.MainActivity
android.intent.action.MAIN
General
-
Target
instagram.apk
-
Size
5.5MB
-
MD5
04f4d0c5c669e3a10dd001cce3a33e5c
-
SHA1
f056b0681e4cedd412c1007a9b74ad9832c39460
-
SHA256
22863248801a28d8312ba09fac50a3a9eacddeaf39e1a6fb05e09c8351f81094
-
SHA512
791cacf7c4622e76c4a1a0ba055fe3941b6a692329941ea475111469de6dfd16793333dc7d696eb313aee183d6ea05379872abdde56bbc16f655b91c5d771100
-
SSDEEP
98304:RdgUtVMWIivYb8AptrwAz4/GRA8uNnAlubXWHl8UofrF9JYV6t:RntVDIiQAAptkAc/Ga8uNAKX45V6t
Score
10/10
Malware Config
Extracted
Family
airavat
C2
https://research-model-8ad6b-default-rtdb.europe-west1.firebasedatabase.app
Signatures
-
Airavat family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
instagram.apk
sigma.male
.MainActivity
Android Permissions
instagram.apk
Permissions
android.permission.INTERNET
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.BROADCAST_SMS
android.permission.SEND_SMS_NO_CONFIRMATION
android.permission.CALL_PHONE
android.permission.WRITE_CALL_LOG
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.SET_WALLPAPER