General
-
Target
7481906134.zip
-
Size
42.2MB
-
Sample
220520-rsreysgch5
-
MD5
7902f53228f89d3b5031d6f47f57bd2c
-
SHA1
0fb3b7a67a4e7722915201eefc72d732a625a56a
-
SHA256
ade253a145f97642e4bc3619d1edcf8bc8f58dbf0a401fc0e6a484164288b5ab
-
SHA512
628f8d43e6246cddfcf837f20fdb72c2c0a7ca41cf3c9f41d3b578e20682cf51c08f77136a08759e3c74974461b31d28070fd39bdb7bfb9896a734068283f3ee
Static task
static1
Behavioral task
behavioral1
Sample
18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral2
Sample
18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617.apk
Resource
android-x64-arm64-20220310-en
Behavioral task
behavioral3
Sample
18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617.apk
Resource
android-x86-arm-20220310-en
Malware Config
Targets
-
-
Target
18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617
-
Size
43.7MB
-
MD5
642189535f741f9925887e45ea7f4e38
-
SHA1
e71bfee8dc7d6e3536e55573dbbeee34618285f4
-
SHA256
18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617
-
SHA512
393ff1b7259239c01d64353d09608bc9de9786ee2720b48bfa91e5c7fdc2040e820ae3beda032f5404d4c66361cb231578a5d9a67e13549f6f8a70eccb9f12a1
Score10/10-
Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries the unique device ID (IMEI, MEID, IMSI).
-
Uses Crypto APIs (Might try to encrypt user data).
-