agent_smith | 8e79189889cff05861ed05d4329c28ac1ec9fb772108d0ba63a45a1eca216e88

Analysis

max time kernel
404043s
max time network
160s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
07-09-2022 13:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ccbbadhagjj.apk
Size

8.2MB
MD5

41708e83d712503722acf3ccaba935bc
SHA1

01df760a6dabe2d9e6a7c0f7a72042c317152dc4
SHA256

8e79189889cff05861ed05d4329c28ac1ec9fb772108d0ba63a45a1eca216e88
SHA512

a7fc77f8eafced7066413034b567dbde3eb205531fe3e505a30395d0540dc25fe7d5d9d97ecc5e261083d693eaea1815e3ae229a71454b2ff0e33fb08571ae07
SSDEEP

98304:FDu0vb8aA2szgZiG2cssCLW8Wlv4XdPGu/HZ/MOH+wCDQggFarcVqI2uy/jGuJh7:FyZaA1MZz8689tt/nI8qX/NJBEK

Score

10^/10

agent_smith adware ransomware

Malware Config

Signatures

Agent smith
Agent smith is a modular adware that installs malicious ADs into legitimate applications.
adware agent_smith
Reads information about phone network operator.
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.lccdcagc

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.lccdcagc

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.lccdcagc

com.lccdcagc
1⤵
- Uses Crypto APIs (Might try to encrypt user data).
PID:4086

ls /sys/class/thermal
2⤵
PID:4168

getprop ro.product.cpu.abi
2⤵
PID:4146

ls /
2⤵
PID:4292

com.lccdcagc:remote
1⤵
PID:4308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.lccdcagc/app_tbs/core_private/download_upload
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/app_tbs/core_private/tbs_pv_config
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/app_tbs/core_private/tbscoreinstall.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/app_tbs/core_private/tbslock.txt
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/app_tbs/share/core_info
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/cache/image_manager_disk_cache/74c59d05ab735ba82d165f08ce4891bd4226ed868b58924d16428da93786a384.0.tmp
Filesize
179KB

MD5
dd9fd32a8a2e2a56240a53b288a0d52b

SHA1
8db7e69fcd09be97d58dde84259f70bb74ead72c

SHA256
c117642c133761e611c6bcb2886e28a09a0e688cf8de4336030d8f759c04e09f

SHA512
509443ac16b1a172b8bd0c4f2dad6acf572f5d4c48498c3715c420f64ef2b728ff1de948a5f1a4ef357d5700104aebeb664497269148c661c84b4fdc6b2af7e2

Download Submit
/data/user/0/com.lccdcagc/cache/image_manager_disk_cache/journal.tmp
Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.lccdcagc/files/stateless/dW1weF9pbnRlcm5hbA== /dW1weF9pbnRlcm5hbF8xNjYyNTU2MjQyNDAw
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.lccdcagc/files/umeng_it.cache
Filesize
415B

MD5
c18d41b39a2e7ad7b34a94aa91bc1bb9

SHA1
abb3f49190a0045516b4a667a9e2fcad24b57255

SHA256
15a9db010b08f4305684d6b002bf434c90f2d75adc156fbeec741deb032d64ca

SHA512
bb83076006948d99e85f861aa63f36d77fb0746d0c6c14ba17ed399934f1fc1b0a86723071a93ccb559b70bbce1a04ddd680c537032c07addf56930fff945852

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/info.xml
Filesize
400B

MD5
679bf3f7fddc9fa4a5bde759833c170d

SHA1
46a376e4c1988cd27aa80722dd4fbe37fb054a0d

SHA256
2b056acdce65f3a050c312fdb61469c24dfa58b30464269e3f598ed2cb858c21

SHA512
980683b6fd90be7696cdc4009a24a1edf068f11439f8b3f72cfff8c6dec59526d5879e09d7f03f6f9b27343b2b0f9e354d5b2ff713ecf82580686232ca13b2e3

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/remote_umeng_common_config.xml
Filesize
114B

MD5
53ebf3241afdbdafced147ea6074391a

SHA1
fdfabbdd727068a79d0d18ff1528cf126cf5566b

SHA256
4a085b284854d0936949fbfc72b956595061ba539aa0c6b9dd8ae9ebc1935cbc

SHA512
719b83127d203d44b98c4a28fee618d144724908ba4048204d41a2dab8180bab8f1b9c964305a4ee3bf0f75a20a10bdefcef7c205443cd24c5259f2aaa712ffd

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/remote_umeng_common_config.xml
Filesize
174B

MD5
4278c790a7d0d51d9f5c13d7a15edad6

SHA1
775b1fee2bfb2de3aff81ce723b0bd95f55a6f5e

SHA256
5fe8981ac2f84a8844d507406fe2e89f50eb282f7b6ed2b71d59f59d84180bf4

SHA512
87c96d6a694ed7afad414ba6da6cc3929d2d94f698528b154393f8df40605ea9bad0d3b1faa9bc4056ae62d841a312f27ff338ce22fa366562a8d3c2979adb1c

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/remote_umeng_common_config.xml
Filesize
239B

MD5
2251712bf1439bea69ba5b8ce9d38016

SHA1
f010a4a7a712550d26589edb24b15e9f185b5bfa

SHA256
ed5297a1d20baf7279bfdfe9f9d58da938a642c557fb855ad818aa5800cf272c

SHA512
5f59442d4beb29d0501e5409fca2974b4a5d58b38eeb2dacb1e6e1d212058e3af946fb2d1cc44bed9dda8acb294c0317f8c11a06dc467fbd30ecc05e01f4868d

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
200B

MD5
4da5d56d9c9e3791f9177b18af016e8a

SHA1
c79b66708ce1b8d3f0804135c228333b68fea2fc

SHA256
3726bc25bccbb0c2d38f0b1220238e4452b607ff8c4f6a98d128498d6e1af05e

SHA512
60c7d2b9a5e506611c51f03fc495a7debcf8e93177de26809936894b7f313ee9f8d8de2ece7661ec6028321ca01c3adc600868e3654114ef623c092dfd45e5f9

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
248B

MD5
2287ceff13e6126119e23f6ce185c6a2

SHA1
d7db26ea73fd912d53d0ad79e1ce23739f5934b4

SHA256
d852eb8442a23a079d9cea028ade1c9bf42c5158378821a464032dc82d7f0eb0

SHA512
5dc38de89c43fb1f6a600c3c265a568dbbb3a1fd80b3efa91eaf37b79472a0e9bf8bde4c313b7365c4b8b19be476ee9b206f4329838f30180fbf299ca6d52bf0

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
248B

MD5
c570ca55fda11bc56f147852f1e91609

SHA1
876b206c585f2f42c6b5edec810c074bcb732b1a

SHA256
c415f3f2a4f73f36cce3327bb5c58c5d9104c0af835b79145bfcb4124727a77b

SHA512
d3ee78da4cd18b3ba49a00f2c9df10a0e658f7545a305b4eca636e6916e207eae5739e0d5c1fc3dc42dd629e7e1d85454f9285139fc5c850ec722226b1207600

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
248B

MD5
9a7979f592046fa78c3124162037a406

SHA1
ad9190aebfe1470d6d97c292d57d8c7b0e50955f

SHA256
1b2c757ba14fa0120f0c63407cdb0214d6857aa84d173c522029585f4b47feda

SHA512
c967d0975452de1eb7ea135e211eb9efd7c2aee027f677d8d5302ade65d177b577f3c37860c81890135945176f448cf3d2f2a131d70aa7db7dd10421b4d1f0b2

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
673B

MD5
be6c861930b1b2cb8d7a3b557548dd06

SHA1
e12510bbbc2cdc244948a1a8199ba13e0c9608c9

SHA256
9a00012bb68b3fd44e43d7b68660f0b26c98d88b3e8d1a844c3106ce9604322c

SHA512
8e1e92a8904e0a712511616ae3e461d9318e95918ae57cc8dd05b2c1d8b75ef929673e538bbf05e94b332de41219de045837b4b2d49bf270122610cf17b4dd00

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/tbs_download_config.xml
Filesize
673B

MD5
2750acb944f1b362aabdd7cc374bb64b

SHA1
0cea8f755aa9fcd514d55c9f2f9fd0dc65a40c82

SHA256
18ac4f411ac4693f971f1899bde56d25181abeee36c40b7e9c14936cecd42904

SHA512
42944fce14631e1aeccab2a71bf5ff82b1400b2b2afee2f88468e8dbd1701694b29270b4c0359b5002e4fba1cf02361d76d32ed878ba0abbf47c53122345e209

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/umeng_common_config.xml
Filesize
174B

MD5
4278c790a7d0d51d9f5c13d7a15edad6

SHA1
775b1fee2bfb2de3aff81ce723b0bd95f55a6f5e

SHA256
5fe8981ac2f84a8844d507406fe2e89f50eb282f7b6ed2b71d59f59d84180bf4

SHA512
87c96d6a694ed7afad414ba6da6cc3929d2d94f698528b154393f8df40605ea9bad0d3b1faa9bc4056ae62d841a312f27ff338ce22fa366562a8d3c2979adb1c

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/umeng_common_config.xml
Filesize
239B

MD5
2251712bf1439bea69ba5b8ce9d38016

SHA1
f010a4a7a712550d26589edb24b15e9f185b5bfa

SHA256
ed5297a1d20baf7279bfdfe9f9d58da938a642c557fb855ad818aa5800cf272c

SHA512
5f59442d4beb29d0501e5409fca2974b4a5d58b38eeb2dacb1e6e1d212058e3af946fb2d1cc44bed9dda8acb294c0317f8c11a06dc467fbd30ecc05e01f4868d

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/umeng_common_config.xml
Filesize
114B

MD5
53ebf3241afdbdafced147ea6074391a

SHA1
fdfabbdd727068a79d0d18ff1528cf126cf5566b

SHA256
4a085b284854d0936949fbfc72b956595061ba539aa0c6b9dd8ae9ebc1935cbc

SHA512
719b83127d203d44b98c4a28fee618d144724908ba4048204d41a2dab8180bab8f1b9c964305a4ee3bf0f75a20a10bdefcef7c205443cd24c5259f2aaa712ffd

Download Submit
/data/user/0/com.lccdcagc/shared_prefs/umeng_common_location.xml
Filesize
390B

MD5
a20490be2801038997421a42e7dd42ce

SHA1
4978c382cbf847b50d7e1c2fd3aa714428d85927

SHA256
7ae66888560cb02841c8a4db8318cb4c9a50a34a7fb8ca102bb9e2bcfbf64004

SHA512
181f21e89b4cb27925b73444bb6a4ee844ce5d4113e06574df74f554b8a667736b0d8a3a9ffd1acd4c3abaad042214f8882a5cee8ace31d16cfd54fb3b434a0c

Download Submit
/storage/emulated/0/Android/data/com.lccdcagc/files/tbslog/tbslog.txt
Filesize
14KB

MD5
4934eadee26a37b5cef9dc0ec87d2e2d

SHA1
42a22b9f354e6c675d23f2c356074fffcaccc354

SHA256
32da88ddeeb96a4da6ff9079f15bc220c7bf5a4c4772ccb634f6525bd707ab28

SHA512
ec775590f9e38785964c221cd44a3cf2496b63dfcfe94195d79d34c65988f3e4dfce0a7d75a8057ea51b0a088f44fdd66a7bb3a29745f46728b7dcaae9b98bdb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads