Resubmissions

22-08-2024 18:21

240822-wzd6estdnj 10

01-08-2024 02:15

240801-cpkexa1cqg 10

General

  • Target

    am.apk

  • Size

    20.5MB

  • MD5

    662a29140ea32f87a19fa76996137563

  • SHA1

    cd0a4bd3abbf0fe2773a9c7a7a589a0609582219

  • SHA256

    960b8e06d0db96f0bfcd044167a1af9b7397c73a13f222cdcce13f4824a8ffd4

  • SHA512

    511b9d8e95dc7fa26fbf385c4f8bbdd0120830d7a4a031ac6929807bf265e7edafaa4778cdae6e80e632b8f1cfd4e7fb194a776328082402fbd2d22b79174b0c

  • SSDEEP

    393216:tGtsJA35z7A79L+v291mbgafiubchZHb9T9i/zVN2I+TX3VyKpPbNiRSKcsbJo:tLJA35z7c5vLmbBffc3Hfi/zVN2Ikn08

Score
10/10

Malware Config

Extracted

Family

andrmonitor

C2

https://anmon.name/mch.html

Signatures

  • Andrmonitor family
  • Declares broadcast receivers with permission to handle system events 1 IoCs
  • Declares services with permission to bind to the system 2 IoCs
  • Requests dangerous framework permissions 26 IoCs

Files

  • am.apk
    .apk android arch:arm64 arch:arm arch:mips arch:mips64 arch:x86 arch:x64

    xspcmj.qiegf

    .zxvgss639NQL0


Android Permissions

am.apk

Permissions

android.permission.ACCESS_SUPERUSER

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.QUICKBOOT_POWERON

android.permission.RECEIVE_SMS

android.permission.RECEIVE_MMS

android.permission.READ_SMS

android.permission.WRITE_SMS

android.permission.BROADCAST_SMS

android.permission.CALL_PHONE

android.permission.PROCESS_INCOMING_CALLS

android.permission.CALL_PRIVILEGED

android.permission.FOREGROUND_SERVICE

android.permission.READ_CALL_LOG

android.permission.WRITE_CALL_LOG

android.permission.ANSWER_PHONE_CALLS

android.permission.READ_LOGS

android.permission.GET_ACCOUNTS

com.android.alarm.permission.SET_ALARM

android.permission.USE_EXACT_ALARM

android.permission.CAPTURE_AUDIO_HOTWORD

android.permission.GET_INTENT_SENDER_INTENT

android.permission.WAKE_LOCK

android.permission.UPDATE_LOCK

android.permission.DISABLE_KEYGUARD

android.permission.READ_PHONE_STATE

android.permission.MODIFY_PHONE_STATE

android.permission.READ_PHONE_NUMBERS

android.permission.READ_CONTACTS

android.permission.NEARBY_WIFI_DEVICES

android.permission.ACCESS_FINE_LOCATION

android.permission.ACCESS_COARSE_LOCATION

android.permission.ACCESS_MOCK_LOCATION

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

android.permission.ACCESS_BACKGROUND_LOCATION

android.permission.INSTALL_LOCATION_PROVIDER

android.permission.CONTROL_LOCATION_UPDATES

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.BATTERY_STATS

android.permission.PROCESS_OUTGOING_CALLS

android.permission.BLUETOOTH

android.permission.INTERNET

android.permission.CHANGE_NETWORK_STATE

android.permission.UPDATE_DEVICE_STATS

android.permission.CAMERA

android.permission.CAPTURE_VIDEO_OUTPUT

android.permission.CAPTURE_AUDIO_OUTPUT

android.permission.CAPTURE_SECURE_VIDEO_OUTPUT

android.permission.RECORD_VIDEO

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.