agent_smith | 6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f

Analysis

max time kernel
865618s
max time network
134s
platform
android_x86
resource
android-x86-arm-20220621-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220621-enlocale:en-usos:android-9-x86system
submitted
25-07-2022 04:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f.apk
Size

2.5MB
MD5

11b7e05b83b8c734701fd154fdcaf06b
SHA1

e6dc035a0a98fb255159c0ee79c33b3a115268d3
SHA256

6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f
SHA512

2f6f2bb9c60ff548f1d9a7e540fb99a5eeeb04205a2c12c32c4e30741e640e9af72aa6d965e2567b64b76311017f81e3780f92503bfa7af188a5244f9eb18043

Score

10^/10

agent_smith adware evasion ransomware

Malware Config

Signatures

Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
adware agent_smith
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.cvbsdk.uuihk

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.cvbsdk.uuihk
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
evasion

Processes:

com.cvbsdk.uuihk

description ioc process

Framework API call android.hardware.SensorManager.registerListener com.cvbsdk.uuihk

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.cvbsdk.uuihk

description	ioc	process
Framework API call	android.hardware.SensorManager.registerListener	com.cvbsdk.uuihk

com.cvbsdk.uuihk
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
- Listens for changes in the sensor environment (might be used to detect emulation).
PID:4103

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.cvbsdk.uuihk/app_jar/lpdf.jar
Filesize
35KB

MD5
e1ab911d4b585a26aae02d8540575013

SHA1
ac148f7bdf95edddc97d9224ff51a771f1070520

SHA256
8a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca

SHA512
983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4

Download Submit
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xml
Filesize
111B

MD5
38f1a271d35cb9454f3bf05def290b30

SHA1
2a09081f0c20c8b5c748fad9b789991acdd88724

SHA256
3ec3cca05ad858f2d2d0498eb819b9c6c4bf9385effab8e2b80ba93f5849edee

SHA512
b6827a027baea5249fcd2175b87212b6048698240d1db84676b630c7ee43ef606531c8a75f356be62e5cdf9f2c4b3de8ed8641f70be7964dc63f85b2e98ddfbc

Download Submit
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xml
Filesize
171B

MD5
b5b4a66f4c388b25c0ce08fd4bc8f668

SHA1
05382c222a5db63e6b4551515de83c0c6cf3bd73

SHA256
f7a62169c39566baca2a860cb51d738c0a7e5f9e68aa159d6b9b18f8e741dd1d

SHA512
2587b3d4f431df85edb493210c7eac5e1a9053a9dd5892dfaa27b29bd3a4835efb3ece48869833a5dde57332ab0a0151ec0cff8c01ddb873fbea177a5b7ae10e

Download Submit
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xml
Filesize
236B

MD5
2739964de75921f11a54425db5b9d01b

SHA1
a791b32abea3a4451ad336384550b70f67a75dfc

SHA256
070911d8a708749bd50bb94233d06ab6f8af3f50d2d97c30b66346fe7f22d505

SHA512
d82d222d0ea085e0782dea9bf2351fb208260a4e5d900716358ee2a6b23e99c0775fb555521e05d0f0799b7f16b5c1646bb34eabf55b3f72239ad52224000fd2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads