Analysis
-
max time kernel
865618s -
max time network
134s -
platform
android_x86 -
resource
android-x86-arm-20220621-en -
resource tags
androidarch:armarch:x86image:android-x86-arm-20220621-enlocale:en-usos:android-9-x86system -
submitted
25-07-2022 04:23
Static task
static1
Behavioral task
behavioral1
Sample
6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f.apk
Resource
android-x86-arm-20220621-en
General
-
Target
6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f.apk
-
Size
2.5MB
-
MD5
11b7e05b83b8c734701fd154fdcaf06b
-
SHA1
e6dc035a0a98fb255159c0ee79c33b3a115268d3
-
SHA256
6e23bff8d5ba19b0916986a0010825851bff77dfd0af596be7514907144e324f
-
SHA512
2f6f2bb9c60ff548f1d9a7e540fb99a5eeeb04205a2c12c32c4e30741e640e9af72aa6d965e2567b64b76311017f81e3780f92503bfa7af188a5244f9eb18043
Malware Config
Signatures
-
Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
-
Reads information about phone network operator.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
Processes:
com.cvbsdk.uuihkdescription ioc process Framework API call javax.crypto.Cipher.doFinal com.cvbsdk.uuihk -
Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
Processes:
com.cvbsdk.uuihkdescription ioc process Framework API call android.hardware.SensorManager.registerListener com.cvbsdk.uuihk
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/user/0/com.cvbsdk.uuihk/app_jar/lpdf.jarFilesize
35KB
MD5e1ab911d4b585a26aae02d8540575013
SHA1ac148f7bdf95edddc97d9224ff51a771f1070520
SHA2568a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca
SHA512983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4
-
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xmlFilesize
111B
MD538f1a271d35cb9454f3bf05def290b30
SHA12a09081f0c20c8b5c748fad9b789991acdd88724
SHA2563ec3cca05ad858f2d2d0498eb819b9c6c4bf9385effab8e2b80ba93f5849edee
SHA512b6827a027baea5249fcd2175b87212b6048698240d1db84676b630c7ee43ef606531c8a75f356be62e5cdf9f2c4b3de8ed8641f70be7964dc63f85b2e98ddfbc
-
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xmlFilesize
171B
MD5b5b4a66f4c388b25c0ce08fd4bc8f668
SHA105382c222a5db63e6b4551515de83c0c6cf3bd73
SHA256f7a62169c39566baca2a860cb51d738c0a7e5f9e68aa159d6b9b18f8e741dd1d
SHA5122587b3d4f431df85edb493210c7eac5e1a9053a9dd5892dfaa27b29bd3a4835efb3ece48869833a5dde57332ab0a0151ec0cff8c01ddb873fbea177a5b7ae10e
-
/data/user/0/com.cvbsdk.uuihk/shared_prefs/umeng_common_config.xmlFilesize
236B
MD52739964de75921f11a54425db5b9d01b
SHA1a791b32abea3a4451ad336384550b70f67a75dfc
SHA256070911d8a708749bd50bb94233d06ab6f8af3f50d2d97c30b66346fe7f22d505
SHA512d82d222d0ea085e0782dea9bf2351fb208260a4e5d900716358ee2a6b23e99c0775fb555521e05d0f0799b7f16b5c1646bb34eabf55b3f72239ad52224000fd2