Analysis
-
max time kernel
146s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240506-en -
resource tags
-
submitted
08/05/2024, 09:31
General
-
Target
Delta_Exploits_-_Best_Free_Roblox_Exploits_and_....apk
-
Size
1.7MB
-
MD5
eea45a80c891df7d1fe07e36c52db9ee
-
SHA1
b3c00b9bd4985017789fa1d3304e7c603c5dd527
-
SHA256
40974c813da115808b31d6d6a5131372babe553c13d8f8af2c0b434e10f82c45
-
SHA512
58523d3f170e327936ec2d481c9cc09e825e1ac63e6ec08795229a19cfa4fc7a36df8aaa6906c02dbebc606765a061c8fc53cbe10b1a6eaff03295e23f44c687
-
SSDEEP
49152:4HLN8eavXhpVn5lzrJ2vb7RYoRu7bcjR/KSEjZ:4Hh8eaPnhb4TNJu7bcdiSEjZ
Malware Config
Signatures
-
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Acquires the wake lock 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
Processes
-
com.monsterdefense.nearme.gamecenter1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
Network
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
1.1MB
MD51e94d04923c2efb01985721bf5e5437c
SHA1d1c0139ff518bfc9a3901b3f77621edb7d0812fd
SHA25634fdabe1216806fa4b54acba89334905ed019343cb4b39d2f980bf38796a68a1
SHA512a48c305b344b94c5fc0c66abec0b89a39783a733f352949dd5919e0c5da80065447c52854e0b85ff27b0f23415f1c8b141fccccaf9dc05aa11bb2c8c0b21f6e3
-
Filesize
704B
MD5df65224d3da17d22619b3420557a3796
SHA1997458d9b5513117757742081ad9d31bf80d11d8
SHA256555582ddb2ad2d505b57591b753a220f0f2e69d83d3fa4589e55f3f11792a465
SHA5126492235e98978d363090ddb7a4fa52205186f7a69c2c25f181b52c1c347b5d562408bf478a51350f41033a0b13ceeb46681fa21f4e1af75e5751a517943b67a6
-
Filesize
404B
MD513418864cd53dfd7f1405e8368a3ce38
SHA1334949ed38a5ec1fffeb721df9b0716de7d65a1f
SHA256cce565d175a71f88f45470074a9762081c8cd6bc98a7814f705bd7bf67ed0e20
SHA512a6d7da6d966f0f9a67e4d161b96948467c4e03cbee52a8480fc69d7248f7fe127388af680142ce3f12d95ae826cb1fb2d56d99f038e7e375eba223545ac209d4
-
Filesize
567B
MD5faaf598d3f57751490995faf41c09aa1
SHA109f64ee4b97b721998eab84a3a3c8c042545fe8b
SHA256dc7d93e934fc4c1a22aa8742623ce17bf5e9475481b739f3ef2d6472a8ad9326
SHA5129b34ffe581c06b5805ce0ccd98bfaa2c8586f6b672b8f4dd7dc07dae248f78b2855b3b03cbe533c4cdf5e152f41e93c27373cee7bd1c04252300185db3501023
-
Filesize
233B
MD50d17791218849037ad6511c9e55645ce
SHA1abd8506deb8d54def23a4d523639805b8767edc1
SHA256ac883318785446ab47b92a7b4d0939646ac108065d38917b0da58faaefbb16fb
SHA512aa23b4731ee33f556c0b91f8680fb7cbcca5334e2c09408782ff0b19df36547ee682663d97bd27368d5642e43b604265998dc5ac8685b89c7a81e3590b28771a
-
Filesize
233B
MD538346dbf2931a19408eb648a4946a7b9
SHA1c92d3ed0e549ce9f1a93e054dabebcd89de9256f
SHA256f00574efefe783cbec720ad8262f0353f31382cef16bf12c882e79679397dc47
SHA5122dec51f3b2690dea95dbf6839b5f9c9dcb96cc863c7c755e738fae789a3f76bde2e530122f64a2bb34b0aa5753215a2d7f676b034881627b06cac617b283643c
-
Filesize
233B
MD59024bd795be05ac784c7c8a64058e85a
SHA1d4c88da5665b088169887013e222e82e27cfe0bf
SHA256c7f3b0b73b325f43299b2c2831aa8b865ad33dee3b2e0218c0d0f1fed1f25ffa
SHA512b6b8b02fdc8ad2164c5f27da25e88dc86d0be4c394fb72367ef2156d608db9234aff5cdc1cf3b5941718921093fe00d013fac63ab31b522827b8011716d26701
-
Filesize
2.8MB
MD596a54cf486165d3075469dd272044adc
SHA15eee6ef06fe43ab9279a328aa72227ef38d013e9
SHA256f00fe1a966b4be8bafbddd2a5400124fc28824129589ec777057afb0e0fe6394
SHA512bd87a94b8ec699fb188e3f23e34a6167616195942a099e1bc0c7d0fcad1d846685544ece751ff54035357d04669c39cd47cd3dc5535169ae7a48f724fc86a029