Overview

overview

10

Static

static

7

ede6483aa5...81.apk

android-9-x86

10

Analysis

  • max time kernel
    960086s
  • max time network
    20s
  • platform
    android_x86
  • resource
    android-x86-arm-20220621-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20220621-enlocale:en-usos:android-9-x86system
  • submitted
    25-07-2022 04:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ede6483aa55121647408549a6be0c5da6565fcaa5c2be49c9f908ed8c7e13681.apk

  • Size

    2.5MB

  • MD5

    e3f1f7d816b30abbb26cee7efa5ed72a

  • SHA1

    2c218f5df3db931a9ee5e6c45001d071b7f5f263

  • SHA256

    ede6483aa55121647408549a6be0c5da6565fcaa5c2be49c9f908ed8c7e13681

  • SHA512

    8e7ca0c02c7cdc56b3cf3dd95fb49b1f52c1044dd08f829fef94ee04f81abfef0bff10b9acb9838546f46646991995cf7d882bb15c1a991ebb0b409d0adf0844

Score
10/10
agent_smithadwareevasionransomware

Malware Config

Signatures

  • Agent smith

    Agent smith is a modular adware that installs malicious ADs into legitimate applications.

    adwareagent_smith
  • Reads information about phone network operator.
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
    ransomware
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • com.dfoiej8.ccsdyia
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data).
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:4768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.dfoiej8.ccsdyia/app_jar/lpdf.jar
    Filesize

    35KB

    MD5

    e1ab911d4b585a26aae02d8540575013

    SHA1

    ac148f7bdf95edddc97d9224ff51a771f1070520

    SHA256

    8a71fab57b4a03f0b37095daa2eaa086ec6ed6c1c6166ca67c0e0a9e14cc85ca

    SHA512

    983ec12cde3cbfaffb414b8c8eb17c793bee558eb51b9d5e630f9bd5f312e0ce55622719aad6097a799286c25001212b26d7053e7e110a4918beace33d3bcbc4

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_jar/lpdf.jar.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_jar/oat/x86/lpdf.odex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_jar/oat/x86/lpdf.vdex
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_webview/variations_seed_new
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_webview/variations_stamp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/app_webview/webview_data.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    21223e9184445fe043476484cd8cb1f9

    SHA1

    2b4813f849121d60ba35eb0889080668bb62c778

    SHA256

    bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

    SHA512

    be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/XinZF_conf.xml
    Filesize

    122B

    MD5

    76a516ec620e2508e512a673a58347a3

    SHA1

    386e9ee5d38602ebdca74bc24b24d75b1a765e8c

    SHA256

    245368df69958cb3da7feaea45e63731daf36a8954e5982bc36ed91eb439c6b5

    SHA512

    e4e96e50d4119fb2ba9d28b997b4991cf5e14ea7ea43c25304c3a40850a7744491f25e2ee0c7e500bc02e203669ff1cdee302f96534960bbcca3760ff8d192a8

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xml
    Filesize

    111B

    MD5

    5941c4db56c9e35214bc8a06ea8eccc1

    SHA1

    4afc287f197c0e28556001684509b79556da6590

    SHA256

    39cd1139ffcde0a9817027fc5b98c96e145e337777395638d39be9c974e9630c

    SHA512

    cc214a9ca0d8a0fb14e5469f88541f5b22d19e451f68c42d3ea4317a10ca686224ad9b48b13074a1e94ef8b02538594749a98a86b3e70c5a7892446bf3dfad16

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xml
    Filesize

    171B

    MD5

    e5f3f0cb6a6146c9e8f29fb7fe5cb06d

    SHA1

    a247dd11a4522cd8011e62e4b1282ff255c29ec3

    SHA256

    8e40e269910b649d380656c2292785985685b2802f720c4f7f5a1bc9e9a44784

    SHA512

    ab3b4f4705cdb1786ae83d6c6137bc66a1c3f04ca1924a4acf5e54d9bab33e7b78a5c5201c2ff0c67ae4f055247b5fc5efb1eb37edb53f33b6333e96c700b8dd

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_config.xml
    Filesize

    236B

    MD5

    3f14cec9fecd3e9aa62c0e613ecdb183

    SHA1

    b55d8e8a11416544b7d07c650eadeb21dc70634a

    SHA256

    7e53c2e860f8529c0be60951cc13f14ffeb86fb2b3b48c0c8ecde995af00c867

    SHA512

    46b6211f094f91ef5e55a8a481f25f16ef57e6ede7b885e87669f460f288d9838e2c372b4ed0324dad5fca218b4a83ee01fd6d07f2da74e648ef736ad8521397

    Download Submit
  • /data/user/0/com.dfoiej8.ccsdyia/shared_prefs/umeng_common_location.xml
    Filesize

    390B

    MD5

    67f729dc77a3c4c773e2c2e6660ab8cd

    SHA1

    9122cf56e4985a4c1c494159648f398055224dd2

    SHA256

    3c3207eba967d3afbfbf4d6bfb76215691c8cf70d960071af690894a2b4936fc

    SHA512

    94a613cd51657e766ce670c34868f3127b76adfd54c23e63b0b34e0f36313f092da282abd2e111b70f6f91671f6beded77fcdbf04bfc4e8e6d93ebe6dd015903

    Download Submit
  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    213B

    MD5

    9ec5a9fffa77e8a8c7db75fe283704ee

    SHA1

    9a8d6554f23eee15eaeb241285d37f2fe4f2e853

    SHA256

    cd45d3cf19652cfab65f6ebf14611c1df7ff2e7a7af64e02dfad5240506fa622

    SHA512

    ee36e84e6d8a9f3ce8cfc2ef6162da1d2323143c8b26e206066152c33bc854beab33e9b9cf48b313410b135c896d92165f4d4294a27985717512fb52734b8462

    Download Submit
  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit
  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    069dbcc73c23ae98e6251528fb7d2d9c

    SHA1

    bed1e8e1d46009e44b9777bc1b17f7b8e6ee237d

    SHA256

    5ea5cdd4471929f392a9db98a22a793980afdf8e60cb78b07fe9eda55eb2c0d9

    SHA512

    7e269cb93e48a3b103ea6d1ad1661871af3b218926b82474d8f9c554337e9dea3843bf8e5d420641b435b2463ed53b83c36182a6e05bb17b20081f7ed03a3d03

    Download Submit
  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    5b89d5f7ebfa2ef9db66dbf100f2e1b0

    SHA1

    cf0d64f601a576d0b9bb458cf4532a37cdd332a7

    SHA256

    0a480ef8b90c41ca6634cbf43600b00e5a6c98fa741db326619af88913f6aa5b

    SHA512

    a0c07f9b9fed32f1563dd8c94a797ed03fc34f84d2372623267789aa41c98c60fbd137a109181659b97e2c9d65382795a67c17f3491b26ee6c151f25f9046ee8

    Download Submit
  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit
  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    0754fd6620a5e053201c8d0caf2c9b7e

    SHA1

    79de26aa6273f714bfc4bd6a1009c2e494114d48

    SHA256

    8505ca6f377ff6b8bc6501e32e299c364e13d9109c4c3ec37ebccef6eb72f883

    SHA512

    9660fc1f65f1403fd9e0a9314ec83eeadfc967073217a01475dd140f6df297a1f17388b20eacfbea7355255cc2c04a1f09a3f670c7c49e57a4723e0aac8f4685

    Download Submit