Overview

overview

10

Static

static

7

0f54e20347...65.apk

android_x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f54e2034763056999c0d17a9c309e7bdf676e161961f55bfc0cf3d899864565

  • Size

    2.5MB

  • Sample

    220630-3weq4sdabk

  • MD5

    860a1bf7ba23a925048ecd3a5f497540

  • SHA1

    5eee404fceb96f084e97cc2c4080db402d40ab16

  • SHA256

    0f54e2034763056999c0d17a9c309e7bdf676e161961f55bfc0cf3d899864565

  • SHA512

    e1c65b32370945e5eb073f956b54eea8ee1bf14bb0ad9b3b20744fe4fca7e3c7e5c4cfb215af0ad9c328b14696c96ef3e140085a62352f0247f260565f277e45

Score
10/10
agent_smithadwareandroidevasionransomware

Malware Config

Targets

    • Target

      0f54e2034763056999c0d17a9c309e7bdf676e161961f55bfc0cf3d899864565

    • Size

      2.5MB

    • MD5

      860a1bf7ba23a925048ecd3a5f497540

    • SHA1

      5eee404fceb96f084e97cc2c4080db402d40ab16

    • SHA256

      0f54e2034763056999c0d17a9c309e7bdf676e161961f55bfc0cf3d899864565

    • SHA512

      e1c65b32370945e5eb073f956b54eea8ee1bf14bb0ad9b3b20744fe4fca7e3c7e5c4cfb215af0ad9c328b14696c96ef3e140085a62352f0247f260565f277e45

    Score
    10/10
    agent_smithadwareevasionransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests dangerous framework permissions

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks