Overview

overview

10

Static

static

7

cab5dcc02f...8d.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cab5dcc02f99e22e6a03a140fbea56f16097cb255fefc2075f75a582a3902e8d

  • Size

    17.3MB

  • Sample

    221130-rmz5xagf37

  • MD5

    d91d2118a737064f7fb68d2dc808cf96

  • SHA1

    20fe0853aa3dd8ddbc9ba2853a48d94ca0f88e91

  • SHA256

    cab5dcc02f99e22e6a03a140fbea56f16097cb255fefc2075f75a582a3902e8d

  • SHA512

    792667be0ddd36f376cd387ecdf05e1dd98f0f238927836af668969d376f84820249b81053d904a4fc2146f0e3690fad36fbef541a42ffc63f79aa12fcf7e9e4

  • SSDEEP

    393216:1pNPhSlr2+YZeVFj+e4xtDbPYRRqBVR1cmE9dl2uAOXRJN4HXoFpOP3U:nNPhSlr26v6BjfY3uR1cnPIQRs5P3U

Score
10/10
agent_smithadwareandroidevasionransomware

Malware Config

Targets

    • Target

      cab5dcc02f99e22e6a03a140fbea56f16097cb255fefc2075f75a582a3902e8d

    • Size

      17.3MB

    • MD5

      d91d2118a737064f7fb68d2dc808cf96

    • SHA1

      20fe0853aa3dd8ddbc9ba2853a48d94ca0f88e91

    • SHA256

      cab5dcc02f99e22e6a03a140fbea56f16097cb255fefc2075f75a582a3902e8d

    • SHA512

      792667be0ddd36f376cd387ecdf05e1dd98f0f238927836af668969d376f84820249b81053d904a4fc2146f0e3690fad36fbef541a42ffc63f79aa12fcf7e9e4

    • SSDEEP

      393216:1pNPhSlr2+YZeVFj+e4xtDbPYRRqBVR1cmE9dl2uAOXRJN4HXoFpOP3U:nNPhSlr26v6BjfY3uR1cnPIQRs5P3U

    Score
    10/10
    agent_smithadwareevasionransomware

    • Agent smith

      Agent smith is a modular adware that installs malicious ADs into legitimate applications.

      adwareagent_smith

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Reads information about phone network operator.

    • Removes a system notification.

      evasion

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks