efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

General
Target

efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

Size

15MB

Sample

220520-g1e2sagegj

Score
10 /10
MD5

e412c1b8353f7010ae1e5dac7d9ef01b

SHA1

14d09bd4f3f1dc8a6935880e947f692dc0bd6d37

SHA256

efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

SHA512

a86871b3e0c976131aaf38f7ea15d274801036b3fa76ee9ed2cbf1b614dff4eb0986a5ae2c0dce627be8f4a9dc0a3a14299714cf5f9ca8e9f768975dc89bc789

Malware Config
Targets
Target

efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

MD5

e412c1b8353f7010ae1e5dac7d9ef01b

Filesize

15MB

Score
10/10
SHA1

14d09bd4f3f1dc8a6935880e947f692dc0bd6d37

SHA256

efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

SHA512

a86871b3e0c976131aaf38f7ea15d274801036b3fa76ee9ed2cbf1b614dff4eb0986a5ae2c0dce627be8f4a9dc0a3a14299714cf5f9ca8e9f768975dc89bc789

Tags

Signatures

  • Agent smith

    Description

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    Tags

  • Acquires the wake lock.

  • Checks Android system properties for emulator presence.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Requests dangerous framework permissions

  • Reads information about phone network operator.

  • Uses Crypto APIs (Might try to encrypt user data).

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10