General
-
Target
AndroRAt.apk
-
Size
293KB
-
Sample
250211-g96k4aynar
-
MD5
3d3b2a66ae3a8a8cf21e2cde12f5387f
-
SHA1
a6c8e87367f8168ece54c8f27ba182df406a41c3
-
SHA256
9af5c084b7203741bc26debb6212bf138f3c7a41e04d96948a332be4a842882e
-
SHA512
81ee8d00eae3a3c3d4276b370e7d3f755be01a429dc16b144c7ffeba3c3b49957152392715eeaa19aa284574e49139b914e4d6cdc5a4171a7ccadc432c39436d
-
SSDEEP
6144:ZbkPe2DpLKXsb1ULz9Qg7KZdyuKI0mYkMdfO:QtDpbmLBSGuK2YJJO
Malware Config
Extracted
ahmyth
http://34.125.188.220:50901
Targets
-
-
Target
AndroRAt.apk
-
Size
293KB
-
MD5
3d3b2a66ae3a8a8cf21e2cde12f5387f
-
SHA1
a6c8e87367f8168ece54c8f27ba182df406a41c3
-
SHA256
9af5c084b7203741bc26debb6212bf138f3c7a41e04d96948a332be4a842882e
-
SHA512
81ee8d00eae3a3c3d4276b370e7d3f755be01a429dc16b144c7ffeba3c3b49957152392715eeaa19aa284574e49139b914e4d6cdc5a4171a7ccadc432c39436d
-
SSDEEP
6144:ZbkPe2DpLKXsb1ULz9Qg7KZdyuKI0mYkMdfO:QtDpbmLBSGuK2YJJO
Score6/10-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Tries to add a device administrator.
-