e32a72f8d33cf7edeb8d20711281d0ae476d574fa6e78012295232736f83f648

Analysis

max time kernel
8s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
25-05-2024 13:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Delta_2.621_bypass.apk
Size

178.3MB
MD5

70861b2cc4ef8f50840eb47c38ac91b3
SHA1

0985a7af14ac38e09b23f125aae043d0c680b226
SHA256

e32a72f8d33cf7edeb8d20711281d0ae476d574fa6e78012295232736f83f648
SHA512

7d415d34465eb7cda4945433e754f380caffbada5b1d904cc80f5875dfb36fe6f09233ecfd4a3b95ca6f43eed338ea941ffa6e2c7968b4eadde229e57a531da3
SSDEEP

3145728:0Ym7qARYBIRG91bmPk3rSyDBktNq0YBLj5RFKPY6njKvRAniwuGFAnb69yuuOGF:/aq3D91bmW+YBLsw6jKvRdwuf+oOO

Score

7^/10

discovery evasion

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.roblox.client

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.roblox.client

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.roblox.client

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.roblox.client

com.roblox.client
1⤵
- Checks CPU information
- Checks memory information
- Acquires the wake lock
- Checks if the internet connection is available
PID:4320

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.0.tmp

Filesize
5KB

MD5
74548296c08ac174e519e709f72fffe8

SHA1
bf0f0d362ec3c154faae3858ff62ae1e13a7272d

SHA256
6d7a93ec8362068e894b61cc79b4e00bc54149199294e5d2978fc89d4b8d51cf

SHA512
5fbeb19bf51260de190227115d4f8b09dab9a58bbd0554b78e84b78217b13a91f8fabc4937c1f596341d8f67bc8ec7a758ec9b4966dfc1b6f0712921fd8f899b

Download Submit
/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.1.tmp

Filesize
210KB

MD5
ba0d3b58307335f67f82f611021fabe5

SHA1
ad057a14baa2ae21fecc96a44fbd21df9c0537f3

SHA256
474a6955f5c6b5a785b533567692e91e9ff0cfc05b2db8003e7f836ba45a80ce

SHA512
a7df64eea99057a69457a93c1b8006ba37bacb181d37c76f46e4e0847696922f9580c756ca49079225e645eeda5e8969079fff9b008cae8d36eb51f12a97cdff

Download Submit
/data/data/com.roblox.client/cache/journal

Filesize
126B

MD5
cb323d92ed8463ee442be7aae7d8aa33

SHA1
78a430c174df61b257ddfe0bc226bb200f6b9afb

SHA256
bb91fa9a7b82afb0897d913aee89c0881f37dca29da0aff38758e0853cffcf22

SHA512
393a82ac4527d138d51761f2617c7a45fd268109bdbd89007c40151916af9235b391bb4b458b9e7117d26e39ae3b8299d8dc85fd53425adbb9d2fefe2da86cec

Download Submit
/data/data/com.roblox.client/cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
40d5f09c672dd3b76c2b3789aa5ce8ab

SHA1
388b86b7b69b79dd1f4bf46f071e79784511f73b

SHA256
d10d0052af3edf1ee13d78cc7e2455756fca84fc826fbe9628c88159cd51a7f4

SHA512
1a39e5dcaf91c6a98ea465ac460153973bb56817b472686a4e84c07cfe6e8ebda75942792934be4774b2f57f776d3a91c30a3515257d0987fcca3440c92629b0

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
df2416eaf35141ebad5f824587d551b5

SHA1
0975749fbe5beffc4b1130302aca3ebcb28d0550

SHA256
2e4424c97930cc2fe0c8cf60d1213566ae7796a7619e6e7f2184ab89917afaff

SHA512
21e93054c7d30d5ea41e85659e2b7eaccda6347566d2f0797ef0d9ba183e49b5590f6b58d573b7cb649a278d0309296e26b8483c2832b09654ca0fb0669cc92b

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
ef81a454559553542a5a444248cb2ec3

SHA1
51e1519b3a3eb0b99193124b0a440c30344aa7d8

SHA256
f50c9f5459a77a304a6e91f8dfa20c5984d424eafb3c0f1f8a6dad81eb2087f8

SHA512
23beec16266df338090132ecaee9ee1f624111074a8f80ab0f3bbbbe71e1030b774a854c9150dc50aeaf96a63f1587ec8fd3868ee9b73f11044ee0401af1d6ab

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
36b008a2a9e8509798fea1840cf7abd0

SHA1
233dcc5f36c6a7635f95d1985c53659cabb6da06

SHA256
fa508f1fedcd774b60a763e71c406c4b719520b2bce8229ef119ad6be4cfbc7a

SHA512
039e6b29f841d53f591b4113d6cc272cb0635dfa8c89c2e7df210f343e2aaaf4609aac3a5712c87d8c098a6f9775b92da9ccd6aa5947e2966674dea22aeffb72

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
bde187a17f2e15bd79299bbbe50f82d8

SHA1
893cc17ba690889961cc1d981635a7ba5a135928

SHA256
2595bbec6525713c3fa9ff6aa8073ac098c8e21ab9eefcf1b34149bbac1cead7

SHA512
2f6dce8466ac4c9609e35f6a9bb434b0318e7ec58effd3061dcee6b634ae4df4051e0bca3a52d899ea4cbc88c571156b21ac4973487d703d49e974fd6675785b

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
34f927ae05dd1ed47e971debb1c4bbde

SHA1
01f9c7bef4e43fe6be65bcc1f94568ea9499a790

SHA256
4eeb27ae9d987e85314b78c0c70ebd308d6ddcaf7c7c04f5f3e06e14a0c95b8f

SHA512
ad94e0e024ea9bf93bbdd82f7bf8c6e27227db291fae9fba858919a02888fbb733a7fb7a9068ffa5a223d0eaba03632c27ad25b70f32326b56c24694bd0fcb9f

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation3625628504354157406tmp

Filesize
559B

MD5
865a78011eaec14711bc11122a1e0468

SHA1
b5a26b389ba1d4d0896b7490a56b47aae269e56e

SHA256
03044db8e8b2736eab833f8f6365170aade0c1470e697648b70265ea20c27e6b

SHA512
3a57dd7efeb05b006888bf8038d8ec8919381257de2ae729243eb86d1591aa3c551767ce5b1938135114756e84c734b4c2e2a4827493028b08496246bb00e672

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation4161252312183423253tmp

Filesize
79B

MD5
e4a3d9148df9b30ffebd349247ef8ceb

SHA1
42456d0e2b19301214f7ba791d22454d8920d778

SHA256
62b69a6e2f3c21bca470feeba530eec9374d751cfc032bbda19e11796037d670

SHA512
6eb73a4c15c1b012bb2c95bcc9960a8f825cbb63bd643e4b0cf916fca1e3fe43fec6c1bba5f73b698042f6f250190300fdb27e908468c25838a7343396e56cb5

Download Submit
/data/data/com.roblox.client/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
d49e87020a9363b8d737ab63a40d2e9d

SHA1
84504ae45dff7e37f341b5c97bd8230581bc642d

SHA256
ef02dfdcaeb7acd51a162f81b14763fe34cd37a6f035b9db8b9211ee67e2dea4

SHA512
e5c9db54bb2d29c05d31c9add4d5b49ed1a851cf6249248589be66ee47a48c3a45be41a6ce023f044e1d1505c52bd85e0463b21e0ab514d83131985e63cc2f34

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads