7ad1bab90675a7d4463a5df4b759842a11e7d4243d20e1f7a09f30b32c45ab26

Analysis

max time kernel
45s
max time network
183s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
24-05-2024 12:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freeplay-tv-en-vivo-gratis_1.0(1).apk
Size

6.3MB
MD5

8e41193f22ecbb233404d5b1a9cb51e9
SHA1

6bbb0fefdd32a32d21e0dbd11d13ab606edcfafe
SHA256

7ad1bab90675a7d4463a5df4b759842a11e7d4243d20e1f7a09f30b32c45ab26
SHA512

ad492f084c0d726df4a2dfb7b95c69b07e046d90f4cb06a9946299a5c6645c4f8222b21102f4a1d4b120b5ed1d00243eddbb4f0bcf641661599234c5f6614cdb
SSDEEP

196608:90fVnY9Vb0sy9FHbBqgl5BZn+HYQpcm8a:MhYvb0n9FHrl5f+HYQd

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs
evasion

T1426

Processes:

freeplay2.app

ioc process

/system/xbin/su freeplay2.app
/system/app/Superuser.apk freeplay2.app
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

freeplay2.app

description ioc process

File opened for read /proc/cpuinfo freeplay2.app
Checks memory information 2 TTPs 1 IoCs
Checks memory information which indicate if the system is an emulator.
evasion discovery

T1633.001

T1426

Processes:

freeplay2.app

description ioc process

File opened for read /proc/meminfo freeplay2.app
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
discovery

T1422

Processes:

freeplay2.app

description ioc process

Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone freeplay2.app
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
persistence

T1624.001

Processes:

freeplay2.app

description ioc process

Framework service call android.app.IActivityManager.registerReceiver freeplay2.app
Acquires the wake lock 1 IoCs

Processes:

freeplay2.app

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock freeplay2.app
Checks if the internet connection is available 1 TTPs 1 IoCs
discovery

T1421

Processes:

freeplay2.app

description ioc process

Framework service call android.net.IConnectivityManager.getActiveNetworkInfo freeplay2.app
Schedules tasks to execute at a specified time 1 TTPs 1 IoCs
Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.
execution persistence

T1603

Processes:

freeplay2.app

description ioc process

Framework service call android.app.job.IJobScheduler.schedule freeplay2.app
Checks the presence of a debugger
evasion
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
impact

T1471

Processes:

freeplay2.app

description ioc process

Framework API call javax.crypto.Cipher.doFinal freeplay2.app

ioc	process
/system/xbin/su	freeplay2.app
/system/app/Superuser.apk	freeplay2.app

description	ioc	process
File opened for read	/proc/cpuinfo	freeplay2.app

description	ioc	process
File opened for read	/proc/meminfo	freeplay2.app

description	ioc	process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	freeplay2.app

description	ioc	process
Framework service call	android.app.IActivityManager.registerReceiver	freeplay2.app

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	freeplay2.app

description	ioc	process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freeplay2.app

description	ioc	process
Framework service call	android.app.job.IJobScheduler.schedule	freeplay2.app

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	freeplay2.app

freeplay2.app
1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4326

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freeplay2.app/cache/1598581401714.jar
Filesize
9KB

MD5
03ee9d194982da8259d81957162c9795

SHA1
f05ab5cc908262c4dd51f3e8ca49bc346dc136b2

SHA256
d44cfb6b41231f150cf310c7c4d399be9587294e3727197e046db4a1c2c3ca3b

SHA512
241f97312aa3e4547ce7f3195667301872bded70880ce33641a26292530ec2c22614a85c7e2437c5a88fff0e6359ef9c253caa79fa49a025869ae5dcbae524ff

Download Submit
/data/data/freeplay2.app/databases/androidx.work.workdb-journal
Filesize
512B

MD5
c024da29e6c43a636b671978278909cf

SHA1
caea896aea6eb37a946400650aaabc954a80f375

SHA256
3e673f443fb9e294e95a155c7dc6335d8d8b435403ab4ecce44f2938ce2d1bce

SHA512
a4dcc27a9ef30e27e94dfac550675c6b4819cb3bb671f3e83e16e2cf24be8392d9fbf7b860583f425149f05194529dfdc47578c165e37a6cf980ca26e4de7884

Download Submit
/data/data/freeplay2.app/databases/androidx.work.workdb-wal
Filesize
16KB

MD5
627c26c8abe3785a055c3d35cfa4e8f7

SHA1
d014f968721c891ba9110b2d1f3a36b6c67f0cc2

SHA256
80808ba4a8b3e733cbacc12c8968b4e36a199d572d8bd741b3e8f60b9687f287

SHA512
c731d40351f38c117453ae78127dbe18f0bae73315c3924b717c529f3b367141c479277e5fe37f6cf9cfcde0c17d5254b15ce9759b94a19d18d86df3c19314c9

Download Submit
/data/data/freeplay2.app/databases/androidx.work.workdb-wal
Filesize
88KB

MD5
143c236dcc7e8d496c3f4bf0972443b3

SHA1
dd4bb89a065bcd2baf8e83a1a8123e81189e4eec

SHA256
353376a504d1b9c49b81ae0d25414f3f947e3718f08721ce5a55686e3eee06a3

SHA512
e2e17b8f3c54fc1928f71d611039652602e7b2df7ed2c80baa44f898eac4162d18e1fae7796cec4e83832fa2dbd946f151488aee121ba39de0a1a3a0b8207a0f

Download Submit
/data/data/freeplay2.app/databases/com.google.android.datatransport.events
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/freeplay2.app/databases/com.google.android.datatransport.events-journal
Filesize
512B

MD5
6c4dec20cf3c98267eda8002a9c0bdb7

SHA1
44019831053a80757de215d5e6209d3610d47078

SHA256
b5aeee2a90088b8cfc85ea7299830a0fc4d241cde527f76533457bb89033a0db

SHA512
4854341279e8374b033fd8b15d93c63c027a8c3244bb7862e311a003e83d2d391bbd0ede837018a5f7b1c50a2bbb188a934d24a37297b2eb7674fb61e3b7766f

Download Submit
/data/data/freeplay2.app/databases/com.google.android.datatransport.events-shm
Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/freeplay2.app/databases/com.google.android.datatransport.events-wal
Filesize
72KB

MD5
e2c3c0205e704f802a5c9b511001ddfa

SHA1
5c6f8bb3127b21e4a80d8167a739338b85bf72f2

SHA256
5cf85ad712596102c09a13341b2a2800fa890f84217347b00a6346c34dbbd633

SHA512
f49b69c4174e3a62bedcf43c046df207d8acc11767a18d38c898ce51d83da35208182108bc0e6e16fa2d5b723fc28f1fad985cd2a906676ab797bcf5f706a52d

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
a390584f1402af5ad93bd79e2ce12ac2

SHA1
d2b54a90efb96187d4f264727fdedfa13981bc03

SHA256
f036541e623cce4e97301ebee53ac0bcd2274c2559c947ceca676de57703af57

SHA512
1938b879445becfd92635a99487a5821dcdcd5e708e966f576e52e49142f509e4e6906512c062db99913a56a531db176a3f754088bfedb2f03ee52b0850f4eb1

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
486e04e3c8c90f00af193de026ab189a

SHA1
11f30632f6cd346e51764787706058ef6274fc95

SHA256
0b7d40f680249e0d6bb9a627a75337958685aedba99fbc71dbf2e6438a25c484

SHA512
984a2160431d183eed4e497913a5d54da880647f1fa991450eb745a7bd1cb1eadc4c065ebd3f6a1419a3a6df30d23f75317875229447fa728372e8d08b89e672

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
8f0aacad8c4027b71bd42964abc78055

SHA1
a37bf6e5288109f8610bb7e50fbfa52839cc8370

SHA256
8364498deacd1977dc6295c014c7d6c75be167a69dc95c56fdeb1cae839f43e7

SHA512
2e2214db3f65ce2d4d3bdb8b64c340688ce59af36537441cfefd3a257060be42e0ea582a4f364ef539db72bdec34821e312b8e9bbefcc76879378c11e793caa4

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
2af609b648e453fffe001a9ab553d06d

SHA1
948496066b2c802a74f6564d8282db32ea1e2bd1

SHA256
773fd0d8232593879a35e06a5c9836e3dff19dcc243c5ffbf9814ab224c4fe5d

SHA512
4d9c5559a412af779b7f39a3376c1e6ab7b18f1d19ea9bef72aaeb5bf0f656d23f8cd0e08930efc91df4418af55f32252bf60ea9bfa23d230cad5bca7dc47fb8

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db
Filesize
16KB

MD5
6626783af72a0ccdceace420b7e7e50f

SHA1
b902a217ee0cf292c54c17e85c1ae8d11fa8812a

SHA256
82561f2414a061fb1151f505c883b3890c63e28bdad0535b6e89eeea0365c139

SHA512
793d8e1373c1818fa8baed46f4c2981b29cf2826935602efb825924cfa6534765f0204a7f9217fc87f5d82787e059cc97a2a1e935fe02183f116fbfc0487776b

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-journal
Filesize
512B

MD5
c70033b201947799f8eabf040458ce71

SHA1
19e5e847114cfe073dd1d6ba095b1e3bfc6b5650

SHA256
bbbb48219fb63bb197302890178e2af6740f26e6b33770530e3343f26b23ad91

SHA512
a52350124e5e2d9c5c7395ed676c1edb616456e18d80f870404831c8021d66d7e026a6af3b7e0d7719b5c6dc1e82d390f18a942da06888b11ba7506587640343

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
36KB

MD5
f9bfe4b8099be8ce094641cfdd01949d

SHA1
16f18737b723a2fec4e2009a2592d2727d2c6bd0

SHA256
05f8fad5b89c422859d79d76bab87d659915011c155ab1a87d70f4da2ed11081

SHA512
9c5e297c86fbaad06294996079ba63f87619d38b6c710f78efad97d6dacb981935a137a376d7ac3f29f3c551c8c7a04aab5b2dfaa1d80d08203ad00581f9467a

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
65ca898b3aaac742f1fab582fdf232fa

SHA1
0729be543e213db1e615976191f70b3eee90feb3

SHA256
6bf900da71d010733190f37c0399e6321f73b88891588fbaa193b268e89f3133

SHA512
cb497c5bbd36206dad5cb347a6f545df9478d2ea4306e03508bf15d8cbb46011f0aa3e1d7b2bba93ad09bcb9fca79113a3915a015955d5163b085b5edf3684d5

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
c1f09e06dda2d2f2d276aa0c784117bd

SHA1
c46d5938afc4af23b3f701cad7805a70ca1ff4e3

SHA256
ab77f2785dda5ee311736a45519663cda0507730c9af8009ab9b1d55559062a8

SHA512
37fc944b62a9772ede6823f20de18640bd6912145f2eb53bf55cf1830e8521e5dd4d8e9a5d6246a81f82b2e4b12fb303ab3f19e0c3f720df6295aa2e253731a4

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
d982bdd9243c0ff8a8de9f3ab7354654

SHA1
7122ed59344ade1157bf5d0e0130cc3ab24c71ba

SHA256
9cb748f94b748cd6a7937709335a9d0d338573bfaa55a9afb24314c3c5f25d8e

SHA512
2ad34849fcd91ef6586bc82de1b5c79506f7bfacdbe3a78608dddef687a83dc29782d652dee2ae37d1800d8fb4c02c900aa2d20a09d270236f2758ba5e2fccec

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
92e6e517fbf01891c085b288a32919d6

SHA1
d77b942a6bd605e74c6497d5e9a73ab6951ec4fe

SHA256
b1fc8286caf6e1704d6acd5773e0da6e8067d4a266bdeaf24694e39aac47bea0

SHA512
4fd2e8c527b002876021d3f20db1314630dbd074d6dc61a32b3f01c3c296568509cd32334c27f003cbb4f31baf1aad9f1bcca19356219a3d91a32c2de6a9132e

Download Submit
/data/data/freeplay2.app/databases/google_app_measurement_local.db-wal
Filesize
4KB

MD5
f28f67051795a024574b97a8d7eb0abd

SHA1
bb342bba9f78e5aff83dc71ae8b41a9e49edc0c9

SHA256
4282935376690b22a0d0f2f3e647074d47aedb5312e57d465a8124c04aa49098

SHA512
84214911b169b22385234bfac04327dd591768e7d225abcd1ca7cad1db3480104e4bb740821e09cfd749b672348cd3020a27a7058f5d21195a601f3c1354166f

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/665083690309-0001-10E6-32FF4D299196BeginSession.cls_temp
Filesize
75B

MD5
caf6770d11293f7dfa9ca028e6ab27a9

SHA1
a8ab67e657d8afa0a2baaf9d0153173cba82e65f

SHA256
eea9a6694578aa16775cb4b43d5ce0f86e4bb082176e49e21bacf8c1b2fd5511

SHA512
903e8d8e0382bd9dd0ac068b81c8a429d173994aed0e50c6f3f6cb760fca4b1df9e5bf33595c4c5385efd649488edbe982e20cc7fb94a961b373c39fad20b977

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/665083690309-0001-10E6-32FF4D299196SessionApp.cls_temp
Filesize
61B

MD5
261f785c60ca0499e0ffc8db121c846a

SHA1
1ba1f1800d4db165cd38d5d0e5c2822a10a7ef31

SHA256
ae4895a8ac26ab3f6ad1d7f936c5ca9426c8acdb1cbcb501d1a123e235c44118

SHA512
2e38027321db5fd99f497df18d99d3b5874919c8d8860e0c8b6ac05ce00b41eaabd24b3ce8ef78eb03ff97477ecc43ebb2abcb67b302542ec7d98b6457693539

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/665083690309-0001-10E6-32FF4D299196SessionDevice.cls_temp
Filesize
48B

MD5
cf9cb0612d588a1f71b63084cea67316

SHA1
3d035bb92fd3f8997160cf8025c40239af74d3ca

SHA256
0d37c5a64baf86735501f9044eeb926b3d46548cdcf67c2cd1f773df36624ac9

SHA512
70f000233e181e3b7c6fcf07aa04fdb570f970335837f8d1c4680a9f78af9f9e17c73a0a5646770f7a8787e338899edc4a5197b023865a4da894b1aca12bf600

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/665083690309-0001-10E6-32FF4D299196SessionOS.cls_temp
Filesize
14B

MD5
9b3d4522944ce6396563812bfdb92fa9

SHA1
6d2a6133c8f01938a48ccc77ef86ad8ca335c020

SHA256
d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9

SHA512
091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json
Filesize
709B

MD5
84db46c45a9acd086add3b494a87b7ac

SHA1
b54aba959b088cd79688b1a19f543fc652ec5391

SHA256
b04751f8ef8f2a4e2c5c7b6d4be771528ae7360babb414d0a4d9c95105bdbe50

SHA512
0dfa45e7fbb3ad13f0afd126a56c46257ca54e72534a6726bb18ac33b8d8fea1a648059f11862695ebff685d32115683d40d35da6a3cf32e601ee84ce4273d6d

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-665083690309-0001-10E6-32FF4D299196.temp
Filesize
192B

MD5
0b6820d5fca25c1dd8970c36918435f2

SHA1
8de354769c5bde94498d0a20bd01b1cba10fb1fe

SHA256
541e53d3f0d0e7e9bffe7295e12c66ae599ff3b80ea13043baaf32d66638c7fd

SHA512
23c33d61f10ef8116be855622036d73f9646e57db1c6ad6ebdd16767eaed436a3ca141f8d74ff23e027c85a367a98b8b915ce717f45aab0c974fa2813d0f2645

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-665083690309-0001-10E6-32FF4D299196.temp.tmp
Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/freeplay2.app/files/.com.google.firebase.crashlytics/report-persistence/sessions/665083690309000110E632FF4D299196/report
Filesize
730B

MD5
1667eea9b1d63e61435f8fd4b72a0bf2

SHA1
74935bb383460cb5a4fa246ac2bc6163ecd8ac26

SHA256
14b032109c4bb6b19d7069aad07731b4c030947be11c4b185fbe4c445225b04e

SHA512
5e610ba99916e0a1eeae00040e77d545f2fced235667eb5451cc485a1543a011dc57c521d8104359eb1e5dcb3b831b71c509900daa488349c4b26389ed34c222

Download Submit
/data/data/freeplay2.app/files/PersistedInstallation165661505992975091tmp
Filesize
570B

MD5
44907395d69bb26e79de2685f31e3e44

SHA1
87c6c42b1a379970627fa21810b51b5673b8ec3a

SHA256
1afdf5c36f76bf82c21fae88d4479b6931724cf2ac16edcc74067333a071532b

SHA512
5c456be370dc6ac2d4e0bfb338bce715959cbc8dbe27f0e3f2c5828c1dd6958b8163cf517841dd8a798193bb967d6f34325ad35173e97c071457e97854b7440e

Download Submit
/data/data/freeplay2.app/files/PersistedInstallation2115705804215624506tmp
Filesize
90B

MD5
a4a2aef85d42d0c9a37fa3143e6b8613

SHA1
3f88e7d005d1df47897aa3a7a86e331569c5097b

SHA256
6e2d83eb7fd306061506cffa84e7202628c10c072e05ce0c055dddf599ff6ceb

SHA512
26ec768d43892b9526c3ad799fb40c28cf37f173e531ce070d75ce6877622d8c22a8f3a999b3f9911ec4cee933b7a5bc89d0b4f0ed882fcb13f602e5d0e0aab9

Download Submit
/data/data/freeplay2.app/files/frc_1:921579615390:android:8ca1d4c13dc8f42a7c378f_firebase_defaults.json
Filesize
1KB

MD5
61cf78241d7bc7acb8d7a6ec0cc6a3d3

SHA1
c212b6c11e3095b738ec7230db7134ab05248b5b

SHA256
c59402884b1d370ce2ae311f76e17c108c0481e62c397484901cdd35e9c86f89

SHA512
2c06e5319910fe9a837eb9bb6c0fbff95505a30d5e86029bc5962a84c14aa124b3c282d4b2803611fdfecbb2ea020ae98e3405d79b76bd0d5c3ca12f49047ab3

Download Submit
/data/data/freeplay2.app/files/frc_1:921579615390:android:8ca1d4c13dc8f42a7c378f_firebase_fetch.json
Filesize
921B

MD5
3b67cacfab724e38fe70a906003911ec

SHA1
03f251a2c754cf65608e21ce9b5b3e8625045d86

SHA256
5d0039e00ca18229299d534872a78d09398fca08c447acb150c5cb3df5107f59

SHA512
37bdde77d861a0946b97380c6618727ac0be3c85db1f344eb35c46b497a4c6f9137fb5009b6e1a48733c09c3032e39b085ce8f3a491dfb888efce78f987fd7ad

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads