com.etechd.l3mon.MainActivity
android.intent.action.MAIN
General
-
Target
base.apk
-
Size
290KB
-
MD5
a410b3a2a9637788cf5b0e6fa34962da
-
SHA1
2af8cab472d7148586064e8de710a420e6f10806
-
SHA256
63e021dd8bb5a2f52d360dfb5567b4f555bc6af31b9a0723c855fbad20fe315d
-
SHA512
4633961ce69cb1c9dfb48868389e04e2cceee79038e1b7f10efadc3e1a20c41314e32c54eca5cb2a23eb4c30d2128b4a5a9502a2b1393dd454fbcfa163020cd1
-
SSDEEP
6144:RBUVxkByGbm73JT7sL4jN+/30Mfur18dEiYvhodOmM7dX2+:RR1+JvsL4x+/vumhmhom
Score
10/10
Malware Config
Extracted
Family
ahmyth
C2
http://192.168.0.91:22222
Signatures
-
Ahmyth family
-
Declares services with permission to bind to the system 1 IoCs
description ioc Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE -
Requests dangerous framework permissions 11 IoCs
description ioc Required to be able to access the camera device. android.permission.CAMERA Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE Allows an application to read SMS messages. android.permission.READ_SMS Allows an application to send SMS messages. android.permission.SEND_SMS Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE Allows an application to read the user's call log. android.permission.READ_CALL_LOG Allows an application to record audio. android.permission.RECORD_AUDIO Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION Allows an application to read the user's contacts data. android.permission.READ_CONTACTS
Files
-
base.apk.apk android
Password: Test1!
com.etechd.l3mon
com.etechd.l3mon.MainActivity
Activities
Permissions
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_CALL_LOG
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS
Receivers
com.etechd.l3mon.ServiceReciever
respawnService
com.etechd.l3mon.MyReceiver
android.intent.action.BOOT_COMPLETED
android.provider.Telephony.SECRET_CODE
Services
com.etechd.l3mon.NotificationListener
android.service.notification.NotificationListenerService
Android Permissions
base.apk
Permissions
android.permission.WAKE_LOCK
android.permission.CAMERA
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.ACCESS_WIFI_STATE
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_CALL_LOG
android.permission.RECORD_AUDIO
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.ACCESS_COARSE_LOCATION
android.permission.ACCESS_FINE_LOCATION
android.permission.READ_CONTACTS