Overview

overview

10

Static

static

7

b8eae55735...44.apk

android_x86

10

b8eae55735...44.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8eae5573540392431c71dc4cbe0ca64db95ae494d8e0d8403f7041a16756f44.apk

  • Size

    12.7MB

  • Sample

    220605-p2cbaaeffq

  • MD5

    635c29e3cd9ab549b8dcad704499fc66

  • SHA1

    17f7061f5491dadd6f2e989243e275e666c01e31

  • SHA256

    b8eae5573540392431c71dc4cbe0ca64db95ae494d8e0d8403f7041a16756f44

  • SHA512

    e0a44b61a825c7450dada76de9bc0edff4ef9a244cac9dafd83e10d5b46b46a07178e01219816c7f162bb86f99841a51bf7d1a7b3808ce2f0ae7b90339238aa5

Score
10/10
agent_smithadwareandroidransomware

Malware Config

Targets

    • Target

      b8eae5573540392431c71dc4cbe0ca64db95ae494d8e0d8403f7041a16756f44.apk

    • Size

      12.7MB

    • MD5

      635c29e3cd9ab549b8dcad704499fc66

    • SHA1

      17f7061f5491dadd6f2e989243e275e666c01e31

    • SHA256

      b8eae5573540392431c71dc4cbe0ca64db95ae494d8e0d8403f7041a16756f44

    • SHA512

      e0a44b61a825c7450dada76de9bc0edff4ef9a244cac9dafd83e10d5b46b46a07178e01219816c7f162bb86f99841a51bf7d1a7b3808ce2f0ae7b90339238aa5

    Score
    10/10
    agent_smithadwareransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Requests cell location

      Uses Android APIs to to get current cell information.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks