Overview

overview

10

Static

static

10

Ahmythalig...ed.apk

android-9-x86

6

Ahmythalig...ed.apk

android-10-x64

6

Ahmythalig...ed.apk

android-11-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AhmythaligneddebugSigned.apk

  • Size

    293KB

  • Sample

    240928-qygl9sycpn

  • MD5

    4dc44afb21f46dc88ff5f9553c3ac9f8

  • SHA1

    b01c920c64223c9d1a230dc1e4b87c24eed2e33b

  • SHA256

    942dee6c8af0156c2936c63e8e131514f69407f8e1dd962af5a1b0f2f1bce0d5

  • SHA512

    5cb276bf25acc19925e03685362e997352c12a49e7973c817209a750433895dab8124ce7f6238ab42d8493a149c96e068a20499dbbe68eed39e9c66feb8e400d

  • SSDEEP

    6144:Ab2+Pu8LEAp4d6l6jM8kkOhhZUqZArRl8N3DWHHLkLSD/PAbvfp:Ab2X8LOd6AjM8OTWl8xiHgWD3sp

Score
10/10
ahmythandroidevasionimpactpersistenceprivilege_escalation

Malware Config

Extracted

Family

ahmyth

C2

http://192.168.8.126:42474

Targets

    • Target

      AhmythaligneddebugSigned.apk

    • Size

      293KB

    • MD5

      4dc44afb21f46dc88ff5f9553c3ac9f8

    • SHA1

      b01c920c64223c9d1a230dc1e4b87c24eed2e33b

    • SHA256

      942dee6c8af0156c2936c63e8e131514f69407f8e1dd962af5a1b0f2f1bce0d5

    • SHA512

      5cb276bf25acc19925e03685362e997352c12a49e7973c817209a750433895dab8124ce7f6238ab42d8493a149c96e068a20499dbbe68eed39e9c66feb8e400d

    • SSDEEP

      6144:Ab2+Pu8LEAp4d6l6jM8kkOhhZUqZArRl8N3DWHHLkLSD/PAbvfp:Ab2X8LOd6AjM8OTWl8xiHgWD3sp

    Score
    6/10
    evasionimpactpersistenceprivilege_escalation

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Tries to add a device administrator.

      privilege_escalationimpact
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks