ahmyth | 442016df9ae41e675b20c6a225282cffcf8f4e259ac50d04497c9c9c8e60c452 | Triage

Sharing

General

Target

Framework1.0_JC.apk
Size

293KB
Sample

230901-tm4jfafg8y
MD5

a3d2be01b33a758822f1640c32788f32
SHA1

71ba7ada38b96220eac9d172310933a83e9a8649
SHA256

442016df9ae41e675b20c6a225282cffcf8f4e259ac50d04497c9c9c8e60c452
SHA512

25134cb72a544981cea0c3e1133a098cfd4c30fa7677f20376d511fceeb469d005fa2749d5b205bc6d635de36cddb2dde668935b57ce250e102885f00261888e
SSDEEP

6144:6f7KQq29bsCBcUP/9xLZR+1ZBct5Ec3I8bfPHdD8LX:m7Kn2oCiQ9u7ct5ETg9D8r

Score

10^/10

ahmyth android

Malware Config

Extracted

Family

ahmyth

C2

http://8.tcp.ngrok.io:11735?model=

Targets

- Target
  
  Framework1.0_JC.apk
- Size
  
  293KB
- MD5
  
  a3d2be01b33a758822f1640c32788f32
- SHA1
  
  71ba7ada38b96220eac9d172310933a83e9a8649
- SHA256
  
  442016df9ae41e675b20c6a225282cffcf8f4e259ac50d04497c9c9c8e60c452
- SHA512
  
  25134cb72a544981cea0c3e1133a098cfd4c30fa7677f20376d511fceeb469d005fa2749d5b205bc6d635de36cddb2dde668935b57ce250e102885f00261888e
- SSDEEP
  
  6144:6f7KQq29bsCBcUP/9xLZR+1ZBct5Ec3I8bfPHdD8LX:m7Kn2oCiQ9u7ct5ETg9D8r
Score

7^/10
- Tries to add a device administrator.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3