com.etechd.l3mon.MainActivity
android.intent.action.MAIN
General
-
Target
build.s.apk
-
Size
346KB
-
MD5
83df4ac5ea51422f75145ac2d95c7b18
-
SHA1
c4f8405308257b7f669d49e92fab7484c6db35a3
-
SHA256
c854db64b9926947cb0f82d53e0dcd775f644e5c5d5a15133d03cc194e1c9689
-
SHA512
d22c271964349133a095d01c9eae03488ae59bc2c736d315f43115f93caf751b5e5784aa5ab1f04793bf4af91d5347ebe50692cb5f01743b6474476e92834ffa
-
SSDEEP
6144:cEPXpltG9Yqym29Fdb7Nsyjx0Vc0nfIE4JTDyq2PQrqON5Oe0HWn/rMDxobB:cERltGuqyjJbGEac0n1kDmPQrLNwe0HC
Score
10/10
Malware Config
Extracted
Family
ahmyth
C2
http://212.227.241.124:22222
Signatures
-
Ahmyth family
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 11 IoCs
Files
-
build.s.apk
Password: infect
com.etechd.l3mon
com.etechd.l3mon.MainActivity
Android Permissions
build.s.apk
Permissions
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_CALL_LOG
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS