agent_smith | d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e | Triage

Submit
Reports

Overview

overview

Static

static

7

d1c9f38bea...3e.apk

android_x86

Sharing

General

Target

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e
Size

30.1MB
Sample

220511-dfl3tagghr
MD5

f33e104e7e76ee46395a53c1904f6941
SHA1

5c5309182f1c73109e088cb6e3f1dc87ded16812
SHA256

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e
SHA512

8c473ab97b84ab6c6dd55ce4a6d6edbc91fd721187acafdb0d13947d5e98522da37d5fe54ab86a71e194eaebccea0fe9748149425c75d7944e93f9ceafdfb69d

Score

10^/10

agent_smith adware android evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e.apk

Resource

android-x86-arm-20220310-en

agent_smith adware evasion ransomware

android_x86

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e
- Size
  
  30.1MB
- MD5
  
  f33e104e7e76ee46395a53c1904f6941
- SHA1
  
  5c5309182f1c73109e088cb6e3f1dc87ded16812
- SHA256
  
  d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e
- SHA512
  
  8c473ab97b84ab6c6dd55ce4a6d6edbc91fd721187acafdb0d13947d5e98522da37d5fe54ab86a71e194eaebccea0fe9748149425c75d7944e93f9ceafdfb69d
Score

10^/10

agent_smith adware evasion ransomware
- Agent smith
  Agent smith is a modular adware that installs malicious ADs into legitimate applications.
  adware agent_smith
- Requests cell location
  Uses Android APIs to to get current cell location.
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agent_smithadwareevasionransomware

© 2018-2024

Terms | Privacy