Analysis
-
max time kernel
3827062s -
max time network
107s -
platform
android_x86 -
resource
android-x86-arm-20220310-en -
submitted
20-05-2022 23:47
General
-
Target
aeb36b9974d108841d6d79e0d188f8f33c75a4c169d6531b391e7a59c74103f4.apk
-
Size
2.4MB
-
MD5
5bd9bf9f6ba9556fe102368c51125f70
-
SHA1
3f381169e0c5bbacb2d00aa251ce827470bf349c
-
SHA256
aeb36b9974d108841d6d79e0d188f8f33c75a4c169d6531b391e7a59c74103f4
-
SHA512
2aafeb4d1f619218fceb01d19bb4baa26d02e0c5ac5b7feadcc7b4bfba230062798e4037cf17ff8e350529958c8aa0ebe5823ef57acc52724b608ec34972981f
Malware Config
Signatures
-
Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
-
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
-
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
Processes
-
com.yumer11.ausdiue1⤵
- Uses Crypto APIs (Might try to encrypt user data).
- Listens for changes in the sensor environment (might be used to detect emulation).
-
ls /sys/class/thermal2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.yumer11.ausdiue/app_jar/lpdf.jarFilesize
35KB
MD5e1ab911d4b585a26aae02d8540575013
SHA1ac148f7bdf95edddc97d9224ff51a771f1070520
SHA2568a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca
SHA512983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/XinZF_conf.xmlFilesize
122B
MD52eaf1b50441f9c8cb4b7b89476e754f0
SHA1cf4af930a6762f5b606138af8cee22c01cf76424
SHA2565e82b2bda3fd21a2ee833995d374723860020141440c16932925c34d1d953fef
SHA51225ec7040480a2cceb9421897d10a95a635bd1afd105ccd0a3c1de807b6b61cdcd31840186d1750964a8d9026c16c7f0b9d2273951f9274d712a9860ebe0a5d43
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/XinZF_conf.xmlFilesize
169B
MD5c02b96e3ee7a9968350f5274ca968d93
SHA173042da13a897ee5a405aeff55d3ec10b4e33212
SHA256c4b0c7ab426ce651fb98b3dbf47a139d0e4bc6fca4a4fc11675aff95fefee93c
SHA512b6ede87730eed17115fcab9d2505daf735971a84cd2f7eada52f374a0ee898aaa6cc2b089425740eb4a0453fe150b1d168b15be7be1c0b627f3068e47970955e
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/umeng_common_config.xmlFilesize
111B
MD58cd85b196b0b1fa93ea1755c6da39dc1
SHA148d3ea9ab710438c39d9819d7e272c8bdf3a7f50
SHA256880f091bebfb1bad97e26f6c3bdb4c3779d285f88e08d99021370b42156f354d
SHA5125af810d5bce4054215fb428b5d4c4257c17c833d43ef06a795aff7417fd05481b7c56b2e9befbf5daae70a17e97efb055f4176fc999cc2f8188495777db52fa6
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/umeng_common_config.xmlFilesize
171B
MD58893661f6b1689f66b650581a7f4703a
SHA1e5f32de077017d69d681f7fb5d0be6ab618409be
SHA2567b8f9abc49ed3048e22a71a6f6fc8bb59d0e79d4f48c0684a307003806e7c41f
SHA512ff1bf4f7a8bae095bb4fad48cc6f7192086d427c71b926e2fc9082d45712abb850c37eabe4d676d10e2018365f2ad0480b78b6177124a7533142bfe892e6a1db
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/umeng_common_config.xmlFilesize
236B
MD5317f0c3e0fa4821846ff09a0d05da03a
SHA120d8544a1116c212302472ade58fe8294aedaea0
SHA25696ef04b92f8d5a0fe19175151364b7879b097ce7b409cd28d5d4f6bb5425379c
SHA5124c5e2c76e12f0033b5d9b1c177bd7426b4af3d00c370f352f72fa14153355707353ba2211a9bf4809fe756b9d03acc0b5280c2a1adda70d212c641aa9777b841
-
/data/user/0/com.yumer11.ausdiue/shared_prefs/umeng_common_location.xmlFilesize
390B
MD5324cdd9e86b8fb412defc558b036680e
SHA18f54afa42baf41d538f0f02bcc9c4e8e0106723c
SHA256234373510f164b28162a7b89b5ebe1d0955697d97cf2f991e269b10b1f80bfaa
SHA5122b08cd705f8d22da534285b6d47a88b35d37b4d2bdc7207cfd65ae0493629d6feccc3bcf55791a27f40448e784d66e129ca8bd92e1a3bcf532b21c3a293e5fdc