agent_smith | 5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e | Triage

Submit
Reports

Overview

overview

Static

static

7

5900bb7a62...8e.apk

android_x86

5900bb7a62...8e.apk

android_x64

1

5900bb7a62...8e.apk

android_x64

Sharing

General

Target

5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e
Size

292KB
Sample

220708-h2zy1segcp
MD5

7fca77d5ecffc7192e3d8e944aeeb5d1
SHA1

1526920cfeed5acfbe077fe97a3ed84d5b3bde9a
SHA256

5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e
SHA512

f5b48f02b630fe92e7b5de274d5aa4661e409caa389fd4d09c5ba089907a168001584c4666e5d7f24fe45501e7dc5f747ba8c6d0dfc19688e4611bd772af45be

Score

10^/10

agent_smith adware android evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e.apk

Resource

android-x86-arm-20220621-en

agent_smith adware ransomware

android_x86

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e.apk

Resource

android-x64-20220621-en

android_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e.apk

Resource

android-x64-arm64-20220621-en

agent_smith adware evasion ransomware

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e
- Size
  
  292KB
- MD5
  
  7fca77d5ecffc7192e3d8e944aeeb5d1
- SHA1
  
  1526920cfeed5acfbe077fe97a3ed84d5b3bde9a
- SHA256
  
  5900bb7a6253e31d1f5ebb43a076232c0b1bb3d36573c0bf79d768822470d58e
- SHA512
  
  f5b48f02b630fe92e7b5de274d5aa4661e409caa389fd4d09c5ba089907a168001584c4666e5d7f24fe45501e7dc5f747ba8c6d0dfc19688e4611bd772af45be
Score

10^/10

agent_smith adware ransomware evasion
- Agent smith
  Agent smith is a modular adware that installs malicious ADs into legitimate applications.
  adware agent_smith
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Queries the unique device ID (IMEI, MEID, IMSI).
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

agent_smithadwareransomware

behavioral2

behavioral3

agent_smithadwareevasionransomware

© 2018-2024

Terms | Privacy