71784f7166bc8c75179d19d2e942b5388a9a5dc0fac020c716ba15e6dcb9c304

Analysis

max time kernel
5s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
20-04-2024 17:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Vega X.apk
Size

173.0MB
MD5

1139d48fb848797eab47912c55820647
SHA1

ff82f63f2c8ee6f0de2428f1c7c98cfc6f385e5f
SHA256

71784f7166bc8c75179d19d2e942b5388a9a5dc0fac020c716ba15e6dcb9c304
SHA512

e7987451a4386bc00656170f5fafe4d72433b46dff756355a6942a0d963610a0319f8ffdc959b6591c7098fb83bf40e3d786ecafe14ef5af1557287a59bc4428
SSDEEP

3145728:VMKXqzLrybv1JAx4Ct2VHTjjNnPXTweHGClxKajc5rdcD+c03/9DDSo5Sv50MKUk:VHqzm1JFhTN/z5fRc5pPdGo5SveMKUTo

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.roblox.client

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.roblox.client

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.roblox.client

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.roblox.client

com.roblox.client
1⤵
- Checks CPU information
- Checks memory information
- Acquires the wake lock
- Checks if the internet connection is available
PID:4476

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.roblox.client/cache/68d6cf28c27f1c5f8ee1311288f8915b.0.tmp

Filesize
5KB

MD5
efdf8e2f649b0526cd4ddedc02c2f61d

SHA1
26ddb05de814c4a94b24341b53a2f5140ae1e0f9

SHA256
d746b57f83b74642665e67e15e0950d5b89beb4778b7d85c8e061290b7685cf3

SHA512
4c11d2494492b14e86ffa16266531860f30aae81d71fb1ec524d60117d5697b57763b1e52064acc138f3d4b831fedf96c4c84f756ac9d2331aec3db46518b815

Download Submit
/data/data/com.roblox.client/cache/68d6cf28c27f1c5f8ee1311288f8915b.1.tmp

Filesize
201KB

MD5
7a31ad780b3d4579eb7ed1f54978a05a

SHA1
da3c02fb067d0ef0ebd6a4e8260d934394321259

SHA256
06c8fe5885bec525d3950bc3c018f2643175b852d9e2496ada5a85e368cb4b44

SHA512
adbb5f440829cc56d1e982d5f68364244d5f345a10db98a77ac643c367f271b1f9942f7b3024f7c673a76b131a39bbad179c853161764603c98df4218722a391

Download Submit
/data/data/com.roblox.client/cache/journal

Filesize
39B

MD5
ccfa088f04c02b8a3559608175f12f92

SHA1
c6dc9d4335838d3f8152e02628d1f501b8180db9

SHA256
1c0c29523cfe3ca7535c00e4bf4f54695e453e0a1d8d1ae7f8a9eb8cdd0ce4be

SHA512
efca0a60b657268b3d604c4d443a0db9432a4774fc13367aecb9f9510d2e67b9ca7e2eafdd5553cb1c21fd7b36eb10d0edfca6e7a20e66502d55031bbbd20d43

Download Submit
/data/data/com.roblox.client/cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1f4f60f39a28b69662ee1e43396facdc

SHA1
a6e5260578396141c306282f8304da60701884cd

SHA256
25769f67674186933db9e93944d15cd484da5e3e967a527a63ef8803a1098716

SHA512
b8f28fa39a826ba7ef0f134ce23d980c0c6f2a8d290bd99a3d119cc0596d44ead3a74cee26d25392fb56d0762972dd66c25b07519c8ee5b89fe3be85f0b3046b

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b09543adc15032b971ec8fe49adc52a6

SHA1
e24fa7afea1026a497cadcee87037b648f110095

SHA256
28b375c48aa3e2ad2827b665ee26361bafe24db43f50a46fae99b3d1d318ae14

SHA512
fbf6b928bf87e4bc9569c8f99c0041bb115e0cde396d8b35040ab8ad6a7f39d31700bea02a6143ed4363996eccec767741c0a3867527365bfd7ade6997006f9d

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
df8e6fb7982779430e48184eecc96847

SHA1
9ff98e92ad120461bc6cc658d86a3a6e7c226922

SHA256
3a9cf9fc41fdf1e6142c819bb570f72cd48ca449bf517b7478a7432310540306

SHA512
196d51184b1eb257543d064889e68c9f6bd9171c258dfcfff45467a1fab8193cdc1717f6b54dbc4ae7a3ef07f32b49c596ff7053739842d67083d09bc82d9f37

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a11ac0e23d9b5feed4f509b314f6e553

SHA1
102c78a247425483670e9f48b82e80ca864fc7fe

SHA256
6be7f972f631969348b34de8ebbf747a8241d0186418b8a27f73398d77ade81e

SHA512
62df4f28c2f8360c9c2f7f70de415f750c40f61ca7018d61749d9c9cb9831fd2dd7a1ccde7feddf727e6df6c09c9df89e7f551cca199cb2d40bbcdeb697fb1f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
f3775de82efef9c3b6ddc5c96e0c9cba

SHA1
b372fb675312f1e24b30360f1da3da332663059d

SHA256
c744bd0ce70242febf1bf790a6cbed0098a725497d380ad21e17399db1551553

SHA512
f91e2c7bbb5a55eb8b0cdbfc25897a023cf7865d9ca181cabff2bfbd989908d56e5f99d4e3ee3cc034cc514170cf2dc3ec47316f487eb0bcec88cd784faa753a

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
7c3911e881e95ce5e100d35017f38a4c

SHA1
93686c1571869eace4edae825632a7b6cf8a8ba0

SHA256
a547ceffa14157b56379ce18870c6403a9b0c66ee79e7bdcb456f1445fc8be0b

SHA512
ca2cd157d4c54a864070d4a0c2a62cd35667cc16fe87d5e0accc183d4ebc1bac7f4030bc17a30197f40794d1bced26df1b9fba6308591e5866b4944adb8dd306

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation5707140710814110870tmp

Filesize
561B

MD5
820984ae159ae75caa130ea18e41ea7a

SHA1
991a7bdbfba31e37f7c99f38483c81105ce2909c

SHA256
5e214d3a33ef08c3f21da8b3a37b2d2fea5fb1aa8d5c67af801a2d893a7f8a04

SHA512
244c055085151954e255bc0c424fd8dc6d3c46cb7bfed7aa0caea6c13bd3b8d4b45831ca2baad9c565d2618e27d32b3cdaa470ee50d9a6b535592d1e1912fe9b

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation8154051444104294497tmp

Filesize
90B

MD5
a57b3341ed7a21bfe7feead7a9d4659f

SHA1
80e3dad5d8d7e295b7c845f35cfbb445b3ac6a59

SHA256
6769a580f60ad7b4f1d7418eedda190f719122d98ff4b29deeb9c87228b566c1

SHA512
6e07c529583a5de07a155776a1ee990d676960a38d4e751117f84350a81721a3579f72b1173424303070a7c1d5eb152714c1284bfdcc809289466e750922d0c0

Download Submit
/data/data/com.roblox.client/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
4c0f2c6fe743b0a526568398bc893df4

SHA1
e1deb22c1023e705132eed6c7190fb1d3cacac94

SHA256
4f3a7e48c3964ec41a4c4eadc3e0f84e12fb30f6f255fee3d9d04bb305667a96

SHA512
d76f8f8f8745c03d0936c886f8510720a5372ce58fee170eecdc2512061e9d972adc2b043ec9e724d673c44450edad938a4ff8db6e339d356012ad656f782372

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads