5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
43s
max time network
129s
platform
android_x86
resource
android-x86-arm-20240221-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240221-enlocale:en-usos:android-9-x86system
submitted
27-04-2024 15:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freerobux-9-8.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/cpuinfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

freerobux.appkh

ioc	pid	Process
/data/user/0/freerobux.appkh/files/audience_network.dex	4263	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	4263	freerobux.appkh

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	freerobux.appkh

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	freerobux.appkh

Acquires the wake lock 1 IoCs

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

freerobux.appkh
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4263

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
69f9a3cbee94ce51bfd16edf2cbd31ea

SHA1
ad9caf25250503373464772d8d8ff077d98f020a

SHA256
c3757d0124d83163c230f91c1ecf5ec189c1c08f9ab6ac6eaf85594d8008ac92

SHA512
d58ebdcbcdb2f28fc9aa73c80022776bfbcf2521e8e936c88c2446d6507f54762c113e91df04076709efdb9570c8152c1c6bc4d0a32b2632ea8906dc1a21f8c3

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
cf42ca75b2f941a96673a0336b124bfb

SHA1
fa9fdcfeeef1b6ae002a65fa70c9508255fe0b01

SHA256
62777797c8eb2afa8a5c7c50970f79ac297ccc2e7287b61adc3c9d1be577a652

SHA512
34af4bb96126ef963498ea14400a10854fde86a15f56c322cca23d7ed82a1139faaa662292c7cac3dd984f613d972de7cfff0e67574a6a8bc51cf61fd15e705a

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
37894caf7ff70ee27994f8bbe66dc9fe

SHA1
bd3117d647f57b31f4711b30045826b4d955d23b

SHA256
ae6971ec6dc55695688f1a005f70ddd7a71e11f4f4bf5ab2d2113c194162c940

SHA512
d6b1d672dcf3b910e73190142225a193f0494dc2909e954179553d99540996308ff74417c707bce729f32854f1a7e9db066a412d67a8c8d06308e4abccd92a0e

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
bea72a9e1943006cb1707c44317946d8

SHA1
2408fb5cacbaea50bbef1e73214d120592e44508

SHA256
4c54ad48aeec7a0b4e63fff93d221d23e7347315282530bc3188a02ef158a62e

SHA512
d9135c13a7a66657f527cd056889b42b14913277edb68422ec9ee580f1879ead6f7142065f0bb7c0ef0bad17674e4d0d99cdc47a5b7bf6597714a089263d8c00

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
e5671d3af053aea048777fc7a47f9ef2

SHA1
b98d88b0766936626ef8a6a83ae728df10b3f02f

SHA256
d88b7002ce2131adcd01c4945953270ac7f20a370784bbfdeb7eb0232aa9a749

SHA512
aee0946af94875446d05001b54257c67a6c1bc1acbaf497180a12a34d16068d44b381db089606d9ba6520894402011889966f464db179ef585556066a27e38c0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
9e0d70128ad2b749c8ea53e1ff14e216

SHA1
cf6c3e68d6266629742eaf6ae5fdb8ef0a58ecf4

SHA256
77f8f50a63d0a00f349fc9840ed28868bab2db54ee49587b49b696d161a17684

SHA512
cc7bb73a7e2ffea3f590addfef84502bd307514835bd42d329b07c195cd8f3f790ee70e86be49d013214a2aa55cc3405aa67723c06df544a3b61b86c3a3e1464

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
512B

MD5
58c2029484b09ee4a451e93825608d3c

SHA1
1ae5d045ccc8bf76c9d8a691f2411e9300739ac7

SHA256
a89ef5691c3bf5ac584ea92d1c1ca04720f63e60f27f8687dc037ae2b2064839

SHA512
4fcc6abbb52ea0a6f804876a3c21a695ef9e76ae4cbfad869d5ac40297abc5c154674485527e6c5ac80ea37f9b36976557c17a8f25b29dbec6c5dcb8359fc8d4

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
48KB

MD5
3382da07f69fa19d55d22449221557a1

SHA1
8651c8abb8a9e7db6fdbe271a0425fb72f3e176b

SHA256
a900e24e3e752d2227bbd8540b63d18917fb8f4ea72bb4d28718edf430b20bfd

SHA512
e2b731d69019ef72189eda9ead406d643b1f9bfd63f84f7556aabd7fd16b596b0de9d3d297dc49a165eb3f936f29b1c77f9a8a49e2baef52e225392dd21dbed0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
4KB

MD5
86b5680db484089849f0fd86d39f17b6

SHA1
87f451889115fbdbc8e77cba54804d218c1485ad

SHA256
080a90ca3fd6cc45ec9c3e311cef93036b986bf2acf2d9d45a09c469d2ee5efc

SHA512
93a799d8aa7e29c29a926b1063a9c981d3ec6911af27d3488e0c086a5aadb676122d92c5d6e06da21d3961187c916c57973c4679caac2097dd7bd7af120d354d

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
4KB

MD5
68d72db09d9086b3da01dd481dbb3e14

SHA1
9b3354780f8fd1d8e3e76386a19fb0ff90c4a231

SHA256
dfc40ba71f1d8fd35104d5ffb8d1005ef9a0b9181e86c63803b7dfc6fc3565af

SHA512
2660b601c1585fc5db96b7e195771f76b23ab42d85fc2a640470c25a9f5d80d47cf6968ea386b6f2a86c1e83b4ee6639b7e244d6b0e3f6361dd959b085e36791

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
430cf200abda81a06b57e26e5fcfa5ae

SHA1
5db7dc33b7119d43fde39501010f28c68b79d712

SHA256
26e80c136f40203b535c12e0cb1489bca4545762163cccc537239daf58e9d1d9

SHA512
8c6a57856c6031f4ba2f5821cc3de460f0f03a23228d3d39ad2823456f93fced681d8e11bd48df3decc3600bf086317cdffe8ace8509525e35a369e84419705c

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
a26ba440290cbf90118b1b6e74a59f42

SHA1
9c9fb51cbddb327284fcb51833ce37aacb9db4a2

SHA256
2e2c127321ec1f5318151dd90e17a1d2cc2aff8a0c81adc96b14c57f937f896c

SHA512
5c9689e7a3a0af9660ffa3f0b3fecad4a7bf229b4fc486ee8d081a7aa307190de8c6fd47f10c90bef63eaf8bba42b60cfe0025b8e4b00f265988c2904d0043d4

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
9a9710aee5b0122c8a547fb7f04e566a

SHA1
593c5209826861920226d13a199a64c693131c32

SHA256
28c6f9e19b8289ad51a94b80fa6a2ed1b158970e34fac2949ce603d4e67d2290

SHA512
38af6d54538c836d84afbc7f9eb769b3ba4d6cbf6c57a57c05f756231124f0b51bf51b9ff8760c5d6d0389d8fdd81844e342ad521e43da1ebd79ec6727e9f088

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1954adde6379241c1f9312f2863144fd

SHA1
2e758ca5624a53303495d46584a3589561dd0366

SHA256
57e925d0992924ae44981f027a446106de4a6d755fe87dea40f724d3b9869ea9

SHA512
0801655b3555300ca7fdf9f671e80a0b33342517a06f14dd4d952f86e91925d7034098f590fff5a9c75ff0440c5f490d02ae65962cbe7e9bae80ea58add42cd2

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
af16bbce55059b190b1104978fe2ca2e

SHA1
cc4a662cba6e5e7dc82ab2dc1a800cd6bbb24684

SHA256
3cf51e0ce515aef5cce1fe8edf9dcaacf669b64b809e87104de4b58705c7e198

SHA512
ca8ac0d6bf576906534ab2a3ad87b818aede4572508bb4bd339aab0aea9f95a56083677da00d8da5d68a69009f0c9d6c5059ff83bb3e6b2a4bd60283050b7f13

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
63b2ac92ac623972759a3d9b2d7a6ee2

SHA1
9af30bfb90609dbcaf61c6dbab64ff937e170776

SHA256
b5ac20b3274d263ea95b830599c5badb4ece0b2121a4664076c639e6d9b4b7da

SHA512
95fbcb83720a11f976b93122d975ad0753e1e9c860e0e6fc8da8310f89e7fc928fbdb5ff5be13eb9a0d083e665e3993cd83bea988c82d26d457e07547ce0f707

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
0895efd2da63caaeb54d0a65ec68fe22

SHA1
8db9b41a0923a73d5f309d0eb14f3c64fc564f3d

SHA256
836e31cbc080bcc57b48da83af7e58409875c3c016ef89039cdec26bff208389

SHA512
f635a6fc4b2955158728e8b9c8a8eeaf6200b496b4d350c7f0e79f22e50ee7df4d81b3acf2d34542d6bb2c77a5e1e7bf3c53e592e67682a5a1265524cdc19ec0

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d78a8071c2613add4168e6d9d196c3d8

SHA1
8c471714707933f248f4500df13e527a03e8c848

SHA256
b8c3a61f0fc2669b4384d3968c6ccea2131dbd5c51c2f82a683a3075a9ffbd04

SHA512
591426abebf5dafac3d65fa3b29f951092330780747e429dbe728573f570def56721e52c6ce15eb18fba9c486e341565692878665d4564c42bf4a6a43724ac75

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
9728351ef7ad5cc45bbf41a5eee5cb91

SHA1
83aaf2752a6192b21d9d59cb764d2f99243f5d0d

SHA256
0211606a445c74cbf4916a8d2f72d6c0c13cc001dee76f3cb5ec4b24e152d721

SHA512
73d7f39571b5beab16d2489763c7e9bc7816c59411bf7929b07091f00317f453dcab23dd6b600fbc18646d1d07517c4a1b1507a0688ca03c19365438317306b7

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
4cf65594e0ebae907a9c30928cde7ed6

SHA1
b194a8689c7b660264d564d50f117f2d31ccf1c0

SHA256
d2db125136f7ca9f5e27d62f7464e8b1352f23d95cc4f63222be3751a7d50cf5

SHA512
4cfd565021dd7aa83bfe465403096a53c25c8ec138eb9a6563ff3e0f39b51e825b8ba309a2cfa2ed0361899b3da720d20afa55896e3d16fa617772e4c34ddcb4

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
428b48c262d89a9e34d498e98b0e45ca

SHA1
83d9506ff2ec667e00e11c0ad600e2382edde05f

SHA256
b0e5ac5fc5438d5655e073663b33b837ae72ee16a495c7560e14008dc0b08a80

SHA512
f8aa47ead841b3e9f81b0b0c15e97f189192d102186d916012f1985d0f46cac2c46d88d74f7cfb7b1f158d04c0b1d263dfbe4efcd1730c05e49eb2582ce55e22

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
2882adaf4fb090142f40345c7ff619ab

SHA1
1a47a9c624210da6ab44436f593abd2799586114

SHA256
5f4fb5fa9876c0232559e2887602580e56ce1caa9b984ef51440e6347b9f144e

SHA512
562824ebe7daaf0a5439dfc145e79bc8ec9784d0ad481ca92d392afd538bb48736afb82e59e5a14f523d116c63fd2483572b979abadee19e6cb3fabd845416a8

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
e8fa4dc3a092dade3d00c410f081b537

SHA1
a309ef75a7b52df4a7c6eab44dc12521bcea24f0

SHA256
dbf5ba6d5d71c445fc2fc1fd6364e7ceabef772619e40285434aa5682f694044

SHA512
76419eb7d9d67a0ed7ea8cfb784c1509824501181c181eff33e37dbb870aff510603d4b065a3090dc5f257c599bfd6a8f159f93aedb4c225b8b97f4ea4e3bd59

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
15f025e89ae274110cb2cfb4a094e805

SHA1
8ac8c3619d9551f7e06b9c4e79a4f2b344b966e9

SHA256
7cfa9e56e50d4b101022e02d672a3d19051e79d9a8e77002f7298dca5a2abe7c

SHA512
09603283b88585d7e5c8db039333da4ab4f6e2cba14e4ee14aa31a483bd9a49818acc912da813b47d618673bea7958f9315981122d8ac2d3656688000799168a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
e0d0387c75aa38b66eb34a670a8daec7

SHA1
8279994c2e36bb0c464f237f2a2ca1036320dd5a

SHA256
581aa47e7fea40d870a277e13dcc2196e9211d708a31abc31d3e2560b93a0919

SHA512
fcef2cb9664b310b4b3127ff4a42c545b7fc45d14f8877eecf17217bfb9d174f2d43d3e6d1c2f60f603ec0998b742b81aad60dc1b3cc33623e3978326621a2bf

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/files/vinebre_ac.txt

Filesize
19B

MD5
6ba414de84c9ff3865cc95bef5807df6

SHA1
2530d7553cab2aec24efa0e9a8b2bc2a8f49f7ec

SHA256
ef32bb09754d228756385169fd1a0a91e025d115e7b3dcc9e6c2136e66e95d0e

SHA512
0a6cce2213eabab29cf72acb3351993417aba92efa89dec2809b7bddc168d0df3c14fcc7bc1046ba8e7197b2f6b0c22d960b710df2d01ef7fb1978d7d5d96869

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
ae265e9ff22f18329b92e629d337ecb1

SHA1
b0a6ef1a2610643217f962e1da6d6c4652329780

SHA256
4d5c45ad119450f771d3cd8d40f4f76e058b69262a1d300c236ca785d4322646

SHA512
5e2d084cf141347bdb9e68cac828c50c47fd622a3f1fb1c9b41d8ca8844928cb02d0dca89cd476964570f29182d9dc47a40fac536ab930fa161de8c6649b91e1

Download Submit