Overview

overview

10

Static

static

10

roblox_modz.apk

android-9-x86

8

roblox_modz.apk

android-10-x64

8

roblox_modz.apk

android-11-x64

8

Analysis

  • max time kernel
    1829s
  • max time network
    1760s
  • platform
    android_x86
  • resource
    android-x86-arm-20240514-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
  • submitted
    02-06-2024 21:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    roblox_modz.apk

  • Size

    756KB

  • MD5

    e72eb8efd08624921e0e97472e28eeee

  • SHA1

    39f4e01c4866cdaef5e4b3bb009ea2360107e0f6

  • SHA256

    fb3d9aebaf5904faa165667690a72728521ed91a124f4d654587443cc20a414b

  • SHA512

    ec826ee268b1694a802d4fa35609160e62b22254b28eb4dc1b3a428bd1ff24c00851d802ae57beff804d14fa87fc7c6167e4a1ae18d2bc1479bdef7ba6bc1e53

  • SSDEEP

    12288:Zjq1ivaxzaEREo882tc4M90CHZAtd7Xoc9E6fKCs/KdFusT3cgtN0FV+6Rq21+zS:ZuiCI9+h4MJK4aC4FHT3SFV+GNjitI

Score
8/10
collectioncredential_accessdiscoveryevasionpersistence

Malware Config

Signatures

  • Makes use of the framework's Accessibility service 4 TTPs 1 IoCs

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access
  • Checks CPU information 2 TTPs 1 IoCs

    Checks CPU information which indicate if the system is an emulator.

    evasiondiscovery
  • Checks memory information 2 TTPs 1 IoCs

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.appser.verapp
    1⤵
    • Makes use of the framework's Accessibility service
    • Checks CPU information
    • Checks memory information
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNi0wMg== .txt
    Filesize

    28B

    MD5

    6ebe6eea7a93b192ee909b33bb8271ee

    SHA1

    a05bc64513e6dd085df78355de81b031497ec773

    SHA256

    644db3f2d8444b68d18dbe90a5da58104c9c4a3950fcef20af9c70f593ff2a8f

    SHA512

    348858cab25b359fb4a6081311b508bb8447adfdd10f42a9013dd0a934ce24f0a6d4a2ccc600d5ee6fd07d07846ffeada4acb479e16b575dc8e57a4ef1377760

    Download Submit
  • /storage/emulated/0/Config/sys/apps/log/log-MjAyNC0wNi0wMg== .txt
    Filesize

    20B

    MD5

    7199c473a174200dade01e4f2b9d0262

    SHA1

    893e31546a86e4b29bfc835e7130e43410f4f866

    SHA256

    5ff62cd2d125979b9fa413bda83ed576ebdf9ea88146d3647d3ab085809d127a

    SHA512

    55001ea8608b6db36c01ede9e7d083491e0f3351fb5f1e8d8d58b6b61bb6264f2c2e7ef460e5cb2168bbf1408f05e38d669f9bb141df37dc6f4fef0c82c640e6

    Download Submit