Resubmissions

27-08-2024 09:34

240827-lj6kmawbml 10

09-06-2023 09:41

230609-lnrl9sbg83 10

General

  • Target

    eblagh.apk

  • Size

    2.1MB

  • MD5

    6cfeee3ec52dc569ca7f5ccaba4110c9

  • SHA1

    96f2cbfaf41c79665fde6daa02ffb3d08a067643

  • SHA256

    4ca30f92aadf9409173eef9491281e7e389a9d9f913edf018d554339b7c12594

  • SHA512

    4592027af2e5dfc6be1810cf8ddaf02c6625b21b5d413e140fe3f32cf869299f8cef04c83e6e68a05d096a91fd6ebe9c90402b86e9786ef5215fd9be8abb1fd6

  • SSDEEP

    49152:r/0MokTjvWLBos1T7/1W4yYRHd8vt/OVxfMgSSp+t:z0xGTW1vRyYR98cfOSgt

Score
10/10

Malware Config

Signatures

  • Irata family
  • Irata payload 2 IoCs
  • Requests dangerous framework permissions 4 IoCs

Files

  • eblagh.apk
    .apk android

    com.rez.ir

    .main


Android Permissions

eblagh.apk

Permissions

android.permission.INTERNET

android.permission.READ_SMS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.FOREGROUND_SERVICE

android.permission.WAKE_LOCK

android.permission.ACCESS_NETWORK_STATE

com.google.android.c2dm.permission.RECEIVE

com.rez.ir.permission.C2D_MESSAGE

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

android.permission.SEND_SMS

android.permission.ACCESS_WIFI_STATE

android.permission.RECEIVE_SMS

android.permission.READ_CONTACTS