irata | 03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54[.]bin

General

Target

03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54.bin
Size

2.6MB
MD5

30f847d5a5b1cdf43dcb869da668c82e
SHA1

0864ac724143f626c95814cbfe8bf0e61f60307e
SHA256

03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54
SHA512

b5e36ec32e573c5a4c36ab9a9146b853d1cd547e4a66510b861d233e4c5a9ede48258612ef09fda8a855c4e6e49afebfbeb6bf75e9d4ce8455c6383de67e9062
SSDEEP

49152:312xwpAxpgZLA9X3tpelfpSJLzKcbCBy4u8J9V7kJPs5zCbh2mKnywj1Mc7b2R6H:l2xNx6ZLOMSJLzrbq/J9V7kJPAObh2TX

Score

10^/10

irata

Malware Config

Signatures

Irata family
irata
Irata payload 1 IoCs

Processes:

resource yara_rule

sample family_irata4

resource	yara_rule
sample	family_irata4

Declares services with permission to bind to the system 1 IoCs

Processes:

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 5 IoCs

Processes:

description	ioc
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Required to be able to access the camera device.	android.permission.CAMERA
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW

Files

03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54.bin
.apk android

pine.coyzinhu.infee

.main

Activities

.main

android.intent.action.MAIN

Permissions

android.permission.READ_PHONE_STATE
android.permission.WRITE_SETTINGS
android.permission.VIBRATE
android.permission.BIND_WALLPAPER
android.permission.SET_WALLPAPER
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.SYSTEM_ALERT_WINDOW
android.permission.EXPAND_STATUS_BAR
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.INTERNET
android.permission.USE_FINGERPRINT
android.permission.USE_FINGERPRINT
android.permission.BROADCAST_STICKY
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.NFC
android.permission.ACCESS_WIFI_STATE
android.permission.TRANSMIT_IR
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.UNINSTALL_SHORTCUT
android.permission.READ_SYNC_STATS
android.permission.KILL_BACKGROUND_PROCESSES

Receivers

Services

.execucoes

android.accessibilityservice.AccessibilityService

Android Permissions

03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54.bin

Permissions

android.permission.READ_PHONE_STATE

android.permission.WRITE_SETTINGS

android.permission.VIBRATE

android.permission.BIND_WALLPAPER

android.permission.SET_WALLPAPER

android.permission.INTERNET

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.WAKE_LOCK

android.permission.CAMERA

android.permission.ACCESS_NETWORK_STATE

android.permission.SYSTEM_OVERLAY_WINDOW

android.permission.SYSTEM_ALERT_WINDOW

android.permission.EXPAND_STATUS_BAR

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.INTERNET

android.permission.USE_FINGERPRINT

android.permission.BROADCAST_STICKY

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.NFC

android.permission.ACCESS_WIFI_STATE

android.permission.TRANSMIT_IR

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.UNINSTALL_SHORTCUT

android.permission.READ_SYNC_STATS

android.permission.KILL_BACKGROUND_PROCESSES

Sharing

General

Malware Config

Signatures

Files

pine.coyzinhu.infee

.main

Activities

.main

Permissions

Receivers

Services

.execucoes

Android Permissions

03ee96cd00870c2633924716825a32980cfdf7028439f426d0af2683ded1bb54.bin