a9450e63452babcfd011dcb4c91446a0524dd1b1910b879ffe8e0aaa587dec4d

General
Target

a9450e63452babcfd011dcb4c91446a0524dd1b1910b879ffe8e0aaa587dec4d

Size

2MB

Sample

220521-ax7t3aahh3

Score
10 /10
MD5

badd1f1f06deb17261c08184d243fba7

SHA1

a2189d43278760394176828a09e996100474c581

SHA256

a9450e63452babcfd011dcb4c91446a0524dd1b1910b879ffe8e0aaa587dec4d

SHA512

9716d869bbe56997a9ef53b2c553caed6960c9b528413a1916882411db0f7e5800b522970ae6f2ea453f1e3858820d61f3f060b0a9e059d0935e2bd8f4b51457

Malware Config
Targets
Target

a9450e63452babcfd011dcb4c91446a0524dd1b1910b879ffe8e0aaa587dec4d

MD5

badd1f1f06deb17261c08184d243fba7

Filesize

2MB

Score
10/10
SHA1

a2189d43278760394176828a09e996100474c581

SHA256

a9450e63452babcfd011dcb4c91446a0524dd1b1910b879ffe8e0aaa587dec4d

SHA512

9716d869bbe56997a9ef53b2c553caed6960c9b528413a1916882411db0f7e5800b522970ae6f2ea453f1e3858820d61f3f060b0a9e059d0935e2bd8f4b51457

Tags

Signatures

  • Agent smith

    Description

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    Tags

  • Requests cell location

    Description

    Uses Android APIs to to get current cell location.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Requests dangerous framework permissions

  • Reads information about phone network operator.

  • Uses Crypto APIs (Might try to encrypt user data).

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10