Overview

overview

10

Static

static

1

ff.html

android-10-x64

1

ff.html

android-11-x64

10

ff.html

android-13-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    284s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    09/04/2025, 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ff.html

  • Size

    7KB

  • MD5

    feee8385904c56c40c09d6a57cb37482

  • SHA1

    9f1e8332feed2d74a51c9731db3669a3c4db4643

  • SHA256

    e04091536edb7670381cd07dd4a5c500d27e078053b4f9e0ad314becdd70d87c

  • SHA512

    44e39dcf334a1eff3c9d7d6a3f86035094db847322e7c5ae622708045fab6bff3ac0fd836dd25489f8090b0d2227b944dbeae1649f8d9194cd2cfadc26fdff37

  • SSDEEP

    96:OfWVTg693p1A7IewHFwyJgOHgQ8Bs1EszU/vifEviDMD:+mU693p1A7powyJBAQ8rHikiDMD

Score
10/10
ahmythinfostealerrattrojan

Malware Config

Extracted

Family

ahmyth

C2

http://147.185.221.17:25603

Signatures

  • AhMyth

    AhMyth is an open source Android remote administration tool.

    trojaninfostealerratahmyth
  • Ahmyth family
    ahmyth
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Requests dangerous framework permissions 20 IoCs
  • Checks CPU information 2 TTPs 3 IoCs
  • Checks memory information 2 TTPs 3 IoCs

Processes

  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:4622
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:5461
  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:5685
  • com.android.chrome
    1⤵
      PID:6468

    Network

    MITRE ATT&CK Enterprise v16

    MITRE ATT&CK Mobile v16

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /storage/emulated/0/Download/.com.google.Chrome.U4zJqy
      Filesize

      12.0MB

      MD5

      ae86150a775bdfc228ee37267e95706e

      SHA1

      db82cd7092dec2d6fb8354bfcbb9225e6ea12240

      SHA256

      c527259d27d289339e77513aecfa15441366fd0ebaa2165250578bb8362292ce

      SHA512

      7a6ce460b9bf0f10e81067a4849c13c6081eb923bc461fbb5f51253b1c3e3aa89bc7d13b53424e9f5d916e39ddf0cf1617313340d421cc90dafbe31c5517dc9b

      Download Submit

    • /storage/emulated/0/Download/.pending-1744788263-ROPanel-FF-v4.apk
      Filesize

      37.4MB

      MD5

      848920df47508f0316be22ac51ac88e5

      SHA1

      44c65cb043c4485e6fedb1123a2ab0f11c24b8d8

      SHA256

      7daef80bc7cd3ec6303ffd1e07d06982431b2c29685fbf9f95367a9ad4521b2f

      SHA512

      dcc1ef0559e7c7c01ba4b5e3d87f7cbac9ec2a113761c2d0bd081d8834f71fa809d27857c2d64735769c093b2e4137f5aa23547c977bb0ae53dd01c855674f23

      Download Submit

    • /storage/emulated/0/Download/.pending-1744788263-ROPanel-FF-v4.apk (deleted)
      Filesize

      512KB

      MD5

      59071590099d21dd439896592338bf95

      SHA1

      6a521e1d2a632c26e53b83d2cc4b0edecfc1e68c

      SHA256

      07854d2fef297a06ba81685e660c332de36d5d18d546927d30daad6d7fda1541

      SHA512

      eedb6cadbceb2c991fc6f68dccb80463b3f660c5358acd7d705398ae2e3df2b4327f0f6c6746486848bd2992b379776483a98063ae96edb45877bb0314874668

      Download Submit