Overview

overview

10

Static

static

10

build.s.apk

android-9-x86

8

build.s.apk

android-10-x64

8

build.s.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.s.apk

  • Size

    267KB

  • Sample

    241206-s2h1lszpfq

  • MD5

    6ef5af90e55da3e3060a2a3daca75e8f

  • SHA1

    1d8fb6a2061feb0b3493591bd18b13dd7ebc67e3

  • SHA256

    1d000ef8d964ba22acf820debd2c24222ff34353c145d69e4266eb2cc7588ba3

  • SHA512

    be954dc69c6b800141ba83d492fa5b5de880f2abe9f4cf455a6813f3f835babf755dd3ff11fc71cd150b3376630aa24ca51cce2e62dc487d0f8d4ffbb9e3d302

  • SSDEEP

    6144:VGXDhYcKa6we5EoC29CZQORrWLn6BuEIQbq3AxrqbvNv90F:VFRpR5FCsC9rWL6HBe3sqB9Y

Score
10/10
ahmythandroidcollectioncredential_accessevasionimpactstealthtrojan

Malware Config

Extracted

Family

ahmyth

C2

http://139.59.55.116:22222

Targets

    • Target

      build.s.apk

    • Size

      267KB

    • MD5

      6ef5af90e55da3e3060a2a3daca75e8f

    • SHA1

      1d8fb6a2061feb0b3493591bd18b13dd7ebc67e3

    • SHA256

      1d000ef8d964ba22acf820debd2c24222ff34353c145d69e4266eb2cc7588ba3

    • SHA512

      be954dc69c6b800141ba83d492fa5b5de880f2abe9f4cf455a6813f3f835babf755dd3ff11fc71cd150b3376630aa24ca51cce2e62dc487d0f8d4ffbb9e3d302

    • SSDEEP

      6144:VGXDhYcKa6we5EoC29CZQORrWLn6BuEIQbq3AxrqbvNv90F:VFRpR5FCsC9rWL6HBe3sqB9Y

    Score
    8/10
    collectioncredential_accessevasionimpactstealthtrojan

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Requests accessing notifications (often used to intercept notifications before users become aware).

      collectioncredential_access
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks