Overview

overview

10

Static

static

7

71d3090aaf...30.apk

android_x86

10

71d3090aaf...30.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    71d3090aaf019a5ad2862e6eed2476584a05e68939bfa754062c545ac7bd1130

  • Size

    16.1MB

  • Sample

    220605-rt43fafdfm

  • MD5

    145e1be7627fe56bdd3548bac77a49e9

  • SHA1

    ad7ec80c58ec5acb09d2196fb5d1f535b7fd8ea0

  • SHA256

    71d3090aaf019a5ad2862e6eed2476584a05e68939bfa754062c545ac7bd1130

  • SHA512

    d1fbc4be63c7e64a01626d1309fc5269572bef7ca0b4e640ee9f9d634992bce7019c5d64aad98cd07ecc1d196322ccff56e4b47fc9b69e5ef609792f0910adea

Score
10/10
agent_smithadwareandroidevasionransomware

Malware Config

Targets

    • Target

      71d3090aaf019a5ad2862e6eed2476584a05e68939bfa754062c545ac7bd1130

    • Size

      16.1MB

    • MD5

      145e1be7627fe56bdd3548bac77a49e9

    • SHA1

      ad7ec80c58ec5acb09d2196fb5d1f535b7fd8ea0

    • SHA256

      71d3090aaf019a5ad2862e6eed2476584a05e68939bfa754062c545ac7bd1130

    • SHA512

      d1fbc4be63c7e64a01626d1309fc5269572bef7ca0b4e640ee9f9d634992bce7019c5d64aad98cd07ecc1d196322ccff56e4b47fc9b69e5ef609792f0910adea

    Score
    10/10
    agent_smithadwareevasionransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks