General

  • Target

    efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

  • Size

    15.5MB

  • Sample

    220520-g1e2sagegj

  • MD5

    e412c1b8353f7010ae1e5dac7d9ef01b

  • SHA1

    14d09bd4f3f1dc8a6935880e947f692dc0bd6d37

  • SHA256

    efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

  • SHA512

    a86871b3e0c976131aaf38f7ea15d274801036b3fa76ee9ed2cbf1b614dff4eb0986a5ae2c0dce627be8f4a9dc0a3a14299714cf5f9ca8e9f768975dc89bc789

Malware Config

Targets

    • Target

      efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

    • Size

      15.5MB

    • MD5

      e412c1b8353f7010ae1e5dac7d9ef01b

    • SHA1

      14d09bd4f3f1dc8a6935880e947f692dc0bd6d37

    • SHA256

      efe47f9953d70958f4edeb6481e3c3ad2d9db992988d244f7ce4ab1ceb52cb46

    • SHA512

      a86871b3e0c976131aaf38f7ea15d274801036b3fa76ee9ed2cbf1b614dff4eb0986a5ae2c0dce627be8f4a9dc0a3a14299714cf5f9ca8e9f768975dc89bc789

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests dangerous framework permissions

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks