40974c813da115808b31d6d6a5131372babe553c13d8f8af2c0b434e10f82c45

Resubmissions

08/05/2024, 09:35

240508-lkm5nsge59 6

08/05/2024, 09:31

240508-lg1xcsdg9s 7

Analysis

max time kernel
146s
max time network
130s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
08/05/2024, 09:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Delta_Exploits_-_Best_Free_Roblox_Exploits_and_....apk
Size

1.7MB
MD5

eea45a80c891df7d1fe07e36c52db9ee
SHA1

b3c00b9bd4985017789fa1d3304e7c603c5dd527
SHA256

40974c813da115808b31d6d6a5131372babe553c13d8f8af2c0b434e10f82c45
SHA512

58523d3f170e327936ec2d481c9cc09e825e1ac63e6ec08795229a19cfa4fc7a36df8aaa6906c02dbebc606765a061c8fc53cbe10b1a6eaff03295e23f44c687
SSDEEP

49152:4HLN8eavXhpVn5lzrJ2vb7RYoRu7bcjR/KSEjZ:4Hh8eaPnhb4TNJu7bcdiSEjZ

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.monsterdefense.nearme.gamecenter

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.monsterdefense.nearme.gamecenter/files/6e200830.dex	4351	com.monsterdefense.nearme.gamecenter

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.monsterdefense.nearme.gamecenter

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.monsterdefense.nearme.gamecenter

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.monsterdefense.nearme.gamecenter

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.monsterdefense.nearme.gamecenter

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.monsterdefense.nearme.gamecenter

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

com.monsterdefense.nearme.gamecenter
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4351

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.monsterdefense.nearme.gamecenter/databases/com.google.android.datatransport.events-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/6e200830.dex

Filesize
1.1MB

MD5
1e94d04923c2efb01985721bf5e5437c

SHA1
d1c0139ff518bfc9a3901b3f77621edb7d0812fd

SHA256
34fdabe1216806fa4b54acba89334905ed019343cb4b39d2f980bf38796a68a1

SHA512
a48c305b344b94c5fc0c66abec0b89a39783a733f352949dd5919e0c5da80065447c52854e0b85ff27b0f23415f1c8b141fccccaf9dc05aa11bb2c8c0b21f6e3

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/NA

Filesize
704B

MD5
df65224d3da17d22619b3420557a3796

SHA1
997458d9b5513117757742081ad9d31bf80d11d8

SHA256
555582ddb2ad2d505b57591b753a220f0f2e69d83d3fa4589e55f3f11792a465

SHA512
6492235e98978d363090ddb7a4fa52205186f7a69c2c25f181b52c1c347b5d562408bf478a51350f41033a0b13ceeb46681fa21f4e1af75e5751a517943b67a6

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/NA

Filesize
404B

MD5
13418864cd53dfd7f1405e8368a3ce38

SHA1
334949ed38a5ec1fffeb721df9b0716de7d65a1f

SHA256
cce565d175a71f88f45470074a9762081c8cd6bc98a7814f705bd7bf67ed0e20

SHA512
a6d7da6d966f0f9a67e4d161b96948467c4e03cbee52a8480fc69d7248f7fe127388af680142ce3f12d95ae826cb1fb2d56d99f038e7e375eba223545ac209d4

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/PersistedInstallation3345043666140314252tmp

Filesize
569B

MD5
71cd943f473d451789755a2acb0cdb4c

SHA1
7d8660cada0b5fafe73ba72f25e882b8f1e74046

SHA256
1e4fd34fe6570b9f294f87524959596279eaa8bb7794524f2272be4143ebf85e

SHA512
e0bcc564d4add1009d0307ca02bfc12b66dbba1c8da45270a408c5bcb5bd7fe0b3a10c86f8d5901f42ac378408cdf306ad70c1331e52a10709820a40ac4230e1

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/fHJnH

Filesize
233B

MD5
74aa2af37437b60f73f453a36f67cd8f

SHA1
9db1d0f7694d47dc966bf3e75356a0af139280fa

SHA256
cb842485dfa3112659618260ad3407ddbca0c26ed991397933cb6b8c546b4adb

SHA512
90e122c0d0b55f0237b1f9307d7daa6718c9e3c79d31eeb43a1c2ee10caa1385ddd22eb428914a9c06541b008ba1c358759f0d06244ad7c56e24b2a828183c3a

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/fHJnH

Filesize
233B

MD5
3b315f21d9aefb2c18b3c74538db159f

SHA1
b9e8995d9514ecd0dbf0dde0575df2d05ccbd91a

SHA256
2c3d051cfcb0cf8b0b7fc3569500c84386ac1e4ebc6ca1a321c546da4d61aa26

SHA512
0bca45c96739dfe3c9d750ce8e7153d7c96c9683e52e58dd40d05f8fd943e2749e75b242d9313d71e93b3d16c5ed4fba9adc780478b70298457a5a43df86ef2b

Download Submit
/data/data/com.monsterdefense.nearme.gamecenter/files/fHJnH

Filesize
233B

MD5
b59eb2e331076fb4c2c3c761ccc13b6c

SHA1
a2f1b32edde7235ba024d62e6b954b2e288e1b49

SHA256
48b82f83cb32e7cd1ace864fb45e9bf1907f7a7b400ad0c0f3df4fa1e515ca34

SHA512
b437368d45d6c5e4c540084514be515a8446579bffd9aa1c008b2a3ee01a1ba7fe4a38ccbec311f35a63d100fb4fc7389348b206c87fae458caaa58add6b8153

Download Submit
/data/user/0/com.monsterdefense.nearme.gamecenter/files/6e200830.dex

Filesize
2.8MB

MD5
96a54cf486165d3075469dd272044adc

SHA1
5eee6ef06fe43ab9279a328aa72227ef38d013e9

SHA256
f00fe1a966b4be8bafbddd2a5400124fc28824129589ec777057afb0e0fe6394

SHA512
bd87a94b8ec699fb188e3f23e34a6167616195942a099e1bc0c7d0fcad1d846685544ece751ff54035357d04669c39cd47cd3dc5535169ae7a48f724fc86a029

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads