.MainActivity
android.intent.action.MAIN
General
-
Target
Instagram_src_sign(Copy).apk
-
Size
5.5MB
-
MD5
a64b52af666ac8508f0c414de3284813
-
SHA1
6490034e0f75fa4da9cbeeb378e6142e69ae3c21
-
SHA256
0edae656db4b5626b6dde1786af67d455a843d8fa6059a5a88eeb2b0ae214aa2
-
SHA512
71bd20bbf513faf86022d0c2ac30fcb7725884f7aab73ce6b13fbce3cf8301158fb8582ca6889d22dd3bd113545a8b15a85c3dd1cc2a6084c058dd45da902f03
-
SSDEEP
98304:NwubXW62AALy6GqYZpcQb788aGg82Qr9pzbuV7zphCIJaL31M8UofrFF3NP2:NrXZJ6nicQHNaf8/IXrJaD1B3V2
Score
10/10
Malware Config
Extracted
Family
airavat
C2
https://sigma-abc9a-default-rtdb.firebaseio.com
Signatures
-
Airavat family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
Instagram_src_sign(Copy).apk
sigma.male
.MainActivity
Android Permissions
Instagram_src_sign(Copy).apk
Permissions
android.permission.INTERNET
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.BROADCAST_SMS
android.permission.SEND_SMS_NO_CONFIRMATION
android.permission.CALL_PHONE
android.permission.WRITE_CALL_LOG
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.SET_WALLPAPER