agent_smith | a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177

Analysis

max time kernel
872769s
max time network
166s
platform
android_x64
resource
android-x64-20220310-en
submitted
05-06-2022 13:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177.apk
Size

4.0MB
MD5

44bce3a306b0d706c0937a2445bc0743
SHA1

902d91fe8790efe5a1cf76b963bbb63226ffd18a
SHA256

a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177
SHA512

b8456ab455d8e6ec277fdb5e2d4951da4cd6899563d0aab7793297cb9684a93f733a3761b0ee21792fe3e6e759a2c381e78f0613f082338fe5aaefcd981afeae

Score

10^/10

agent_smith adware

Malware Config

Signatures

Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
adware agent_smith

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.android.google.coreappx

ioc	pid	process
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip	6314	com.android.google.coreappx
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip	6314	com.android.google.coreappx

Reads information about phone network operator.

com.android.google.coreappx
1⤵
- Loads dropped Dex/Jar
PID:6314

chmod 0755 /data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
2⤵
PID:6407

/system/bin/sh -c getprop
2⤵
PID:6421

chmod 0755 /data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
2⤵
PID:6446

getprop
2⤵
PID:6421

/system/bin/sh -c type su
2⤵
PID:6484

/system/bin/sh -c type su
2⤵
PID:6503

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.google.coreappx/app_crashrecord/1002
Filesize
235B

MD5
4872b0dbbdc91a68a7cd48ea15107a9d

SHA1
cd0b6274189d7ca1734f166f0d64af9c03c9789e

SHA256
eae07d1c283a1a2d1849bfda6ff8f1c37da43dbb8ae4f0c379776d7f84e007db

SHA512
76bec15d02a277140e584a25ae1782ba4386bcdf9a4c8acb8c4551a5bc9701e75dba9cbbd390da42851fd36ac23322814832e0b3d3b57e8ecfc5198754dee1f2

Download Submit
/data/user/0/com.android.google.coreappx/app_crashrecord/1004
Filesize
235B

MD5
f06d39491a14806ed00bc25f6b0461d0

SHA1
28204edda02a904bd8599614bd3b2f8b40970172

SHA256
f458c5f0c0e7d5d1d4bb9a0ee6cacfe6f6f864162c27904bfe165c7dead7d61b

SHA512
8f4689abe3917f0105be51b6ea6f9f484819462bc6745a6eb68d139a7f72efe56d28136f74741778065f8345b91fad109c8c1db3773d41442b8ef0f899b89f10

Download Submit
/data/user/0/com.android.google.coreappx/databases/bugly_db_
Filesize
184KB

MD5
8a87fdb32e2a7c4133092a9b6bd7cd59

SHA1
214642a944ae5c60188f43d2ad1fd82618cb3bdb

SHA256
1a86143f01846b0ff2784476457b0964100fd6ff6f2656a751a1386db4f497cb

SHA512
ab0f2122dc637cfdc42542b4e298783131c438fe47f9455b77574a125c39c6016cb1a4db8408a0d455995e63848395f95d4d80bcea1bac2912a98dbd73e30d8a

Download Submit
/data/user/0/com.android.google.coreappx/databases/bugly_db_-journal
Filesize
1KB

MD5
ee502751466c74ebb1d88179486bf74c

SHA1
dddacc140f1135d50bc16d69b0c5e3e552784c5f

SHA256
8afc5ffede108e2eca0262f8d5b50217bd7a837213b3997ca5ba74f07243f4d6

SHA512
e9f4cf4b5bcc7c1d11cd7aad04a76b3b0efb0252cca6582bf8343ce28ce6ad288095d9bf0475789c8b0b1daccaf901b024cc7c59f93788daa9d95fefa09da617

Download Submit
/data/user/0/com.android.google.coreappx/databases/ut.db
Filesize
72KB

MD5
0356315a0c6c8d11b97518f9eb420812

SHA1
87255b36bb7260f8b57aac6046c3c289dc44ee59

SHA256
b2257a229f3de022e68d0fbe475e1c48f36fbcb528c7a2f663b7dcc638ecbe92

SHA512
91a4a6fecc95480146942a1a30461c1031c44927a8f75dd7a290cf3c4e1277589a8d35aa3fde1b6d9168d43de51133569e175a2c00a322c03c4352ca383a6d2f

Download Submit
/data/user/0/com.android.google.coreappx/databases/ut.db-journal
Filesize
1KB

MD5
7791eb8232ee440a2ba33beae913f92e

SHA1
825dc2069bf7ba94869a670eea221a1cf2cef653

SHA256
5dfe0acdfe011756c03ecb59a118b7be8eab3e4f1008b7742cd9ee86f9b2829d

SHA512
38f9afa5f46ab6f339f4ac9a8b60d07ce47b1b41fe9192141f3f2f834a1551414a324f909cde8fdb8e7b0db2c24193aae5714fed8d327fbb3fa3f65ceb465cfe

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
Filesize
607KB

MD5
348d61335ce9a5660103fbb95dcc4b18

SHA1
605c6d9eb4f2f54b3e001a332bc88530540455ff

SHA256
47c933db74d4ec6bd892d1283b5edd55e6707184d4560639ca97ddefeab8edb8

SHA512
9081f4fa0b986a602e0e3677fa2218654b08fab1966a3e814b0133273f1e3fdf60e1c2c0b14d92052e968fa4063b5af5a700aaf6167b0b378d2f318cdddcf70d

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
Filesize
1.4MB

MD5
b035150edabab741dc96dc61472e89d6

SHA1
3faa091326f3508dc341d623dcb3c0e8c589ea3b

SHA256
185c13f196f3de999fb2a689ee5a7075694c30fad79eff7d353ffd5cb3421efc

SHA512
873103570f2219c3992b8186babbec694d5cc4aca5d88b50547adf5990a8d8604e56870520a6bbcf738f0b9304d869927cd948757d97fc0e12f82ca2a40f61c4

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
Filesize
254KB

MD5
6bcefc3c9979545aed8635ec9f89afb9

SHA1
7a7aaa2a26d2a72d8a00151c2e615cdf5942dfa9

SHA256
de1b4e933ffd3d85b34e303aacc9800c76a49d74ab45216a39d486eee5c8106a

SHA512
aa333241ed09f4a1d4c1c2191948bc3956d0c3b051906002e438056f1c69373dc81d4acd2462952be0f250281b03566942a0c9c06c7663d95cc7449af8b12df3

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
Filesize
589KB

MD5
e1d6df766e2a46f57ad2f38114a59967

SHA1
1c23b2bf20610cfb4bad6d94ff77531f52edf2b7

SHA256
890d454f49fa3388ec7435403f90c2dabbcd6b4ee859b6419dcf732947aef597

SHA512
184c97017940b085922f61e79facfa19d5703f006e400cbf894bff81ae22a79b054015904f3de700057895b22980286bd7fd7e0ebd86c2c9875529102cd549c9

Download Submit
/data/user/0/com.android.google.coreappx/files/ap.Lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.google.coreappx/files/security_info
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/Alvin2.xml
Filesize
115B

MD5
3649664b85246edda9326e2dde6ee743

SHA1
0b5a5121e56d34b32d3a7abf21df3fda4980e259

SHA256
025256d0efb1ac6f55c7714ba0e789d97a268b35dc532030064208b6438ceb12

SHA512
0478bbdabc6c8e756d6b42ef6ff757946c94f25393a3d996842409a3b0530b6408c2dede1382069f5a6293a36c272447bf41d9c13ab9a766ad028956e88191e6

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/Alvin2.xml
Filesize
175B

MD5
a7997e96ae9b6e63ad1532f683acc5c2

SHA1
8f4ad7da692e490cbcd07a0176cc20db9ee3c3c3

SHA256
2fe7db0624ab1d14678d51dc713935f905576e24018fdfe9db7b8a45a9276f37

SHA512
2f90c90ce49ef529db42584236a1bca7198aa7336b80f75e3c93f38d4ac54d7cdebb0aac19cbc731164e482a196ffb367fe9e2703b09afda043a9531252c4e20

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/BUGLY_COMMON_VALUES.xml
Filesize
103B

MD5
ffbd4279dd2c5e747ff7a6a4407b5073

SHA1
58a0bb21c6d7c66a636c6b2c190d0b3db90db997

SHA256
ef6f212789b6bb61a578326525bcf920ebd86480442900f653973bc63f3b8e03

SHA512
465744752ed2c8a5eb53c520282fe3077c993086b6f410d873d8d6278d33d4161dad5d2de1d61c84ced7d910564e5470e5229b939583399cd25169602e786b62

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/ContextData.xml
Filesize
115B

MD5
3b4827422f7a26cbb241801540be77dc

SHA1
670c051522dbc210cd8070cd87af91d669f26cf0

SHA256
66c55cbee793ebeedebac493bf30551157f79d8a51055809da9f4cff09714af6

SHA512
21369740ae9890c3369648e3dd2f10a73a581e963cf4c6e89f6fc1b503164af6761f7868b6bae256ab225fcbdd37afdf2eadc42dcd141b605dc2a1df5e9930a3

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/ContextData.xml
Filesize
221B

MD5
bac42de94d711c00e965e24798ab9cba

SHA1
969f76ef934801a30dec34ee3b2f14d55c26f783

SHA256
8c7d8c05f01a3b39ea9dce03c5bb41bb91bd7e40a13f3983afe0539ae05ff4b8

SHA512
83c7f23b290a8abe2edeb50a93575c16b5d76bdd9c69f69418287daa226ea0ea51774dd701881bc181751d722b47d1170003f6cb88671a7338b22e4e3969c54d

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/UTCommon.xml
Filesize
135B

MD5
be89678f9042fecd787e72e4ad19905c

SHA1
d3bb9a0e9768a74b2ed2587459c010ad39eaa49f

SHA256
3bd22db77fc3b3e02a364b81f46cd84de6de71b94b611f0533691b21db1e790b

SHA512
7bea0e9ab2f2415fd170da761381f8f54dcebec766a3b6dc8f836e52909d94d107e491f295491199a1a09619c978c35a7f6142696b1c5c0eae6417c94f1c3887

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/UTCommon.xml
Filesize
200B

MD5
1b0ab5a439720aa63a3f87cdb29091f7

SHA1
23799d6534f9096e38a9f9e81f052f202f6789f3

SHA256
f7c32b0a45ce043f22299bd7ec171dfca5700c3b685309a325ac44f2ec98a5b2

SHA512
c41bfed84e52bf6f490290e7244b1baa03cdf59121c81ab723af25df114d1c38883144d8fe37f803d7df2ea97e52b94a4bda34dba28fbac2f8a81ca0c6aaedd5

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
144B

MD5
aed2a3b17597309c7dd21c3916dbd1f7

SHA1
3976d54fffb28fd55e21d1fa8aca09a4e5f80e8f

SHA256
f21a2e86131344a81ecc9b71954f56e72db82460e0d48cabe1e2a5de0b74a5d4

SHA512
aac9e7b9a15e430fa49e695d94018850035371507fefba054a0c6bbc45bed14aa0ab47a9d6888661156011106d3195dda2b1b4752061aad4498bc6f1b2522994

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
190B

MD5
b817ec2c0fa57b241716358f27dc7a01

SHA1
470b1a451966a0baecfb310a526f5c88dbbb38b7

SHA256
3e5281b0ec28051fdc4817c84843f857eb325ca15803dbae45890d2791a18b6c

SHA512
b47d59a4e37d208878ea6d43e60e82e809074a525ae2fd155661ae974c28942e6d8de17d587f77efc9e078ceb9d17ffddeb229e22e9680e27fe36e82776bd430

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
252B

MD5
dcb29c9223ad9511325204df3bbce7a1

SHA1
e4ba49d015c3c81be249caf34083c7d5a8eab2ca

SHA256
7ad050bcdac45c23a2606ecea7670f248db3fa0b79c49cf5d1b44f056fb7be13

SHA512
26f31686dedba99f82e62e5e1de6feaf41cdc128b5cd4a89a6c84a87e0f1f3604328de1d4ae01d0e4b39e541d5e5042cf3b32d01f7005c6f35e557c7b3d41d13

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
336B

MD5
e1a83953e63c6f860426928dc8fb0c0a

SHA1
bd0ee2d712e480b5a0ec19d1b92326732a8b8e99

SHA256
05845b5e8364ce0685607684764a5b06cb3326cf14c6382b5bc134f363436302

SHA512
7127bacb1b5b4569c927b63d11592a3dbe4eaf3b33cb1aef59e13e10f2259e5f7b939dee5c55e08a9e06585069fef283d2f7fb0ee31ca64651acf98eedf948a5

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/com.android.google.coreappx.BETA_VALUES.xml
Filesize
118B

MD5
a887ba8ba2f6852ca7b0226906adb4bb

SHA1
7817af445b1a55ee2d5c94e7bd8b3dc60bd0a6b7

SHA256
068456c8cf5f1d5658211bac28984998659e9c8441ad3989366a864504c61daa

SHA512
9a977d9985108fe986b1717b5edb9336018c8cb87f59ae1bd0fa3469635e0ddf8958b85180518478b9fb1649c729358bad6d6275de99306ec4865b4b01fb18b2

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/com.android.google.coreappx.BETA_VALUES.xml
Filesize
314B

MD5
9653752fd35b3a6b87f416f7dc5ae937

SHA1
f107e8925455fb89aa7f7f026a0e38f47f8c84cb

SHA256
2d46c79287cb7fd412b8b00a9ea265b2a60227f56d3f1a3eb38c051184cb2500

SHA512
7d837965a0d6d3429ad9198b7efa580bb3ce8a0d44a4e50e6729d5d00971ad0ec7a42b6fb3a4ee5dce68daf7bf2741ded382b923f201808041154abb1dc06bdb

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/crashrecord.xml
Filesize
139B

MD5
7c35b76d3baef7b19d229ef3c0df1e6a

SHA1
597a8ef469bb2eb7afb5d70927f29fed99cd31f3

SHA256
004f162bfabaff222daf814bd3e1872418f939489083eee8b9fae48f08050e5f

SHA512
5bfcf7c70a737065d085371063b4c7529192c358146c59918a5d8837c86511c31d3d5f0a416fc8e68f611a3eac57dcfb25d1c33b5cf705b98ae07bde9ece1680

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/crashrecord.xml
Filesize
208B

MD5
dc3f33a30dee2fcb528324f90e24e736

SHA1
a7396e15e7f62a989a7c02595764a74bb5465e66

SHA256
ae4327d819c918d3c7dcd35e55118ace2a253be0529f03948d994d2bccc057cf

SHA512
bcc986291f4bc1593657a2216ff86281664cd7c1b52f90645282c6e85f612e87e42b4ab882387135a5d0df2e4b16f01021d0a28444f81d89d2becab1181d4b26

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/multidex.version.xml
Filesize
156B

MD5
a106af851b312ac00b0202d2849363de

SHA1
c3da16d5c738fddc79474a6732e94d628dd45b3a

SHA256
f0ceec359d106dd74a48445fbf886ca4be98dcbb6cad8efd2ca60a1026de8776

SHA512
40af40c126e352670f71ddfffb818cab39fbeda836fa7032018e8ce46e65b8ccc4ceafa21aa853b5501f718babc3e1caa38a018dbd4eff19388126ec33334c46

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/spread_shared.xml
Filesize
114B

MD5
bb814258514f37b495a3bc2a34cacaa2

SHA1
04a0d5d7de4d977c13285ecd5d894e55281be0e0

SHA256
55ae920df1f6f1248b5af9d48132034e819fdb43fad6b0027c026a9a848fa81c

SHA512
4ab63150a26e93d6a6042d7ef4e6e6d9ef029a6993080107639c28835f93207628ae58e54d30509c8c6422792a051ee9c41bd4d3c41c3dbcd8a7abd21f633253

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/spread_shared.xml
Filesize
189B

MD5
1daffdd14ed11786db15c3fe95e59b83

SHA1
92bda47393b3493ce0f7baecef0e1275d36dcd6b

SHA256
1243a69291fca5500d3b35bf0a9f230c74bf8384d721beed6bffc00b6436ba97

SHA512
5463280bb0c0f99c27986e66990d6b2d780811a284dc9f3cbaeb9d4208bcf8b0d90f7d8969a1bb78e9bd250214af03e783c6f477d8f741e9d7f60c832ed7bb39

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
568c33d3f359e5ea87eb4c01d760c410

SHA1
13f3ebc83169f8b2e56cac6a0277a9d54d97218f

SHA256
fd17b8a86ddec951dcbab01c2c909f701f44016ebf1e46e50bc45762ed5be219

SHA512
721f45fef852d88075f81044d29bc7c2c4d06793b57939db30a6ec61f1ba4d7b8ac6a7c8cd708ad286d7ba915f85123c5d465329bb5c30a5ddc2f396b024cc13

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
4b0b98328e48ab30b220ff74aa98091a

SHA1
a6f92ed57c2b99a54bf44cf4ca4c5e254c0b51d9

SHA256
af1e84a1c4112889467b2f1b539542971a47f7aac0c806940876e2d841bd0119

SHA512
58e2c7fc93706a0dee8e761ce9fc048dded476d595be53d80dfd74044a9312ed82ed0dde5a11f55d83cac0cab79d8ba7a165c15686213a86deba1a9d8b682e29

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
641bc2d17537191e6b42d7e6e9c84c5a

SHA1
139c7a25c729c396776295adc4b93b662a7c5010

SHA256
d04c84b50b4f639b54763867e1e114e03c9490fba78b4d6ad915ba385e8ee455

SHA512
67515ba2ec166b1aa51060a9801321cbee6197dadb1cbaa7c8707967a92a8c9966fe4abf1c6455a35ae4698369366c9e1ecb6e8d3182366c76355ecbf2ba5412

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
88f8def5496c331cf9d1ef1239ec4258

SHA1
b8e1c90a5b4712742c545ed50f674f42615836de

SHA256
97548b7c5548c73876719777e03533ca1567e20c4103d845072675caf53f0351

SHA512
4b1a978e62f583e7aa3e384de61ead721e3d569941775a8f467453da279285a9574389e6bc4a37b7074d34ac3f4ce3bdc71890440880833014d798a70908d057

Download Submit