Analysis
-
max time kernel
3801538s -
max time network
133s -
platform
android_x86 -
resource
android-x86-arm-20220310-en -
submitted
20-05-2022 17:49
General
-
Target
fa9cdb00f578204226a9396f0169d53fc38112ae68502d3ef44770153d971596.apk
-
Size
2.5MB
-
MD5
b6bb1472e043f0bbc772b348212bf7f6
-
SHA1
47ea4a3582ad9740183ad2141e23ae2d89ba066f
-
SHA256
fa9cdb00f578204226a9396f0169d53fc38112ae68502d3ef44770153d971596
-
SHA512
138f2a6c936ae96ebb3d11365b485a976be1921bd044f88ab3967bc4845bea9fe9db6cac2987570d542d0e268a47616eab5f22be43293a7271b6da0543ebb342
Malware Config
Signatures
-
Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
-
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes
-
com.dfoiej8.ccsdyia1⤵
- Uses Crypto APIs (Might try to encrypt user data).
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.dfoiej8.ccsdyia/app_jar/lpdf.jarFilesize
35KB
MD5e1ab911d4b585a26aae02d8540575013
SHA1ac148f7bdf95edddc97d9224ff51a771f1070520
SHA2568a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca
SHA512983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/XinZF_conf.xmlFilesize
122B
MD576a516ec620e2508e512a673a58347a3
SHA1386e9ee5d38602ebdca74bc24b24d75b1a765e8c
SHA256245368df69958cb3da7feaea45e63731daf36a8954e5982bc36ed91eb439c6b5
SHA512e4e96e50d4119fb2ba9d28b997b4991cf5e14ea7ea43c25304c3a40850a7744491f25e2ee0c7e500bc02e203669ff1cdee302f96534960bbcca3760ff8d192a8
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/XinZF_conf.xmlFilesize
170B
MD59ea892828eebb762d94f01badffb3677
SHA17a90e4c6f14532975c29738f42438f4e0fa97639
SHA256961aac0ad83abbef133a5b321427d16ad691a5f775e3cb1eb2785da6cb559799
SHA51212530b8ffb3fe46234b34e7d0ce6692493ef407abc14c61193ea8a735d21d7e8e9f3d825192ef475900900407eeb137226a133f07677de8df3583b1ee747544d
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/info.xmlFilesize
460B
MD55b57ef2444874464b3f7838420866eec
SHA1fca6524f890ebb7d2a65be423f24e3f85f85cbdf
SHA256b3b2d3930c6ee25b278083891b5fc33fafafea546d80d9bfc67923f754a1306b
SHA51254d46b57511671f5ddede9d9d7af8845651c9fc8f77ecb330f9b370927b65e9528d420501ca8742cb4469cf828e4484ab57632051dc630bd7daf3385d86ee13a
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xmlFilesize
112B
MD5f16ffeb0e28ae2f044998904f8aae721
SHA1fe5da9f650c4bdffa25da38ee438c776e863eafe
SHA256e49ca4acb603905caa244cf51f2a499fc1f77cf157b937d544fc40239ed19211
SHA51204e3b2d1532d3b5c74b039b62b5a129beae32be0af85931c9c237b3b24af48d86c73dcf3040222057dd64fdb4ad2c78b02e889e73f35a7232e3a6eb78ea1a111
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xmlFilesize
172B
MD5a31a1e5226261564dbd1c2e16eebcf34
SHA16620036662e88ca23919494f36893dd0a2ca0c52
SHA256243da9ac2d23d6a482ccdd386fb79d4a351ac9f2ff9dbda4d989328d6b9d5eb2
SHA512f9d36f5359a341626e495d1ec639f7cb6caca2c020b64799bb7151ec0696ebc4612ef5391e7688b662299b2a5834c1729947c31b28f87799a6780d4e1cee73ae
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xmlFilesize
237B
MD5aade120919f891dfca3c5936a359bf4e
SHA1e07ae6cf50f5c14388e6e158d00d9909d2527b7d
SHA256cc1d81d2b2a3130d131e71b5b5a74e4494682c323843854a16cd75c69126bc37
SHA512018fd85f193c5016d8f86a46936820786ed6441ec89a569b54f6a87b8f2a2b9412d8cfdb418f7de484b0dc93ad5de42805b27d486e88d1e40a4633474682cd4e
-
/data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_location.xmlFilesize
390B
MD5324cdd9e86b8fb412defc558b036680e
SHA18f54afa42baf41d538f0f02bcc9c4e8e0106723c
SHA256234373510f164b28162a7b89b5ebe1d0955697d97cf2f991e269b10b1f80bfaa
SHA5122b08cd705f8d22da534285b6d47a88b35d37b4d2bdc7207cfd65ae0493629d6feccc3bcf55791a27f40448e784d66e129ca8bd92e1a3bcf532b21c3a293e5fdc
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.DataStorage/ContextData.xmlFilesize
111B
MD536b971f966c43e71b544ca524ee3de9c
SHA132979da5ade8b7a173dd10630c9b02cfd47f6ff4
SHA2564cccb12dabf6f837ea940152f4760c9874031363d9439a153ea2d28d26b9aa6a
SHA5123d0e2b130f0c02fc4042dabc7249df4d634a3273f79c7f31ddf889bbe2e2e83bb55f76e31b1f3f19d23879981f9da417d6f0a489560874f748abf26be5bb9103
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
167B
MD501a465aa81933a4734dff8ef7c7095dc
SHA13ea61b163eda5e1b8543590c4b2458fcd3b29694
SHA2564e45766fec12ceb0d2306b985da9799d15ae879fe0f5decb669a1c5c57f96938
SHA51200473d448f327c0a4d128a2a3e75dc0fee16d3d8fc0c425cb7242bb09582020a0205eb48053eb2528c8fce1d39cd82894d5220f49639216d26e861fcee4b58f0
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
65B
MD59781ca003f10f8d0c9c1945b63fdca7f
SHA14156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA2563325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA51225a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03
-
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xmlFilesize
111B
MD5ff487a4d756164316c84a3e8621c2e43
SHA1590e18d605f02894d0cc182cff89420d3b00c57c
SHA256de05a51679d8c2ec69664f7a41f31db828aa4e4f29d7fd2643a024fe120dda91
SHA5125254f6cd16cb7aaa6674a38d13be9f2b804a4e0c5a7a2017b42615734b490ee67b5f1097a1dac9dc8a235efff8bbf688d0d8d47b0587780eb0691675e1ab21e5