Overview

overview

10

Static

static

10

بازی-سکسی.apk

android-9-x86

10

بازی-سکسی.apk

android-10-x64

10

origin.apk

android-9-x86

6

origin.apk

android-10-x64

7

origin.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    بازی-سکسی.apk

  • Size

    6.8MB

  • Sample

    241209-bwwwvaslbq

  • MD5

    345638ed395c65e7d9e85269bcdc6593

  • SHA1

    9edc329cfa4e5e539cfff1bee41d37938ce20da4

  • SHA256

    dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096

  • SHA512

    3c02cffd9b70d18da2d60f03a224b87b30004c5d4783b5b47a84e29213987a1c9589f318108e594d76c9be1d41278c5bf47815e169765c928255e2dc3900c0cd

  • SSDEEP

    196608:F/IxDRwIs+K0U1qmHv7hFOTpLKzc2crncT+8:FAxdw4HmqmHNFc5KeW

Score
10/10
irataandroidcollectioncredential_accessdiscoveryimpactinfostealerpersistencerattrojan

Malware Config

Targets

    • Target

      بازی-سکسی.apk

    • Size

      6.8MB

    • MD5

      345638ed395c65e7d9e85269bcdc6593

    • SHA1

      9edc329cfa4e5e539cfff1bee41d37938ce20da4

    • SHA256

      dda5cd8d5c1cf43f0197552c140d7bc396a0be913a3556590d2fe45ffdd3c096

    • SHA512

      3c02cffd9b70d18da2d60f03a224b87b30004c5d4783b5b47a84e29213987a1c9589f318108e594d76c9be1d41278c5bf47815e169765c928255e2dc3900c0cd

    • SSDEEP

      196608:F/IxDRwIs+K0U1qmHv7hFOTpLKzc2crncT+8:FAxdw4HmqmHNFc5KeW

    Score
    10/10
    iratadiscoveryinfostealerpersistencerattrojancollectioncredential_accessimpact

    • Irata

      Irata is an Iranian remote access trojan Android malware first seen in August 2022.

      trojaninfostealerratirata

    • Irata family

      irata

    • Irata payload

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Requests dangerous framework permissions

    behavioral1behavioral2

    • Target

      origin.apk

    • Size

      3.5MB

    • MD5

      60a50546ee79e6756c8571dbce141010

    • SHA1

      59ae8063374f16100e93b49dbb3e29187d0703ab

    • SHA256

      6a34ecd487969eb57e9558916da2af5761d6e010ef9c941aed22e4b4679e0b2c

    • SHA512

      2de954c16d2d57aea1cbfdba73ff1d68414a3b03423d657abe8da42a52069d6acd09cb2bf2681394aa1fd8b0f0fe5b9bf015e06671bf49eff82322d820255f06

    • SSDEEP

      49152:f7vrJFUtDJDTYxkXGGF8pfbkTQuLD3SEg7Eu78y/5dwzmsk9mt8f1lMpCP6H63A:71yt9DEOdCfbk1baR8A5C6s1t4fWRCA

    Score
    7/10
    discoverypersistencecollectioncredential_accessimpact

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Acquires the wake lock

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral3behavioral4behavioral5

MITRE ATT&CK Mobile v15

Tasks