0b45056e4bdb6471f7c2662708a6f0d9bc643e1cb8fcde9a41310b5431ecd794

General
Target

0b45056e4bdb6471f7c2662708a6f0d9bc643e1cb8fcde9a41310b5431ecd794

Size

2MB

Sample

220516-b72apshbc9

Score
10 /10
MD5

329b43bdecc231df48486cf50d7d7db2

SHA1

d36cf7a3ed3faabf3876c4911b4f96f027026c4f

SHA256

0b45056e4bdb6471f7c2662708a6f0d9bc643e1cb8fcde9a41310b5431ecd794

SHA512

0e6d015f8343d1292756311fcc6efd8d545c42a39550ad30654e43638a4ab9820e09c938c43422f4ee6578d19859374eab907a328baa9af71b824c9b526420e3

Malware Config
Targets
Target

0b45056e4bdb6471f7c2662708a6f0d9bc643e1cb8fcde9a41310b5431ecd794

MD5

329b43bdecc231df48486cf50d7d7db2

Filesize

2MB

Score
10/10
SHA1

d36cf7a3ed3faabf3876c4911b4f96f027026c4f

SHA256

0b45056e4bdb6471f7c2662708a6f0d9bc643e1cb8fcde9a41310b5431ecd794

SHA512

0e6d015f8343d1292756311fcc6efd8d545c42a39550ad30654e43638a4ab9820e09c938c43422f4ee6578d19859374eab907a328baa9af71b824c9b526420e3

Tags

Signatures

  • Agent smith

    Description

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    Tags

  • Requests cell location

    Description

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

  • Uses Crypto APIs (Might try to encrypt user data).

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10