464d8fc2def552c07e48286a69b2350182ba644fbe994cec546fc52dd857c5bfabadb6c
SSDEEP

49152:9//SRcduCkmkYwPxtlOHiPJ+PSD/yS+0VTWtHubvw8wiOZSmKIM7:VKR8uCbkX5ss0PSD6ECtObvXwiO4N7

Score

10^/10

Malware Config

Extracted

Family

irata

C2

https://vahidtried.nitrocp.site/wa//contact.php?result=ok&action=upload&androidid=

https://vahidtried.nitrocp.site/wa//requests.php

https://vahidtried.nitrocp.site/wa//sms.php?result=ok&action=upload&androidid=

Targets

- Target
  
  7e4143dd27644a0aedc66130c2a0a56e7aa556e75135f2c6a40c1106228e3fad.apk
- Size
  
  1.9MB
- MD5
  
  1f5c2daab9da9349c61abe950c661aba
- SHA1
  
  6da1a8574e1cd927a139c7be328b867c243070d5
- SHA256
  
  7e4143dd27644a0aedc66130c2a0a56e7aa556e75135f2c6a40c1106228e3fad
- SHA512
  
  cea9bc240975e13c373125dfe83ea6aed144f11e7935282669a74843b464d8fc2def552c07e48286a69b2350182ba644fbe994cec546fc52dd857c5bfabadb6c
- SSDEEP
  
  49152:9//SRcduCkmkYwPxtlOHiPJ+PSD/yS+0VTWtHubvw8wiOZSmKIM7:VKR8uCbkX5ss0PSD6ECtObvXwiO4N7
Score

7^/10

discovery persistence
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

1

T1624

Broadcast Receivers

1

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

1

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Registers a broadcast receiver at runtime (usually for listening for system events)

Acquires the wake lock

Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks

static1

behavioral1

behavioral2

behavioral3