Overview

overview

10

Static

static

7

196c262a0e...cb.apk

android_x86

10

196c262a0e...cb.apk

android_x64

1

Analysis

  • max time kernel
    2570818s
  • max time network
    129s
  • platform
    android_x86
  • resource
    android-x86-arm-20220621-en
  • submitted
    25-06-2022 04:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    196c262a0ec4d1d8d23b9967433d4ba05f35fe80e54a032f767ae522f5251acb.apk

  • Size

    14.4MB

  • MD5

    e81f599e57f40a50ac99b38933531b1c

  • SHA1

    a15180947012c33f6e0e5f30b3215fcee7cb5294

  • SHA256

    196c262a0ec4d1d8d23b9967433d4ba05f35fe80e54a032f767ae522f5251acb

  • SHA512

    db1d99dc3363115bd44a63dc2776ce7fa934362dde3ad83242206188ba6111daaab555cad0bd4b1850f2f5063a74c0bdd6b452d2707db143a48bb1242961e6a0

Score
10/10
agent_smithadwareevasionransomware

Malware Config

Signatures

  • Agent smith

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    adwareagent_smith
  • Requests cell location 1 IoCs

    Uses Android APIs to to get current cell location.

  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Checks the presence of a debugger.
    evasion
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • com.cam001.lijft
    1⤵
    • Requests cell location
    • Uses Crypto APIs (Might try to encrypt user data).
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:4488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads