b3fe12fc0ee93c8a31355a40a1f8edb8f28b73023f66b6597500d44ec36e31e4

Analysis

max time kernel
4s
max time network
112s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
23/04/2024, 18:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Vega_X.apk
Size

177.5MB
MD5

0925c3863e99519e4e92c9712abf074d
SHA1

bba60c3d6d9f63691c5adf01294f25555d370884
SHA256

b3fe12fc0ee93c8a31355a40a1f8edb8f28b73023f66b6597500d44ec36e31e4
SHA512

ad40ccd77c1bdd898ad5db6753016a3d2efb0fbd5122936b64f94f1e45ba5c1cc7a694394cee1c14631de741d7cfe2cb956736c95b98b497d40581d8b0d4cfc7
SSDEEP

3145728:VsgYqwmk3vL30DZEqjJq6QKao42Hggbq9iWlNhTuAuyenVREPn7zg/WFCs8M7z1V:abqwNpCJio42l2UWlNcAuyec7c/WFT88

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.roblox.client

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.roblox.client

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.roblox.client

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.roblox.client

com.roblox.client
1⤵
- Checks CPU information
- Checks memory information
- Acquires the wake lock
- Checks if the internet connection is available
PID:4284

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.0.tmp

Filesize
5KB

MD5
7d6b68e9c04cf2ad52876334a9f1af58

SHA1
5e6799bf1908d9c8a372d8fa9fe82176d534c8d8

SHA256
7acf12496cfd1e17a7006bdf8e611c4b809a8e4a9f0b0ec3952d08f9e5c90212

SHA512
ead80204e18bd685c46489f47a3c23d683b6d2971ef0cc8d7284eb96be65dcaafa9c57f25fa37bb7228f5aa1de167c48a41ba657706e6e9e027374897161f61e

Download Submit
/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.1.tmp

Filesize
202KB

MD5
52a30e734a27315041498b17b8053b7e

SHA1
b070a833d0207dd7c3f5842135e6760399cef612

SHA256
058e747cd87d7ffca39ce4003f0c5c945f802f6e2cf1c91bee3da3e85946bafa

SHA512
8a2529ec35d5233844d61691abe8cdeddc0ab81cebf97582f4f690bdfa69e853625ee42701a74de5d87120330d309f5038a9e1374b4b1d61b07a409e0d553cf1

Download Submit
/data/data/com.roblox.client/cache/journal

Filesize
126B

MD5
524d8b990333296c1264c5748fe3a51b

SHA1
f465333aa8824d236039ec6208a7a363357399f3

SHA256
18c74daaecc8a4e8fdcc2808f9874245b8b23d084c95001c7a5291879d1da8cc

SHA512
709695eda5dc39a61c861577a5f8e68e7b046d44a25cfe148767f5230b32a348f78b266fc4f1d3b2e2bfe7e887ed8e6c7bccf993c25bf1cafac761897fbe0e9b

Download Submit
/data/data/com.roblox.client/cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a93a80048fada3299fee0630b4117e60

SHA1
11fe0237c02da9730496f9dbdb23f0b7a52a9ce5

SHA256
759b96efb5665337ed86326e862b49897c17fba2854aac52e59e131c15ea1eb3

SHA512
4b5dfb4b63ff6de81aa53a55c72907099024e8074879137383a6301dd963c0c33492a339cf461fb421bd4938bc6b9d586eeff3a27a827ac2820233e6defcdb34

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c3c6a434e8d960fa603b278560636e58

SHA1
932684056acd33f4db9f000203b11d598ebf814c

SHA256
359e243537e45827e85b50f0035a64f6a631ef415f84a90c0ed7c5f1991d0301

SHA512
41febda411d82d87937e0cf98127fc276a4794f468ce703074983487d942b848ccd50540d3d7e93b33a5fe84dab0d65f23c66f64a1c11d939858ac88631c8021

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
070412a0c4126f6c384462974b49ce73

SHA1
fa9a6d7bce3e8ae5919f2df167e7345d188ea85d

SHA256
ed3af10aca1a2e0713360cebdb5a8ce61d54a847e82bfaaf0db7aa4fdbf1d793

SHA512
4ac537ed4bdfaea6dff1de9f369c227d1caa1d259b4a83f54bf2102ef2a19c84ff7b971f839448befd2539fc725bd794ae7b253b3025a2af862d89beee1a9bae

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
a865e7cd700098d3fb9fdae86788d81c

SHA1
6dce4b03554fdba472f6ab214b498af4042d7b2b

SHA256
a0ce81875c740449cdae95825b2d6bf952fb0620fa259df957d1573561218f14

SHA512
211f18bc2f1b474c2538802ba04afeae04bd30134bb2a35e90bef3829d2bdc75b8f4edbdaa62eb155858d80f6bf8c37f097ece0b42a69752ac816cbc9dfe6fb8

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a78026a6cb3facb4aa2e3a6526e6db33

SHA1
e093cdc23e7bf82e824cf61cb93192b547145ee3

SHA256
1d22524f2f50f51e0883ef012cfb87bd592c6d43ebd73524d1205a55a1c23b9d

SHA512
51698450c5ce08cd96f5a96a878f7835028ebf977194db983e43dba12040e670c61e8d66800abbc9d944515db0568f7cdecfbac8ffe47a5f98669b3ba57dc7a2

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
ee701146493bdb71829beedb7a9b7bb1

SHA1
101864f11de442faa3c18010859d0a82d0ca107a

SHA256
1915001c1b61cb4831a46b7633a509ee2b8379a53b24f4122557bf99077a8d07

SHA512
6799cddb477015ec09e5fd5d6e295050766c05042d297afcf96525f0b189994121ac9ad8cb57adec662699e6a76921667943ac516343599553795620a9abb35e

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation4106037136225598681tmp

Filesize
90B

MD5
832f21d41e33f4842e91a5af25a63dc5

SHA1
763113b45913fc462defa373957038d189232e65

SHA256
bae13938e55c7c8d9ea7728d6c52efb3a33efe693382b75dc5cb0d861a7c1d2d

SHA512
42c9ad76477d7d7eba9a4fac9de26e21a58cc315335fabf6aceda4053f9ead995f6e0e40653dee2b8d8fd020f8919f686dfed35a1138cecdcac829ccfb09c29f

Download Submit
/data/data/com.roblox.client/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
3d65b4d765d9eb35256736712adc3be6

SHA1
081b3c5a147a0196434d625becf970b49d783a9e

SHA256
51c65220ab18e5dcaefca323359d80a37823f7f35f6ab60d42ddd6ffeac8eb08

SHA512
ec08c56492a74d83d9eb3c9ff84780ee4632357d7f5920ff5e9c8632c500dab0f621e432781516f791d066fc456239e528b8dc0876416e841ab654388289a62d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads