Resubmissions

21-05-2022 11:43

220521-nv2f6aebg2 10

General

  • Target

    f1358f3f898b94b1978adb900614ec29809073d4e6d87ae0d8fcdee9bc2e2e5f

  • Size

    1.1MB

  • Sample

    220521-nv2f6aebg2

  • MD5

    7d10305381f160edad0e07150adb8476

  • SHA1

    9696327cae5915a556274e48ce394dc06b7310eb

  • SHA256

    f1358f3f898b94b1978adb900614ec29809073d4e6d87ae0d8fcdee9bc2e2e5f

  • SHA512

    07ccebfeaa4d4f897b0b303ada77575aca996694826fbcc80f9743eeca130a211cb0e4c6d8da3fc460ddd6edbc7b6ff1c39861c980b802fa498e101f5a1e1d6d

Malware Config

Targets

    • Target

      f1358f3f898b94b1978adb900614ec29809073d4e6d87ae0d8fcdee9bc2e2e5f

    • Size

      1.1MB

    • MD5

      7d10305381f160edad0e07150adb8476

    • SHA1

      9696327cae5915a556274e48ce394dc06b7310eb

    • SHA256

      f1358f3f898b94b1978adb900614ec29809073d4e6d87ae0d8fcdee9bc2e2e5f

    • SHA512

      07ccebfeaa4d4f897b0b303ada77575aca996694826fbcc80f9743eeca130a211cb0e4c6d8da3fc460ddd6edbc7b6ff1c39861c980b802fa498e101f5a1e1d6d

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads the content of SMS inbox messages.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks