Overview

overview

10

Static

static

7

18d6623b99...17.apk

android_x64

18d6623b99...17.apk

android_x64

10

18d6623b99...17.apk

android_x86

Resubmissions

20-05-2022 14:27

220520-rsreysgch5 10

20-05-2022 14:25

220520-rrh27abbgl 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7481906134.zip

  • Size

    42.2MB

  • Sample

    220520-rsreysgch5

  • MD5

    7902f53228f89d3b5031d6f47f57bd2c

  • SHA1

    0fb3b7a67a4e7722915201eefc72d732a625a56a

  • SHA256

    ade253a145f97642e4bc3619d1edcf8bc8f58dbf0a401fc0e6a484164288b5ab

  • SHA512

    628f8d43e6246cddfcf837f20fdb72c2c0a7ca41cf3c9f41d3b578e20682cf51c08f77136a08759e3c74974461b31d28070fd39bdb7bfb9896a734068283f3ee

Score
10/10
agent_smithadwareandroidevasionransomware

Malware Config

Targets

    • Target

      18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617

    • Size

      43.7MB

    • MD5

      642189535f741f9925887e45ea7f4e38

    • SHA1

      e71bfee8dc7d6e3536e55573dbbeee34618285f4

    • SHA256

      18d6623b99b28e8306d27b40ba60b3684dc939e7b0b437cef47f9c85999a5617

    • SHA512

      393ff1b7259239c01d64353d09608bc9de9786ee2720b48bfa91e5c7fdc2040e820ae3beda032f5404d4c66361cb231578a5d9a67e13549f6f8a70eccb9f12a1

    Score
    10/10
    agent_smithadwareevasionransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks