d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e

General
Target

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e

Size

30MB

Sample

220511-dfl3tagghr

Score
10 /10
MD5

f33e104e7e76ee46395a53c1904f6941

SHA1

5c5309182f1c73109e088cb6e3f1dc87ded16812

SHA256

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e

SHA512

8c473ab97b84ab6c6dd55ce4a6d6edbc91fd721187acafdb0d13947d5e98522da37d5fe54ab86a71e194eaebccea0fe9748149425c75d7944e93f9ceafdfb69d

Malware Config
Targets
Target

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e

MD5

f33e104e7e76ee46395a53c1904f6941

Filesize

30MB

Score
10/10
SHA1

5c5309182f1c73109e088cb6e3f1dc87ded16812

SHA256

d1c9f38bea5eb41dfce54fbee55eea0b7ae6060272e6272398a47dc5fc4e383e

SHA512

8c473ab97b84ab6c6dd55ce4a6d6edbc91fd721187acafdb0d13947d5e98522da37d5fe54ab86a71e194eaebccea0fe9748149425c75d7944e93f9ceafdfb69d

Tags

Signatures

  • Agent smith

    Description

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    Tags

  • Requests cell location

    Description

    Uses Android APIs to to get current cell location.

  • Checks Android system properties for emulator presence.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

  • Uses Crypto APIs (Might try to encrypt user data).

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10