kkkk[.]apk | Triage

General

Target

kkkk.apk
Size

136.8MB
MD5

4ebb343ff6728ad43bfea719ed4d3e35
SHA1

d55a8f82563c5dd6ff4a8a7dad120c9c1033dcd9
SHA256

5fe3677f8ee8c8e3716794c9570333f802a5d896fc760d11c3445ac6cb1702a9
SHA512

5159e21f511d258c6ad31d3a7a06832278c1946e0617b82079a490b7a4793eb32638ed89e02ee3c513a5dee7dd46b5a39be12b03774a5d6389d9539200f52cc2
SSDEEP

3145728:TX0JX9CyZZEk7KiI80nDq9TLeinR7UqqdxzlYFc7Ncdmf7Y8B9kn:TXiX9CyQkxI7n29feindUqWZlYFc72dp

Score

6^/10

Malware Config

Signatures

Requests dangerous framework permissions 1 IoCs

description	ioc
Allows an app to post notifications.	android.permission.POST_NOTIFICATIONS

Files

kkkk.apk
.apk android arch:arm64

com.roblox.client

com.roblox.client.startup.ActivitySplash

Activities

com.roblox.client.ActivityProtocolLaunch

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.roblox.client.startup.ActivitySplash

android.intent.action.MAIN

Permissions

--
android.permission.POST_NOTIFICATIONS
android.permission.VIBRATE
com.android.vending.BILLING
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
--
--
android.permission.FOREGROUND_SERVICE
android.permission.USE_FULL_SCREEN_INTENT
android.permission.DISABLE_KEYGUARD
--
com.google.android.gms.permission.AD_ID
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
--
android.permission.WAKE_LOCK
com.google.android.c2dm.permission.RECEIVE

Receivers

com.roblox.client.sms.SMSBroadcastReceiver

com.google.android.gms.auth.api.phone.SMS_RETRIEVED

com.roblox.client.XAPKUpdateReceiver

android.intent.action.MY_PACKAGE_REPLACED

com.appsflyer.SingleInstallBroadcastReceiver

com.android.vending.INSTALL_REFERRER

com.google.firebase.iid.FirebaseInstanceIdReceiver

com.google.android.c2dm.intent.RECEIVE

Services

com.roblox.client.fcm.RbxFcmListenerService

com.google.firebase.MESSAGING_EVENT

com.google.firebase.messaging.FirebaseMessagingService

com.google.firebase.MESSAGING_EVENT

Android Permissions

kkkk.apk

Permissions

--

android.permission.POST_NOTIFICATIONS

android.permission.VIBRATE

com.android.vending.BILLING

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

--

android.permission.FOREGROUND_SERVICE

android.permission.USE_FULL_SCREEN_INTENT

android.permission.DISABLE_KEYGUARD

--

com.google.android.gms.permission.AD_ID

com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE

--

android.permission.WAKE_LOCK

com.google.android.c2dm.permission.RECEIVE

Sharing

General

Malware Config

Signatures

Files

com.roblox.client

com.roblox.client.startup.ActivitySplash

Activities

com.roblox.client.ActivityProtocolLaunch

com.roblox.client.startup.ActivitySplash

Permissions

Receivers

com.roblox.client.sms.SMSBroadcastReceiver

com.roblox.client.XAPKUpdateReceiver

com.appsflyer.SingleInstallBroadcastReceiver

com.google.firebase.iid.FirebaseInstanceIdReceiver

Services

com.roblox.client.fcm.RbxFcmListenerService

com.google.firebase.messaging.FirebaseMessagingService

Android Permissions

kkkk.apk