agent_smith | 96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe | Triage

Submit
Reports

Overview

overview

Static

static

7

96f293ee1b...be.apk

android_x86

96f293ee1b...be.apk

android_x64

Sharing

General

Target

96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe
Size

9.9MB
Sample

220525-cdsbdabcel
MD5

bb4c68c5f91b87c142c2a796e9a30339
SHA1

d30350953f206eee7e55f635e9df97315ec963b4
SHA256

96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe
SHA512

d66c10cba3d3ced96c5a7f896890a5392cce419e870fc3ee3fa5dc80ae75ef9a6574bfced8082eeff6f4b9b05adc20732c741fa4ce6478d3a25866a0aaa5d5ac

Score

10^/10

agent_smith adware android banker evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe.apk

Resource

android-x86-arm-20220310-en

agent_smith adware banker evasion ransomware

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe.apk

Resource

android-x64-20220310-en

agent_smith adware evasion ransomware

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe
- Size
  
  9.9MB
- MD5
  
  bb4c68c5f91b87c142c2a796e9a30339
- SHA1
  
  d30350953f206eee7e55f635e9df97315ec963b4
- SHA256
  
  96f293ee1be22f9d3459dfa7476cb46ac0716089261864905230702434806bbe
- SHA512
  
  d66c10cba3d3ced96c5a7f896890a5392cce419e870fc3ee3fa5dc80ae75ef9a6574bfced8082eeff6f4b9b05adc20732c741fa4ce6478d3a25866a0aaa5d5ac
Score

10^/10

agent_smith adware banker evasion ransomware
- Agent smith
  Agent smith is a modular adware that installs malicious ADs into legitimate applications.
  adware agent_smith
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Requests cell location
  Uses Android APIs to to get current cell location.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agent_smithadwarebankerevasionransomware

behavioral2

agent_smithadwareevasionransomware

© 2018-2024

Terms | Privacy