6e422998077e7bbc7f6726eb100104fb5ba97fe62e1c1ca846561179dda6b6c7

Resubmissions

15-04-2024 18:29

240415-w4wk9sfe41 7

15-04-2024 18:24

240415-w2a7jsdb62 6

Analysis

max time kernel
8s
max time network
69s
platform
android_x64
resource
android-33-x64-arm64-20240229-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
submitted
15-04-2024 18:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

direct-17-Evon.apk
Size

177.5MB
MD5

02a9032150ca8af20604111cbe1c8d35
SHA1

5f88784937569acdd332e9018cba954e9e842301
SHA256

6e422998077e7bbc7f6726eb100104fb5ba97fe62e1c1ca846561179dda6b6c7
SHA512

62ea76d1d9d28c29aa5c8fc533fcc633339aee48a243b6a8e1bd104d60c85731a164a54f04e0938649ccecffa48cde4f91c073f0df9aa05c376534d48e683410
SSDEEP

3145728:VsqFqjmk3vL30DZEqjJq6Xo42Hggbq9iWlNhJ+QkyenVREPn7zg/WFCs8M7z115I:aAqjNpCJfo42l2UWlNOQkyec7c/WFT8N

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.roblox.client

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.roblox.client

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.roblox.client

com.roblox.client
1⤵
- Checks CPU information
- Checks memory information
- Acquires the wake lock
PID:4351

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.0.tmp

Filesize
5KB

MD5
23efac26877914af3acc36494b4dc422

SHA1
c2edde8e997eb2cce7c3a6a2703e70f6736c6fbd

SHA256
0dc83f846731895fce5ed0fc8d6f4e50e270767d7550f756a7a7ad9fc95b82c6

SHA512
ac69438df74f314a9085fd223dd3e399caf837f16b1d4f5b5df6a80a7135ab55a5dd7195a432d11bae974643e8b0fd230376c61fcac483b8193abf8e54d429b6

Download Submit
/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.1.tmp

Filesize
199KB

MD5
75aec30e92c1a85d8bba9955e9aba36e

SHA1
beb428296a690a4eb4bfeb70eaca37eba65c1865

SHA256
fdfe0f8174489d37009b84fc4905bfdeb3a321cc48c584baac32d7f0dc6d3287

SHA512
ee22f37ba1a0165cbd7502bdb6e71876cb2e8251b55af0e6d84242d39e3cf0c17df8a65ef73cd33d9ac448107925db97243fc04a1229c0dd68dba9dae594741d

Download Submit
/data/data/com.roblox.client/cache/journal

Filesize
126B

MD5
0c0b9fdbc5fe8b7c127ffc4d64d9c12c

SHA1
b4e4fb211b4d9fe94cc446c0d079d29eb51a5a6f

SHA256
04b6f33d30047b5ad43ab78ecb8616eb221e5567ee325364f26e1726b3de266b

SHA512
35df00062102504ba808e731d028ad4a85049101f8af40ef8128d4133b15801f8b5d0fa25f23e76364ccbabe42c963acc0e3657db8c944ae4af3d3178c6db0ea

Download Submit
/data/data/com.roblox.client/cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
77fdc9d76b5c9acf81cab21624f18aba

SHA1
fe849b36f5a39a8d5ddf868fabeb4c956a91c58b

SHA256
7524a11463e91c8cc2c9e5cad56bcf3ef8a600d0445f69a62ff0ab941b1cd759

SHA512
f88d6e57f6f07de9e9ff063b0678c3eab27b32a6f5a654e2f46c403d998c517541c04199d5665a2760e1e5ec0b297285b9e526273f5a1b86500f22cbae8f2416

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ba5d1b56efbd1f70cb20d36a04a2e0a3

SHA1
f73bb6f0b2a7bb08fe67a9473ace3379efcfaa38

SHA256
7f31d3ea5559cfae0e7352ba056c59536f25d0fe6d4957d10ac21d311fc8f826

SHA512
ae4f5a4bae39b1b3c85fdaf072bb6f5c5abba4b28fdb4b0529f807e5b4e300aecdbb56765ddf584c49db7bf6dee8339f114f24cfeaa95fde8be769be71ea486f

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
cb37d7364e83bb9b28e0e94db5193b46

SHA1
e52c67fa80d4e1ba82d73906bfa05d1e6ae8a505

SHA256
f894697d95c53eea6e7e93f02286531cb26c2d59df63c65b195ff188ccc576f6

SHA512
b1035bc2c3dbab19ad44f18d375885a1279a0f448a5e3bfec69b97a9d57ff4b6565c937ba368659e2ecee86f84c8e89e9fd60ff972b8d6d5805eece00b4b84f3

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
ea27b9fe6dc8a4f28b29d37c9cc3eeac

SHA1
6c087107a5d3ac71083630ed5b6c407c15de6109

SHA256
d3c76ea39d3c2b5880b89908787fe841406a700916bd6adb1cc551646b31563f

SHA512
87e74900c449577b34a5005156c187b1e082f84a4eb91e3e78a748508b593ab4f10dfd595ac6cc62bdf9c72a2e950687f28df14d42aa4d6c75ae98de4a848fa3

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
c5b92778a22349542ba6fa7961cbe18d

SHA1
8439c703aac74257af0c62fb0e2890778821e1f3

SHA256
944e34d48c0e74270fc2d32daa94a8218fb0202c2cd3987105809b3109d6552c

SHA512
701504a24e5be0b71b86ab9bd48f679436fb8e0ef3bd9ec7c8ebe3e33707cb63e5da4b1c9eef12a9de78aef34d6f3965dd08c2513fcfe4fd8499a947cf2fc674

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
87f66811e6dcd13afd0d01c9e43f837f

SHA1
77bc0f4acff0c9a8c2eb561ab7900b42983e9bb1

SHA256
5aeb3b93856a3c77604e8fa92a4f4582d5302604371da2cd48dced1955b2ce69

SHA512
afc5c3f2c0a3e88b44073349be3271f7eb131d62a9d36d81fb470be6af5930be224c7ef325b6395e611bd2aed7c9213b991d25571551d79960f11da8c0b91e0a

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
5dfc792f2536270854f5c77f5d72ba3a

SHA1
4e600121b8436267490b31dfad8f7df608674b6a

SHA256
8c26d9146eafe21acb5e902c7e9c7bc7eb13a8c40ac3d4cbf94243e0e112aefa

SHA512
412bcc27af5fb5899436fb3f757f6455e5e007c8f6fffed4bd58b5980c9d1b74190b260ec94262cacfb7ef5567b09035ded9252e2abd167c06ab422d8bf6faff

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d465a07e4c681aeb480d0fed3ade8b45

SHA1
e4c857dfa0ad9f51a9c0094aa11d8c479487e1fd

SHA256
9666c59183b1722da86f80753dfd5e0b70258fe6f2778a549d49a79f81597a8e

SHA512
621561a3983f171c38fc65902deffb90df77bbdc3f67bf010e4bc54c3ce98d90766ef6a8dbcc9878fe1e8402bc43ae3653a658484ff5b092044041fe0c20425a

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation2056676139137975061tmp

Filesize
561B

MD5
eee9687037b2f4b40931c59469e74eed

SHA1
b1e7a730e9ddc416936963bfcad8b1e6b9ca93e0

SHA256
acc798a7ffe072407ea7e1f9e7bc11f96c788245127e30749c863bc9490f3ac9

SHA512
4315d163684602107368c43d8bca68063d0c7cf9429c8280968b66e8737a6ee34233359bd6583d84ba7299fa63694eb61a073e17de84f44282d9ac6f3e64446e

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation6782899209445992075tmp

Filesize
79B

MD5
33192350e65884c3627bd23c0b7bb50f

SHA1
dd997085fb8a7917af1061f87c3b649d902c85d2

SHA256
912e5334d96c445315f370ac1ac5023d18904c8374d690d11ece10098a7ac670

SHA512
cfd4960dbd2c282e08fdfb288190fef78df7517d0963a12639ccbf95b881f20ba64ccd06f58a37811498e6129d1e60793951f5415423938c87cc14861a5386dd

Download Submit
/data/data/com.roblox.client/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
c9b9d061769ea47c09f9890443f119ec

SHA1
25a02e16775f15b0773179bbfd8af8f5227414e5

SHA256
0514efb4ea22d2e7e5a6f20fc7e55bd3bd97d787f6eb28c4eb9ae7e9e18bd688

SHA512
bb41d7dc3702cb1454924f100f5ad90d682832819a8b474a7e694bea044e099c24ae1e48f62d45412833ffefbf4cc7cd39f7e834e010288486ec2eb801442861

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads