General

  • Target

    11afa5ce695e22b34cb5876df22c056c44c7eedb8cea1efa12b713edd8f2a740

  • Size

    18.6MB

  • Sample

    220501-3hqapaedh6

  • MD5

    60a75e54ef46fec7418ffd1a76803515

  • SHA1

    9a72793ca44c2c7d4dc4cd814d31e4ba5b928a80

  • SHA256

    11afa5ce695e22b34cb5876df22c056c44c7eedb8cea1efa12b713edd8f2a740

  • SHA512

    b2d62a288e3a4f6443d533e22c400f5cc2ebf35500cdeea8777ca0bc08bf8a0681b361c5d9f743ed47ae1a3448e6135f70101b3b5ba752a62e746dd9b8307265

Malware Config

Targets

    • Target

      11afa5ce695e22b34cb5876df22c056c44c7eedb8cea1efa12b713edd8f2a740

    • Size

      18.6MB

    • MD5

      60a75e54ef46fec7418ffd1a76803515

    • SHA1

      9a72793ca44c2c7d4dc4cd814d31e4ba5b928a80

    • SHA256

      11afa5ce695e22b34cb5876df22c056c44c7eedb8cea1efa12b713edd8f2a740

    • SHA512

      b2d62a288e3a4f6443d533e22c400f5cc2ebf35500cdeea8777ca0bc08bf8a0681b361c5d9f743ed47ae1a3448e6135f70101b3b5ba752a62e746dd9b8307265

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks