General

  • Target

    prog.apk

  • Size

    20.5MB

  • MD5

    5682f19f3a2723db1c7141c9157ab93e

  • SHA1

    748ea5d804fafc742824bd4c2f9c0259822de99d

  • SHA256

    583b68d3c917ddc713d8621959f97d7f2636654494027e494f2368409730f88b

  • SHA512

    63884b29b4b4714a2330d43529148ee9e8aba2b3ed62dbf85f9187148f330e846de2cf8516db3d2b8b7cd5b6cfa989b2e9a00e6df89da76e0b317d2ba415d46e

  • SSDEEP

    393216:HHusJA35z7A79L+4wr1mbgafiubc6ZxbdT9i/zVN2I+TX3VsKpPbNiRSKcsLJJ:HRJA35z7c5KBmbBffcQxvi/zVN2IkHGl

Score
10/10

Malware Config

Extracted

Family

andrmonitor

C2

https://anmon.name/mch.html

Signatures

  • Andrmonitor family
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 26 IoCs

Files

  • prog.apk
    .apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

    zufxtk.qtqhxzzsr

    .UqjkkpdmfJcvnk


Android Permissions

prog.apk

Permissions

android.permission.ACCESS_SUPERUSER

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.RECEIVE_SMS

android.permission.RECEIVE_MMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.BROADCAST_SMS

android.permission.CALL_PHONE

android.permission.PROCESS_INCOMING_CALLS

android.permission.CALL_PRIVILEGED

android.permission.FOREGROUND_SERVICE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.ANSWER_PHONE_CALLS

android.permission.READ_LOGS

android.permission.GET_ACCOUNTS

com.android.alarm.permission.SET_ALARM

android.permission.USE_EXACT_ALARM

android.permission.CAPTURE_AUDIO_HOTWORD

android.permission.GET_INTENT_SENDER_INTENT

android.permission.WAKE_LOCK

android.permission.UPDATE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.READ_PHONE_STATE

android.permission.MODIFY_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CONTACTS

android.permission.NEARBY_WIFI_DEVICES

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_MOCK_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.INSTALL_LOCATION_PROVIDER

android.permission.CONTROL_LOCATION_UPDATES

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.BATTERY_STATS

android.permission.PROCESS_OUTGOING_CALLS

android.permission.BLUETOOTH

android.permission.INTERNET

android.permission.CHANGE_NETWORK_STATE

android.permission.UPDATE_DEVICE_STATS

android.permission.CAMERA

android.permission.CAPTURE_VIDEO_OUTPUT

android.permission.CAPTURE_AUDIO_OUTPUT

android.permission.CAPTURE_SECURE_VIDEO_OUTPUT

android.permission.RECORD_VIDEO

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.