agent_smith | a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177

Analysis

max time kernel
872544s
max time network
168s
platform
android_x64
resource
android-x64-arm64-20220310-en
submitted
05-06-2022 13:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177.apk
Size

4.0MB
MD5

44bce3a306b0d706c0937a2445bc0743
SHA1

902d91fe8790efe5a1cf76b963bbb63226ffd18a
SHA256

a3e95b5774c3f4d0f742fbc61ec0b3536deba4388840a398a8ec9c3eb351a177
SHA512

b8456ab455d8e6ec277fdb5e2d4951da4cd6899563d0aab7793297cb9684a93f733a3761b0ee21792fe3e6e759a2c381e78f0613f082338fe5aaefcd981afeae

Score

10^/10

agent_smith adware

Malware Config

Signatures

Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
adware agent_smith

Loads dropped Dex/Jar 2 IoCs

Runs executable file dropped to the device during analysis.

Processes:

com.android.google.coreappx

ioc	pid	process
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip	6697	com.android.google.coreappx
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip	6697	com.android.google.coreappx

com.android.google.coreappx
1⤵
- Loads dropped Dex/Jar
PID:6697

chmod 0755 /data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
2⤵
PID:6755

/system/bin/sh -c getprop
2⤵
PID:6768

chmod 0755 /data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
2⤵
PID:6798

getprop
2⤵
PID:6768

/system/bin/sh -c type su
2⤵
PID:6866

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.google.coreappx/app_crashrecord/1002
Filesize
235B

MD5
fda4ad24d949728f48bb79228beaefea

SHA1
dd4063569ae5c6245a665b6b8fdc63f48eaaf480

SHA256
8745c4ce582e680c7d4f1c16773c58eda06d5e5bd9ab924427f0d1051e7899a7

SHA512
a6cc697eb3599cc66bc3859cf863bffb2859d819654bd25a1c01ff1d396c8939fd7257bd4b6c950c5561b9a9b83c2fe115e57c9b3dc3132b0fc1d735ae2abd0d

Download Submit
/data/user/0/com.android.google.coreappx/app_crashrecord/1004
Filesize
235B

MD5
94a3506140ee6623c2381b14be1bad27

SHA1
62f49d39a11921759bbe9b45daf4ccd0400e567b

SHA256
04dbf3ba9aebb8abf69d30308f10d9cd91319e34b188d41505e6fecd1551e6ee

SHA512
42a0db3caa6b9cbc65fcdc5ffd49dd1cef0823becaf6f8efb3ea54ad25b35315510564a8f9948f111e9f465f5072d5b03e9580eb2a77092255432b9f051115ba

Download Submit
/data/user/0/com.android.google.coreappx/databases/bugly_db_
Filesize
232KB

MD5
c915550ed194624b8630c05a660c01ae

SHA1
fc19a35bf7a7698959dd9ba899825ff5e12a1ecc

SHA256
db8380045ab4142fe55acbcaa646289bc48cccb74069baa89db3f676331184f6

SHA512
d85df29175d4cadf8fb0646e820bc1eba0c494667b9219d53eb3ceccb496448f981eaa22db1fd5718f346959cee3b5c1a7965f26ae09d96def87fb30c1ce70c3

Download Submit
/data/user/0/com.android.google.coreappx/databases/bugly_db_-journal
Filesize
1KB

MD5
3748e0bffaa3becc8587e605fad52ee8

SHA1
94ae6e3a7d440719434af0889b50a1fff4e5ee9f

SHA256
abe265d0f9cc7fe30b361c93773ee3d6d23528b746f10257a461499b5e570a2e

SHA512
93b568a2f9737af854a16389705330ba001b16fb994aeb95c785c91c500eb0630c0a29671b9e055f2a26037afec0f36352fa6034c95403988098518ef1309d9b

Download Submit
/data/user/0/com.android.google.coreappx/databases/ut.db
Filesize
72KB

MD5
4d80e6c0c995df3fb8b5c4148b1f3854

SHA1
579f343497f24a2c99e56af781e17a31ef5e4d14

SHA256
56dc17166d80bf3693e03aec7fcfefc861d33a10294babde4dbbd21e49f4bbd0

SHA512
19ccdb61e220cf8c02d58b9503be7d41d88172eca9026858e0844ffaf3bd3e015d3300310f45c9b654bbaeb67c3bf345382581d2d69ce7d1d288821ac80fa3b6

Download Submit
/data/user/0/com.android.google.coreappx/databases/ut.db-journal
Filesize
1KB

MD5
e0e49518e9750c4f4252222a6c0c7a37

SHA1
0a99178b7cfc65df850e5d2731c322bf7b28cf87

SHA256
90cfe63d4e54bed1b07ef0d755e958161982c0d8a4e844acd09cd590c4ccb2e7

SHA512
85a31229e3b9daa20e336d0da59d681fd6ab11f22019d879e780104dde2f13f2f58922f0a3d23989ad6722fa89a6da0e66fe8f86b871583130ae9d48373070ad

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
Filesize
607KB

MD5
348d61335ce9a5660103fbb95dcc4b18

SHA1
605c6d9eb4f2f54b3e001a332bc88530540455ff

SHA256
47c933db74d4ec6bd892d1283b5edd55e6707184d4560639ca97ddefeab8edb8

SHA512
9081f4fa0b986a602e0e3677fa2218654b08fab1966a3e814b0133273f1e3fdf60e1c2c0b14d92052e968fa4063b5af5a700aaf6167b0b378d2f318cdddcf70d

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/adsdk.zip
Filesize
1.4MB

MD5
b035150edabab741dc96dc61472e89d6

SHA1
3faa091326f3508dc341d623dcb3c0e8c589ea3b

SHA256
185c13f196f3de999fb2a689ee5a7075694c30fad79eff7d353ffd5cb3421efc

SHA512
873103570f2219c3992b8186babbec694d5cc4aca5d88b50547adf5990a8d8604e56870520a6bbcf738f0b9304d869927cd948757d97fc0e12f82ca2a40f61c4

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
Filesize
254KB

MD5
6bcefc3c9979545aed8635ec9f89afb9

SHA1
7a7aaa2a26d2a72d8a00151c2e615cdf5942dfa9

SHA256
de1b4e933ffd3d85b34e303aacc9800c76a49d74ab45216a39d486eee5c8106a

SHA512
aa333241ed09f4a1d4c1c2191948bc3956d0c3b051906002e438056f1c69373dc81d4acd2462952be0f250281b03566942a0c9c06c7663d95cc7449af8b12df3

Download Submit
/data/user/0/com.android.google.coreappx/files/.MultiDex/patch.zip
Filesize
589KB

MD5
e1d6df766e2a46f57ad2f38114a59967

SHA1
1c23b2bf20610cfb4bad6d94ff77531f52edf2b7

SHA256
890d454f49fa3388ec7435403f90c2dabbcd6b4ee859b6419dcf732947aef597

SHA512
184c97017940b085922f61e79facfa19d5703f006e400cbf894bff81ae22a79b054015904f3de700057895b22980286bd7fd7e0ebd86c2c9875529102cd549c9

Download Submit
/data/user/0/com.android.google.coreappx/files/ap.Lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.google.coreappx/files/security_info
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/Alvin2.xml
Filesize
115B

MD5
1652a0d8b82cbf5c2a7e6856775d463e

SHA1
d6dbd7c6f67acfd1e09b922c0feffd90281fb315

SHA256
be2bc383cb378f7252fd12f02ab52e4b60d00bcacff19467070838135f44e897

SHA512
56549168441b9f65c9d48d4bb2b75162b47d22b72cddae9916ad5cc0e140b7d217b422d305e074ccd58ffc2bf15da2d607233cd24c9a09f957d87357edac3057

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/Alvin2.xml
Filesize
175B

MD5
d95a80d244718303a048cab00bb39fcc

SHA1
294c84aaeba6ddc224d1fea50eabd3d3e0bcaa0e

SHA256
adad85490368deab1afbb9c3a64f68da5d9e410a8bb25a62d72e0296b0b1404e

SHA512
6accda49f4db577401aab543e34575cfdde7fd09c615cf0e05fbfe7e5b612c21e356c7a6e1774715662e9bfa875eef949ea29d87244303c3f0e4ededa2d89818

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/BUGLY_COMMON_VALUES.xml
Filesize
103B

MD5
ffbd4279dd2c5e747ff7a6a4407b5073

SHA1
58a0bb21c6d7c66a636c6b2c190d0b3db90db997

SHA256
ef6f212789b6bb61a578326525bcf920ebd86480442900f653973bc63f3b8e03

SHA512
465744752ed2c8a5eb53c520282fe3077c993086b6f410d873d8d6278d33d4161dad5d2de1d61c84ced7d910564e5470e5229b939583399cd25169602e786b62

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/ContextData.xml
Filesize
115B

MD5
d1631c93387fe2c22e469ab14a1001f2

SHA1
4a1af9d9d201cb3b8d7ebcf1cf0f4cda3ec156a1

SHA256
be97b791cb9f053ab945e7095d31bd94635a60a3164eaa8aef47d9c8a364b860

SHA512
cd7b88d420b8b159a6e4c67ed1ceb2ff252132eb15f4adfc1233ae08a06b6f117e15f39a1c0199ac395492144fcfcb9cab39d75cad29eece213dfb12498f24ce

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/ContextData.xml
Filesize
221B

MD5
a39c8a2f26a94f47afc0fd68ce1aff1c

SHA1
7c429d0a9c64f77baaceb6b3b34909a10d9fbbaa

SHA256
a1b848984aa3865757333d9de0773c3c3a3d016b150a70e413ea4572f80607a4

SHA512
0fb36e0f978feb46769943aa701897fded2e683938f5f659e6e3757c11a114d7b45e1232bc257ad68eceef2be435c74644996da1e5b2925a17b590f9fe699147

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/UTCommon.xml
Filesize
135B

MD5
0eebc6bebe2aa76672d34711e3c77957

SHA1
d8f43085a6091c43044fdfc0f09c1c3faedfb9ba

SHA256
5ce4247e57b5c36f852432e7a17889d7b0dfb17e383dbce1722ba4fbaf5f3abd

SHA512
2b43485876336f20f11b441475bb3c70493d45ab1e01675796e3965dbbd749f7ac85ae97e3081e4f86dea7539ed0f063ea6e5f0ab98723a59c2de665177236ee

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/UTCommon.xml
Filesize
200B

MD5
c3297356de8bf98d69b519e692e73676

SHA1
a71cb0a3745b1551ddad3915d685e24b9262401f

SHA256
8ddef838df27d63a574ec2d0c40c19278aebdc608ffbcc47b38ddee5f796ded8

SHA512
c14c540d35a9859359f0e801557be333871a2d52440cbb8061b1c833348b69c8a65fb80ab2fe4c43add2e8325ffea42b6b3801a74776c7e7fe482a596e55de9e

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
144B

MD5
aed2a3b17597309c7dd21c3916dbd1f7

SHA1
3976d54fffb28fd55e21d1fa8aca09a4e5f80e8f

SHA256
f21a2e86131344a81ecc9b71954f56e72db82460e0d48cabe1e2a5de0b74a5d4

SHA512
aac9e7b9a15e430fa49e695d94018850035371507fefba054a0c6bbc45bed14aa0ab47a9d6888661156011106d3195dda2b1b4752061aad4498bc6f1b2522994

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
190B

MD5
b817ec2c0fa57b241716358f27dc7a01

SHA1
470b1a451966a0baecfb310a526f5c88dbbb38b7

SHA256
3e5281b0ec28051fdc4817c84843f857eb325ca15803dbae45890d2791a18b6c

SHA512
b47d59a4e37d208878ea6d43e60e82e809074a525ae2fd155661ae974c28942e6d8de17d587f77efc9e078ceb9d17ffddeb229e22e9680e27fe36e82776bd430

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
252B

MD5
dcb29c9223ad9511325204df3bbce7a1

SHA1
e4ba49d015c3c81be249caf34083c7d5a8eab2ca

SHA256
7ad050bcdac45c23a2606ecea7670f248db3fa0b79c49cf5d1b44f056fb7be13

SHA512
26f31686dedba99f82e62e5e1de6feaf41cdc128b5cd4a89a6c84a87e0f1f3604328de1d4ae01d0e4b39e541d5e5042cf3b32d01f7005c6f35e557c7b3d41d13

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/channel.xml
Filesize
336B

MD5
a675c6ebf1598e8dca6d34e626b234e7

SHA1
2441e73a716c43501ce45037d7becf0a359a5a00

SHA256
f5cfbeee0b12a742297968f3bc64e1e9eac4544e4c8e30aafbd503b00417bcf8

SHA512
535f3399fbb9e80573bb624d24f884f3d37d7c1dba6a081f2c368e1ee1c8aee9d6a567d64257e76c51dd9f1fb8824ffae53fb4714f82832a989ddb994f0365e3

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/com.android.google.coreappx.BETA_VALUES.xml
Filesize
118B

MD5
a887ba8ba2f6852ca7b0226906adb4bb

SHA1
7817af445b1a55ee2d5c94e7bd8b3dc60bd0a6b7

SHA256
068456c8cf5f1d5658211bac28984998659e9c8441ad3989366a864504c61daa

SHA512
9a977d9985108fe986b1717b5edb9336018c8cb87f59ae1bd0fa3469635e0ddf8958b85180518478b9fb1649c729358bad6d6275de99306ec4865b4b01fb18b2

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/com.android.google.coreappx.BETA_VALUES.xml
Filesize
314B

MD5
9653752fd35b3a6b87f416f7dc5ae937

SHA1
f107e8925455fb89aa7f7f026a0e38f47f8c84cb

SHA256
2d46c79287cb7fd412b8b00a9ea265b2a60227f56d3f1a3eb38c051184cb2500

SHA512
7d837965a0d6d3429ad9198b7efa580bb3ce8a0d44a4e50e6729d5d00971ad0ec7a42b6fb3a4ee5dce68daf7bf2741ded382b923f201808041154abb1dc06bdb

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/com.android.google.coreappx_preferences.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/crashrecord.xml
Filesize
139B

MD5
7c35b76d3baef7b19d229ef3c0df1e6a

SHA1
597a8ef469bb2eb7afb5d70927f29fed99cd31f3

SHA256
004f162bfabaff222daf814bd3e1872418f939489083eee8b9fae48f08050e5f

SHA512
5bfcf7c70a737065d085371063b4c7529192c358146c59918a5d8837c86511c31d3d5f0a416fc8e68f611a3eac57dcfb25d1c33b5cf705b98ae07bde9ece1680

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/crashrecord.xml
Filesize
208B

MD5
dc3f33a30dee2fcb528324f90e24e736

SHA1
a7396e15e7f62a989a7c02595764a74bb5465e66

SHA256
ae4327d819c918d3c7dcd35e55118ace2a253be0529f03948d994d2bccc057cf

SHA512
bcc986291f4bc1593657a2216ff86281664cd7c1b52f90645282c6e85f612e87e42b4ab882387135a5d0df2e4b16f01021d0a28444f81d89d2becab1181d4b26

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/multidex.version.xml
Filesize
156B

MD5
a106af851b312ac00b0202d2849363de

SHA1
c3da16d5c738fddc79474a6732e94d628dd45b3a

SHA256
f0ceec359d106dd74a48445fbf886ca4be98dcbb6cad8efd2ca60a1026de8776

SHA512
40af40c126e352670f71ddfffb818cab39fbeda836fa7032018e8ce46e65b8ccc4ceafa21aa853b5501f718babc3e1caa38a018dbd4eff19388126ec33334c46

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/spread_shared.xml
Filesize
114B

MD5
bb814258514f37b495a3bc2a34cacaa2

SHA1
04a0d5d7de4d977c13285ecd5d894e55281be0e0

SHA256
55ae920df1f6f1248b5af9d48132034e819fdb43fad6b0027c026a9a848fa81c

SHA512
4ab63150a26e93d6a6042d7ef4e6e6d9ef029a6993080107639c28835f93207628ae58e54d30509c8c6422792a051ee9c41bd4d3c41c3dbcd8a7abd21f633253

Download Submit
/data/user/0/com.android.google.coreappx/shared_prefs/spread_shared.xml
Filesize
189B

MD5
9ef0b8fd26fe901395a38093b596fa65

SHA1
45c3e6ff98eb4cdcf13f131039078d3961b56c03

SHA256
3267b5f8efc0ba743d01568d4947f72e9acd41ca1040f4051e6c546368f51bed

SHA512
6f56387520e443a9495f5e2cf9e043de60dc4839c8a00f559c8f63a7ecb6b0aa95eb32053b4fb89e9feada317ac39976962f97ec3c4318b917843bac25baf4ad

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
111B

MD5
1ebff0dc4223e24852340582ebba2580

SHA1
9830ab41142e4a7f5d0abf94efa3c4e36197d1ed

SHA256
5d102e64f41a50cdf3b03eedec7cf72ea3340c924ccc23251b35f89c186dea03

SHA512
bc33821e19f7c63532bcfa6ec9a81ca2ccef5d4fcc7952dff3112f7e39bcfc35464991f34b6f15a1b80951d100a93014a85f1e6c3f462d61166224ccf10de879

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml
Filesize
213B

MD5
a5b7922f7637f9898ecdf2c6db4859da

SHA1
9e9051b26ef28d6e35f0d33b87f6b9b137f123b6

SHA256
cb0e59593a2a11e4e148eb342f2bcffe6fee0ac464b1d47370422862d19b2427

SHA512
ad60f7cf6108d960c5e9f916e0966a02aeb6c4b8a739b22c7da5f7f6370a62ea6e27369f583be6f050d09ebd8eaaf7b18b09ef0da1b9c1271fff3d7ebd9d3e3b

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
111B

MD5
8a61cca7cc843c759249e695c7614b4d

SHA1
23d2fd31419245333c602c4e42d879754a28b0ab

SHA256
041d7cc116c89403f6d972fb2462722a4ca4e148c88328e91b102eab03c0b00e

SHA512
61a6925a326ad950eb3acf2d2423d1b5c4327eb81d720291dce1c7a092ecb19fe6d6ee4aaf76c144fafc1cc1be1dd7ab4cf7ea1943150acd1ac90cb630a4b296

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
Filesize
167B

MD5
f1e017826b30b9d1efd63e7dd446fb29

SHA1
4e2fbb3f137764d7e36fd2aabef1f7bf65ab3034

SHA256
c859a8df39245ca82f887013f50a27f0e62614dc0c426e6b47bb49f5fed5beb4

SHA512
f00b99093b627f77a8234f10d78d3ed7a31d567816da963a9316a91628934a424412bf0debb0b6809a92a81494a4f8ad7b4913b7a89f88861dc1deff28fa213c

Download Submit