General
-
Target
4db089fa45c1020a1afbccb6cc3b6d6787cf2ea0915cee8c30511a6bd442fdea
-
Size
9.1MB
-
Sample
240424-nmjw5shc7w
-
MD5
5370662f62322102f2d1dbfae3d976e3
-
SHA1
46adf52a9bdb91088503746767e10765faa182ea
-
SHA256
4db089fa45c1020a1afbccb6cc3b6d6787cf2ea0915cee8c30511a6bd442fdea
-
SHA512
764ee3a58550479af3d6d88d2e5c08385d4fa81e53fe0e92eef45ad100007bd30480ebe735c0e65bc17415a4e8e4dc258f1907fd23a01e05b3948be8e1f63032
-
SSDEEP
196608:qkvJJN8EQVDWIV0VmjAd8AI5deCXTWrpSmAFVM+ndHah:qkvVBfI2VxrGdHX+pSmAFVpVi
Malware Config
Extracted
ahmyth
http://91.92.241.192:4444
Targets
-
-
Target
4db089fa45c1020a1afbccb6cc3b6d6787cf2ea0915cee8c30511a6bd442fdea
-
Size
9.1MB
-
MD5
5370662f62322102f2d1dbfae3d976e3
-
SHA1
46adf52a9bdb91088503746767e10765faa182ea
-
SHA256
4db089fa45c1020a1afbccb6cc3b6d6787cf2ea0915cee8c30511a6bd442fdea
-
SHA512
764ee3a58550479af3d6d88d2e5c08385d4fa81e53fe0e92eef45ad100007bd30480ebe735c0e65bc17415a4e8e4dc258f1907fd23a01e05b3948be8e1f63032
-
SSDEEP
196608:qkvJJN8EQVDWIV0VmjAd8AI5deCXTWrpSmAFVM+ndHah:qkvVBfI2VxrGdHX+pSmAFVpVi
Score7/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about running processes on the device
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries the mobile country code (MCC)
-
Acquires the wake lock
-