General
-
Target
roblox_modz.apk
-
Size
756KB
-
Sample
240602-z22w2sfb6s
-
MD5
e72eb8efd08624921e0e97472e28eeee
-
SHA1
39f4e01c4866cdaef5e4b3bb009ea2360107e0f6
-
SHA256
fb3d9aebaf5904faa165667690a72728521ed91a124f4d654587443cc20a414b
-
SHA512
ec826ee268b1694a802d4fa35609160e62b22254b28eb4dc1b3a428bd1ff24c00851d802ae57beff804d14fa87fc7c6167e4a1ae18d2bc1479bdef7ba6bc1e53
-
SSDEEP
12288:Zjq1ivaxzaEREo882tc4M90CHZAtd7Xoc9E6fKCs/KdFusT3cgtN0FV+6Rq21+zS:ZuiCI9+h4MJK4aC4FHT3SFV+GNjitI
Malware Config
Extracted
spynote
192.168.100.29:7771
Targets
-
-
Target
roblox_modz.apk
-
Size
756KB
-
MD5
e72eb8efd08624921e0e97472e28eeee
-
SHA1
39f4e01c4866cdaef5e4b3bb009ea2360107e0f6
-
SHA256
fb3d9aebaf5904faa165667690a72728521ed91a124f4d654587443cc20a414b
-
SHA512
ec826ee268b1694a802d4fa35609160e62b22254b28eb4dc1b3a428bd1ff24c00851d802ae57beff804d14fa87fc7c6167e4a1ae18d2bc1479bdef7ba6bc1e53
-
SSDEEP
12288:Zjq1ivaxzaEREo882tc4M90CHZAtd7Xoc9E6fKCs/KdFusT3cgtN0FV+6Rq21+zS:ZuiCI9+h4MJK4aC4FHT3SFV+GNjitI
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Checks CPU information
Checks CPU information which indicate if the system is an emulator.
-
Checks memory information
Checks memory information which indicate if the system is an emulator.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the mobile country code (MCC)
-
Registers a broadcast receiver at runtime (usually for listening for system events)
-