5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
48s
max time network
154s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
27-04-2024 15:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freerobux-9-8.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

collection credential_access discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/cpuinfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

freerobux.appkh

ioc	pid	Process
/product/framework/com.google.android.maps.jar	5031	freerobux.appkh
/product/framework/com.google.android.maps.jar	5031	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	5031	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	5031	freerobux.appkh

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	freerobux.appkh

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	freerobux.appkh

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	freerobux.appkh

Acquires the wake lock 1 IoCs

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

freerobux.appkh
1⤵
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:5031

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
fc572bd518dea6509a2388e84be3f916

SHA1
22543d22fabdf0181217105501be6e9ba3c25364

SHA256
e304777904a7f741aeb9d939ebfecd5c183a96e37bf08fa174d3aadbc28fb3d8

SHA512
43e02e4f5b96d45e084a58cd8504ecdfdccc7494f1dfc8a094d8bfe2e824e15219a945cbc753f58a59d72ae374839ee9bb5b2e0d92805a024b29d3bbe07668e2

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
7d46a2990a5ae833bf3808ff83e969b5

SHA1
920d7b7b1836b45d5dab3ca3db86a5e86b80640c

SHA256
4b22eb488cf121187929bfe6949da7ecaff4b44b8b01802ea25652423ffa36ef

SHA512
a87d87b76953d3f2daf89533b1f761a6a58586a735d31f7c0009788cdc8f6794d52cb3808cc34276bba0936a315b85dc24a25520e163b2956af0858dba243ea8

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
dd46340a2e8a56e01838b9cdc73a8e8c

SHA1
dd464d2f493e52d0198c8cd46b3073e8bd233c2a

SHA256
89ab413415075166faf1a0d833becdfd8cec1448be95c80973598187684aba92

SHA512
6e6e76e2e758602a8479e1e5e4e4af45f53df12d2e8cf3cac758006e6e3c0f6bdb16b0a2459f7d7ee71c7900c9bc595060070a6c74ef56e3ab60f1cad8289b20

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
6c0a28b333ec728efb44c7e2d693525d

SHA1
da2982270905551ab08dae91b6a2b10861623446

SHA256
e388830ba0ae9384705c51e37e817d8677d1fb0dc8e070ed12548c20e332842a

SHA512
54f495ed89802d7591e247eadfde3ca60f38005cb6aaae8ee916ca13a9ee63541fd47f07548c93f984e548e01214e3b60c86cf8a5a459c6a7ae1ae54b533bcbf

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
bbe974b08a30d11ea70227996843bc0a

SHA1
dbcb39716b19f484234c135aa28c177a681b7fde

SHA256
664e8f7cc8873af6384d1ef66dff3dfb6b30368775d8a6571140ab763bae45b0

SHA512
37cce13a0ae7b3b9762e179a6ce72e47b3acdbbcbba2b34ce90244c7037d27c55b9edc390ea79b2deb422edc34fcd6651b05100fd11be71486d3e5638199142c

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
b65aa82745af08e6ecf2e3230a4b1c79

SHA1
55e9e4d2717da37b613787c67cea444611af637e

SHA256
5fa8369bd88798720e7f28bb519c3701950e52518b365823388862af8e4bb5a4

SHA512
79eb76a92f725c11ca3ce64752420b797924cf7d322c64d76cd4bbefa2e373a05d4f9e3b139a80d9d24ef27e66bb555ec9906e6aa23b5c6f9044924efafa6bc2

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
512B

MD5
ace6d16a528a8fbb801bcd95626d5ff6

SHA1
0469c489a8808b418e64502b103ff29af0b9b3c4

SHA256
fa88e9840f7722ea846d597609c2598246fd0daa3ec894fceec7f1e3c7253fd1

SHA512
1b8c3814f3f3e3b9e15e85c9821b68bf16a601b1b360a02896c008369a09e5a2b67cfda8542299cf1574af6bb79bb330af752b2968aab4f8a0bd6c151a0c3fae

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
0969c4c06f48422aa59f56abb2ac8d8e

SHA1
1da87521777d1e6daac2a7ccd38a38512371dce0

SHA256
dea10cc0c2ca6a97a8516e0dcfd00c797c703fcd43b0956a88d447d381519747

SHA512
faa06c79f2b3ea0d504ac216e37c4cdb47f958e97bfa8955c88ee37705a09d58baa4db3daa486997269a5f11b2c58e5130ad14906c7f257bbefa06506c9d15eb

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
2525cb6996ea472d441e09843b42bc8f

SHA1
550aafc7f3d0313f135e3c1767fdc75f6303564a

SHA256
4c02d1fe93856411bd432bbc04b922c423f589ef5f5e8745a438f2598d9e7ca3

SHA512
90f1060bd4f56ca4cff299ae6ca33cdc9fbbf2e190edfc0aeda126179fb622bc332b03aaf90786c3cb50aa7a623a8ba7f0137751aead8da89908ad93065df0c7

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
a8c36e74c02aac608c5fa17cc334bea8

SHA1
365c181b02ad54ea726bc3d0758df5adb8286412

SHA256
c575c5ccf58e310348c45247373b8c2ddba7f4aba0528e4ef9ef428af3c31a89

SHA512
b663e1d86f4163ed270f51de14b8a29b9e600cf9a2630a0e6c7a4ba05900388195ca9d00d6fbf6d1926cf8a46f4c0c5e43870129d628487d9187df5a29235d55

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
07af122f60b86f3012d4de6beaaaf735

SHA1
cf2dfd8c5f47e0a1ed00301a6c5c30900c1aee49

SHA256
79c1fc1ce987f0c28367bf92c16a93fe0c4e4b5ae6004ebcbf7cf290f016e878

SHA512
09e3d8129f8800769cbe34694cd322b12c081b1e2ac97d05498b063d05594cc9cec4ccf959991a3d9d605247e350efb7b7da0c40994efa85bd60264c2a2df610

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
12KB

MD5
467193d74754d327bbd96c18a3366c67

SHA1
ab32fb9c0ca09526006922b5741f3fa2f43052d0

SHA256
6f174893d7a6f66a49964fb521a9bc465a10936d34c01674154b96f4b470cd45

SHA512
26e5292c31d31dadb63c44335e67aee39aad0ba63bff6f19da140ed9677d60774b79b72d5310c98ee67830e837cf830c10d77644861da91ad3dd6aeaf61d82b1

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b426844711115a89d562c02265be054

SHA1
c509a433cd79ef6618963d753ba7beda60e051c4

SHA256
aa5fa19d2e9629323c9ecddf657b93f2a3015e19c7f8f2f2a3e41546e8e8e74d

SHA512
ea777e6fee97d0713df7fa61bcb30de03e6e9c224bc4b3550a51e015bdcde30913de884a54fa70f7d9fea91dcf5166451175c298bb6cd5bba4b06fdecacb397f

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
78d0987e497adc61afdac864b4dbb33c

SHA1
d19f14ed132718c8d898ceba37ac461c6110fc72

SHA256
633a7a32543613d0b951874a18005691279e0a0ccb7b3d8128747f256e0a0f12

SHA512
cd1900b108f627a57e770b6b72d0d1f3a936004eb111ef83c1a89cc122e71090ae5c81f7c4a724e5ac8657fb983d66464f894643ef0819b710feceb5cce83fea

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7dbad48a3a74fc74a8138453b7b15a01

SHA1
b747183c35671446b25081d6361e17f89d0c36d3

SHA256
43f7e8679704f968f9c4f1ace266fc7acf39a34d9212cedcf43a2009d6b19348

SHA512
a62ac9f33b03ef4b41ffab1218354ba6b41e2470c8e3f2b0524bffb3452e9b13baf93c2063acc8761741577ad2284587ff70c38aedeab9e959d907812baa1cde

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
bcb5d5230c45ff1b1e68ef6d14006650

SHA1
715e4bcd350346d401675f53fb3ab431fd05fbd9

SHA256
9b2cfab5d9f5e14b209e03df07978d0653f8008db9072a43d3efd0ac6b54187a

SHA512
6732e534aef7e528ab155798eda711b77d49e8a0189c9a41669751728eef2f0b0efe8519c421198f481f600374aa943e1ec31a1099e48c367d2bbd85ce7c158d

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d8355540a6c39ce10d301708484ceed1

SHA1
ac940fce8e175c4aa91e2856821ce4a0c7ff0b78

SHA256
258a9df82b3c58cc0839d823cb12c95ba52d87565c3a72668c6a6fa0f5562f37

SHA512
068160ee1d36e574a40dd02357bbb13a2469207ee8b8ba7f45c0c5d16b325682fccdea91d0b6f299835b780dbfb1577294c34a3eb9911394c6b42c9a22ad113a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
397eac6361ae387a088e42d043724503

SHA1
01874f2379608dc59dac89ce3158d92d4981100d

SHA256
7d755c1edcc078c139cf8dbccc4ea98b4947c5aad7dee09912ad77f08a2ea13e

SHA512
1c71cd73dddfe2e2848237d40b30ed4a1739c4c383cc59438d3924b9e62e83be11cc41a93e9bee38bad8c80c4b6551cbc4565da85fa1d90b025a6b435848dc1f

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
102eec5d0240e91639b8d50175840894

SHA1
e8f13c8d529907ff69a5b2ed3c7d865d506a4b90

SHA256
ec9981a7f35735105e64d07c7da3c777eaae85953e52a1463f62624b86dadc79

SHA512
06ea83e0d696808c5f9a97053dfa105334b82341d664ec41303115b68a81753b3a854af2d6891281014e4ccfb2dabb183ce08bc872bc7eef2a982dd56c512591

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
b6ca6e2072949f8021bc0c8150340e0a

SHA1
18ba661e866306d3334c51e832004cac46ac6621

SHA256
e0a29a707ffc1c767b0555588bf001ca075ba945f3970f1daecafeebad85d625

SHA512
1609f9bf904cf5554fa036ea68217f4b54917f91fa29165924a41612ef9763fe4e3b10eb0bc56f6796032840f2d37868176ef4d13e1e4253cd45797f0ed16cb6

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
cda4f95e9c60425c7584fa3facd13d05

SHA1
f1375c65390186f531ae4f3feae55a5718116c37

SHA256
5439833add7f39f7d842e97fef6e8c3324711cd2094257269595574510f578ce

SHA512
bfa0349e658e31bd625dfd372e850dced85a86c3204af3e47992b56b1976411a378a5ad53c907d8674521508d9dd6a5d345ef119b409b536f09557062ad24f68

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c92bdf9c0adf59215ea1bd8b93c7d9a5

SHA1
a1045226a69027d2921c49c73f64bea1f699c0c9

SHA256
3b1ccf8ae1754bc6448444b425cb257b4c6ac2250548b65cdd72d0305cc7ae0f

SHA512
0e178da84845ab4c5c55abd51b76c4064ec5872f0498216a748b3e379afa834d42ca2d5ea8da26c0c621a05cecbf03311cb5d649eb619181311827e3b0321d4f

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
9448c6417766a96a361b9687cd09679f

SHA1
22e39d60be88b7003cea82ca60ef243a77745649

SHA256
6f0ef6bd8b5063059930e5724aafc6d8a09fb9bf705110e3976819dfbe55f7ea

SHA512
537cf89941dd0b0682ef189fe1c0341b65fe29919e8da857ebcbd32ae82bb5e374587b9dafbf3a4e032f6d38c4dc4fdd6af79c21485f4a7642944809fd570c57

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
bc1a648a25702493bc9540288fe4b9a7

SHA1
d80cac00a33211d386929f66e51cb8b4e259170d

SHA256
22f580dc4a2004e1e97d030a1610250e578c1212b17b481de5ab845c917250c9

SHA512
ba7fe16f4c1fe55e75b8021cee5c0a3190358b5db22af380d5ea876e263274c08cadca55e8250e9964de7261ba8cf11ee5e3d2ed1dea5064df83dce7dd69c31f

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/files/vinebre_ac.txt

Filesize
19B

MD5
6ba414de84c9ff3865cc95bef5807df6

SHA1
2530d7553cab2aec24efa0e9a8b2bc2a8f49f7ec

SHA256
ef32bb09754d228756385169fd1a0a91e025d115e7b3dcc9e6c2136e66e95d0e

SHA512
0a6cce2213eabab29cf72acb3351993417aba92efa89dec2809b7bddc168d0df3c14fcc7bc1046ba8e7197b2f6b0c22d960b710df2d01ef7fb1978d7d5d96869

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
d82c236e042833f069d170948a6d47f2

SHA1
e5910802b1608f2919345f09c3f837e28accaf60

SHA256
de1a973654641e14ee750e1ba535a898a5d88e8589a17f2121315af2671ef7eb

SHA512
f7e017a2bf0e5e93343bb16ca7e0038bf32896d2192832066d639abf629d4893b950c3b7e29257a9e8b74fed6a38958ea8ac3f6104a2acf6f67089a7e225cb6b

Download Submit
/product/framework/com.google.android.maps.jar

Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit