Overview

overview

10

Static

static

7

b95bc09c51...4a.apk

android_x86

10

b95bc09c51...4a.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b95bc09c5179e3474c117fde93aabedcb685c56dbfba854ad5fac579802c1c4a

  • Size

    14.8MB

  • Sample

    220605-rg8vvsfbhr

  • MD5

    15a29c1ed7bc35099267497a6878ef16

  • SHA1

    0b23afb69d5c3fe82e13cdd2cbf82d4351f25f84

  • SHA256

    b95bc09c5179e3474c117fde93aabedcb685c56dbfba854ad5fac579802c1c4a

  • SHA512

    1e1f7bc572c6a4018b76075e829a03fe336bcff27ea1af79daf1840b08049417d6562fa575aa9215c856ac31be5881aeb73189aa28ff62220971b49832f4348a

Score
10/10
agent_smithadwareandroidevasionransomware

Malware Config

Targets

    • Target

      b95bc09c5179e3474c117fde93aabedcb685c56dbfba854ad5fac579802c1c4a

    • Size

      14.8MB

    • MD5

      15a29c1ed7bc35099267497a6878ef16

    • SHA1

      0b23afb69d5c3fe82e13cdd2cbf82d4351f25f84

    • SHA256

      b95bc09c5179e3474c117fde93aabedcb685c56dbfba854ad5fac579802c1c4a

    • SHA512

      1e1f7bc572c6a4018b76075e829a03fe336bcff27ea1af79daf1840b08049417d6562fa575aa9215c856ac31be5881aeb73189aa28ff62220971b49832f4348a

    Score
    10/10
    agent_smithadwareevasionransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks