ahmyth | fc4880ca9e55f57a69fcbc047e67bff7af42db510b00c337235af31858d95beb

Sharing

Copy URL

Twitter E-mail

General

Target

AhMyth-master.zip
Size

89.7MB
Sample

240803-mh78hazhmk
MD5

31427642108a556b5715ebe76c66ca8d
SHA1

93df7d9b5bee9d7e71a3f4d47e2c0dbe52cc0695
SHA256

fc4880ca9e55f57a69fcbc047e67bff7af42db510b00c337235af31858d95beb
SHA512

4230be8c8b0d16d02a32f79a501e3abc7e1db55ddbca66f9d2e752c8dd7c30c0b20748daf1847b4705729ad6d07866658efd448220697b7e27bb48e2f5e51323
SSDEEP

1572864:T5uPOj2D6jRpvv636fnUckAXMn7FTaoXOOZ+9qCW+L3Eff61ybuQu3UwsssUxPlA:T5uGW6zvCg/3+7MoXOOZ+9qCTC61003S

Score

10^/10

Malware Config

Extracted

Family

ahmyth

http://192.168.225.241:42474

Targets

- Target
  
  AhMyth-master/.github/Dev/01. Server Updates.md
- Size
  
  18KB
- MD5
  
  ea60720a439cf98b0c2ee27785ee4b0e
- SHA1
  
  c504c61b41272e061526e070b5368b32883157d6
- SHA256
  
  49c415f266acc83363e09d7c598afcd67fc2a39c6bc0e5ce2b3b8891d7fba3a9
- SHA512
  
  4baf154b81ae258723c2536a46edb5b636911227d04328bed3f64bb1ff55ac390bc5f3adb4510abb448474d373da54660dc6a8bed30275e9129bb8d3095291f4
- SSDEEP
  
  192:/BmBYL6VYLE/zB+2IQU7jYuJcWBARP7E65BH6BNvekwsOftPTW:/BwOQU7hBQPv+NKtPTW
Score

4^/10

discovery execution
behavioral1 behavioral2
- Target
  
  AhMyth-master/.github/Dev/02. Client Updates.md
- Size
  
  7KB
- MD5
  
  b13b2b5fd6887bc16867212eb441af79
- SHA1
  
  a413d5990563878112d5868ed96e9fafd70e152a
- SHA256
  
  c7d30628f59990a6f15ea65ffb1093b5300c07165154c8096c642a822cfd9d7f
- SHA512
  
  80257193c62b60c9b5f0aaf562e74b6d12ad748f929a1a0e972e9cd4b22d96cc2b844ce120213432544dbe802be49232be20677fccb1fbdfd4a62d7206e4defc
- SSDEEP
  
  96:+D9dnbpR6RnbpR3ji5d6vzN+cx3nTZ2bEYMAK+O//T1LWP:SxbpR6dbpR3jSwzoEY2A
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  AhMyth-master/AhMyth-Client/gradle/wrapper/gradle-wrapper.jar
- Size
  
  52KB
- MD5
  
  3ef954ed0adb79a5bd8a5303165fae05
- SHA1
  
  92d0b85fb15ec7ca7aa72eaab4d5f7faac9297d1
- SHA256
  
  16caeaf66d57a0d1d2087fef6a97efa62de8da69afa5b908f40db35afc4342da
- SHA512
  
  c0f5fcc25b2dfa8b256f772443421312bb4bfd35200fe717afc4a63155e9b6629b9b081c3ac314230ff112a2d3ff497f0e296df024b23eae6de32dea3281244c
- SSDEEP
  
  1536:Bx+CJ6wvQqbX/RbQOeh5ADzI0WxtK14XzzUdcv3kFP:yCJQCPJJeh5Aw0YqaQOf8
Score

1^/10
behavioral5 behavioral6
- Target
  
  AhMyth-master/AhMyth-Client/gradlew.bat
- Size
  
  2KB
- MD5
  
  0ea6d812cf51675a8503fe23ae178996
- SHA1
  
  8751d7831ca6cd1cad48e1475a79596b54b48994
- SHA256
  
  f4f428c5626b3d90cef3bd4e7fd3ad3ea5760442db8c09d586b5bfe031dbe5e3
- SHA512
  
  ea052888a8e361670cd7051c6313fc838f579a54288ed391361954f413df699c119236e7371149939045cd3aef48458d4991beed579e3cc1230e3bee1273de8f
Score

7^/10
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  AhMyth-master/AhMyth-Server/app/app/Factory/apktool.jar
- Size
  
  22.1MB
- MD5
  
  ec5b561de3c55ddc2e2223c504b2726b
- SHA1
  
  fe4393dbe912a31c8c76e823fb589d449b6970d2
- SHA256
  
  c11b5eb518d9ac2ab18e959cbe087499079072b04d567cdcae5ceb447f9a7e7d
- SHA512
  
  6593a7e8ff220f03f4c78cb3c832a6ab7d593936b43dac214a3c607ec9a7db96f115ec5b37a6f0260cf43fc4eccdf7e97f6c5e5c5dbbfac921b42f2844274006
- SSDEEP
  
  393216:Q0aK5IOdkNGN4mwQ3CmiDAH/OzPQNRUM7bcecTnh2BewqppvzLYzreOohN5tdXY+:Q0aqAT+3diDVQDUMHczTkBedpZz2mNI+
Score

1^/10
behavioral10 behavioral9
- Target
  
  AhMyth-master/AhMyth-Server/app/app/Factory/sign.jar
- Size
  
  1.8MB
- MD5
  
  cdb9c63d4e5ee6aee93a68f605fd36e2
- SHA1
  
  955483e87487e73c0531c71c0427ce873d04992d
- SHA256
  
  47ae984df200afbae292d6f950e517afb445d3c902a1edc7717a82c513c5e772
- SHA512
  
  17fb169b531a3e9bbbc5986a4b14f0b302b6c8bd8b29daa7cb943eb019ed125ea963314fbed4e869f0b6d822defa2eb71e7e1d7fe41b3b741ce99066432e1a54
- SSDEEP
  
  49152:z9PZRQq86HxyotI9D/zow+25CjH/Ove3E9:z9jQqJNqhLn3QHx3E
Score

1^/10
behavioral11 behavioral12
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/Constants.js
- Size
  
  5KB
- MD5
  
  29fda0bc2ea91806cfd585df71beed24
- SHA1
  
  075a7bd70ec5f68c67ac3ea178d5450b3052aabf
- SHA256
  
  45c9640bfd61bc3c2a9bbd0ee4d0d03f737936d6fbb57c57a7985957a5f0fed1
- SHA512
  
  8fefd32d66ced1e6734f994c1986d4d8a25a4bf76869a0e99fb20363277793d85185e21a07a352b81c2f3ece8275ed1283ef5a084804dd6a15fd723da308c698
- SSDEEP
  
  96:ECf+Yhctc6cscb41ZKIGKcgvFynmFRpM+OijnvQhoXxXBXDXgX66X9tXto3:x4BpEhXRI
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/controllers/AppCtrl.js
- Size
  
  54KB
- MD5
  
  aec3eda1025c2f3f85ca06586da557b7
- SHA1
  
  2cf8c54fde9e77d89daceb414d376d0f7ac98253
- SHA256
  
  884f9848bff1eda645b07a8bdc57339c7ac7179c2094d7038fe6acbd95d2e93f
- SHA512
  
  694623d11a8869066bca0a2c4023331b07ef3bf3a517f7ecf030cb000473a0526d7905bf82cb5d0f9833be4370b1aaf83dfc06eae136c1e863eab04a2c122e95
- SSDEEP
  
  384:XFLipRj1cscC7PEMGfI+VCoNppCaZ1QhavJ7yt3xZZLWpvq6i3:X94BmUAIYdPZ1rGZE8
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/controllers/LabCtrl.js
- Size
  
  17KB
- MD5
  
  cc04e14406bde685420119bf92b0a5ad
- SHA1
  
  719651dc74b34f20aa41dab95b2276476b858b05
- SHA256
  
  9ce4bf0f954346de4308fe8db6151b7c76456571735cbc0c5d8083ff526b041d
- SHA512
  
  f07e8f521ee2b41d145a8c96eb35a934e0ca7db306c13dd002a29e5119426998c392597150634453c94081ed38cb6dde98a8910714001308f157f9fdd0de0fd6
- SSDEEP
  
  384:R5Z1A/iA1g3zRp0MZfxK4LG1Z1rhvROPOePHRO:R5Z1A/iA1wYMlx/GX1rhvw/RO
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/controllers/NotifiCtrl.js
- Size
  
  425B
- MD5
  
  2ebb163b02241db284754c6561a56e7a
- SHA1
  
  0f3d649f771c57707a74a8ac51ab7024fe41058c
- SHA256
  
  16e25cf0b839701318f29512831cba250e20eed5765bfffb05ab7f1ef367e34e
- SHA512
  
  ef97a32bd5aef8dc79366fdb7dbcd5f65f31b170f21f47e83bb98c13d6b6c87b719fb67e7798d2ec17025f6adb15f969edf254df76058f6e559b7ca4cda3333d
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/lib/jquery-3.1.1.min.js
- Size
  
  84KB
- MD5
  
  e071abda8fe61194711cfc2ab99fe104
- SHA1
  
  f647a6d37dc4ca055ced3cf64bbc1f490070acba
- SHA256
  
  85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
- SHA512
  
  53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65
- SSDEEP
  
  1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/lib/leaflet.js
- Size
  
  140KB
- MD5
  
  29ff6f30a9664fb3baf7e71922f18e64
- SHA1
  
  a83cf84a4380e4bf5249890d7849ea8c0d2acbf2
- SHA256
  
  bf3b53dc1f716c789a1ae0cffe54591d123c2254fdd74ab8669344fc02432f44
- SHA512
  
  5a7746e9c8db4f8ab11759ce42910717712c697d10bf946ad5a055f8b41e503007c5fc8a951830699b457b58469040f8ca4b607667a2d9298e2fab50ce9b7518
- SSDEEP
  
  1536:VZjD+TtmTmYAC6z3YvUfu1rjKtln4lORGSMFIxebJ6vnPs0h8lOcIeIe93eYqc6:3okTmz5bPln/PyD1PE
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/lib/ng-infinite-scroll.min.js
- Size
  
  2KB
- MD5
  
  dcce59e484027b065ed8501478ad2b20
- SHA1
  
  0de578dd969f4f606556b95f2473440213086b90
- SHA256
  
  f5ee5f7bbb194ab775b85b74a43147d4ed3dc8bb3937af92ef0af1ff1b8f8c31
- SHA512
  
  53d755a1d71dfb7460e75e6def91811db0e9fb79850d9b8cf964a0cda3cdff160423cfe0bbe135bdfff779806d1419450db2d2dfeb95de103efddb2b1e8ec2e0
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  AhMyth-master/AhMyth-Server/app/app/assets/js/model/Victim.js
- Size
  
  866B
- MD5
  
  eb48c5c6f17ac45b04f4348608f78006
- SHA1
  
  d25c518a6f6734e6ab115438dc66d607ee81ec39
- SHA256
  
  0aa52946770fc58ea6b988851536049140a81873ddedd8b5da14b54c98c92d79
- SHA512
  
  c2ca1d63252282759b10c1be27b7b478e5a15b326302c459e01057a7cf8967adeadb200d58d335a21dbe3177cf7a423b2bd8ffef65592829e54f574c7ac6a482
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  AhMyth-master/AhMyth-Server/app/app/index.html
- Size
  
  5KB
- MD5
  
  001f7eabc4f1b0789d31bbe3e1ae2d4b
- SHA1
  
  0e5ebb75b6132c3beafc0345995a775df02f45f8
- SHA256
  
  5ce8a76c450291ebc9b9fb52e3d2681fc03f60d715dd279ef26cbf5037ae196c
- SHA512
  
  0e695346425a8fd69a4439b69c83a1b22ccd4ae04d265b823ad6f9aa9718480ffc5690ec1fdb6ff29fca5e522cf5c04a596d84879b9e849033835f488eec8b42
- SSDEEP
  
  96:WNDrAPb4JvclglM+ZeRaJu7XlHOH+H9HpHvHk+HqHojM:WFs0JvQkVZel+4M
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  AhMyth-master/AhMyth-Server/app/app/lab.html
- Size
  
  4KB
- MD5
  
  dab81b7420a3c4fa87e42b298a0a6196
- SHA1
  
  b63ab834d219ab978c38d8961cc86ca72bd68c6e
- SHA256
  
  1e58086dcb83c6829e6e8de0cf581f7a574e9c9354024190e3ed4ecef8ffa3de
- SHA512
  
  ef0e9c7223170e0baad462ee1dd42ccd0f2a90d82b14dfee0003a043d1a6040cbfc70d5f5fe3dca6bdc00f8374587db72e8a47f8f1194ee7669aea2fa9bf764c
- SSDEEP
  
  48:WQzDrOaDw/xJiYSKVWUW5CnvtoRZvDcQ1iHLZGHqNM:W4DrtEZJiYSKVWZIH4HSM
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32