.MainActivity
android.intent.action.MAIN
General
-
Target
AndroidRat.apk
-
Size
5.5MB
-
MD5
51e26f39c79f845548f1e75f74c7c517
-
SHA1
3baa6b8a7eaab4204865d4177a8a65cc0c39ef70
-
SHA256
21387422589551d9d521eb3362eb6194f27324912d1a39e8d0fe85785fcd8278
-
SHA512
1ee9c4a88aade68c648778c0be47902dda46c14b22a800ae65738284c75d212db78b8e6121b237089418856b83e767cdd14497af2204cb9d2a0efc66f64e05ff
-
SSDEEP
98304:NwubXW62AALy6GqYZpcQb788aGg82Qr9pzbuV7zphCIJaL31C8UofrFF3NPMP:NrXZJ6nicQHNaf8/IXrJaD1T3VMP
Score
10/10
Malware Config
Extracted
Family
airavat
C2
https://sigma-b2650-default-rtdb.firebaseio.com
Signatures
-
Airavat family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 2 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
AndroidRat.apk
sigma.male
.MainActivity
Android Permissions
AndroidRat.apk
Permissions
android.permission.INTERNET
android.permission.VIBRATE
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.RECORD_AUDIO
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.BROADCAST_SMS
android.permission.SEND_SMS_NO_CONFIRMATION
android.permission.CALL_PHONE
android.permission.WRITE_CALL_LOG
android.permission.READ_CALL_LOG
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.SET_WALLPAPER