General

  • Target

    47001ded4154890296d2a0573b9d28001e1a2a7419d7f7c4a36b75685fee6c62

  • Size

    26.6MB

  • Sample

    220520-haya4shbcq

  • MD5

    cb356b05e3664720051d3bfaa9c23f03

  • SHA1

    af68c2dfad72a5f5479bb3e7a33ae1f9a39c4d3d

  • SHA256

    47001ded4154890296d2a0573b9d28001e1a2a7419d7f7c4a36b75685fee6c62

  • SHA512

    7377a7fd3c0f99e0426f7dd161c22f33eed542d204f19c7a894e35a72c7d1dc3338d7c2d434b54740126d26fd1c7fa3236ea813fa6c927e1ae8e3e3c98e02ae1

Malware Config

Targets

    • Target

      47001ded4154890296d2a0573b9d28001e1a2a7419d7f7c4a36b75685fee6c62

    • Size

      26.6MB

    • MD5

      cb356b05e3664720051d3bfaa9c23f03

    • SHA1

      af68c2dfad72a5f5479bb3e7a33ae1f9a39c4d3d

    • SHA256

      47001ded4154890296d2a0573b9d28001e1a2a7419d7f7c4a36b75685fee6c62

    • SHA512

      7377a7fd3c0f99e0426f7dd161c22f33eed542d204f19c7a894e35a72c7d1dc3338d7c2d434b54740126d26fd1c7fa3236ea813fa6c927e1ae8e3e3c98e02ae1

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks