Analysis Overview
SHA256
ac2e0b8ef98bc32dc38fa105b3682597c8705aeb3c4aee8a8c53fac59704c92b
Threat Level: Likely malicious
The file GTA-V Prologue ARMv7 (1).apk was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-09 04:58
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-09 04:58
Reported
2024-06-09 05:04
Platform
android-x86-arm-20240603-en
Max time kernel
87s
Max time network
139s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.rusergames.gta5prologue
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | perf-events.cloud.unity3d.com | udp |
| US | 35.190.78.8:443 | perf-events.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | config.uca.cloud.unity3d.com | udp |
| US | 34.111.113.40:443 | config.uca.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | cdp.cloud.unity3d.com | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
Files
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/Resources/mscorlib.dll-resources.dat
| MD5 | 21d06dbc8af6432b2b49536ed30609af |
| SHA1 | 11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d |
| SHA256 | c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f |
| SHA512 | 2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/Metadata/global-metadata.dat
| MD5 | d0de76e8943f86ea4b38291b52c55bfc |
| SHA1 | 5a9c90adc4d433283276c7c7aea662cabc26d514 |
| SHA256 | 83cd97ebeee350ec2b5efa84a77fdba18e3a485defff83045b3822886d0ebda8 |
| SHA512 | 12a256670bf0d0e8099f54970af5494aa2660fd1247e443a5657505623dd32b17c5dfa48d4094820c1851193097da6392d35738bd73d54d16bb93eeaf012434d |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/SymbolMap-ARMv7
| MD5 | 4663fbfefac615ddec824834b2302678 |
| SHA1 | b7b3259c6324e69c1f4fdd62ce14ab298df07654 |
| SHA256 | 3a3d7edff0295ed5a5dd8d3ae8616641dbde10f843bc3a50f013cb2322c44b7f |
| SHA512 | 5014ffc55756e40633e4e33df4c1111970f542f4d119ed9e153a37b6c883a216948c6d2b2c0b1bf98cef7e98088914399f6b03c4b994e71172b11328d6868e7a |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/mconfig/config.xml
| MD5 | f34b330f20dce1bdcce9058fca287099 |
| SHA1 | 936520d5bb5c00a1985d7a4c4f0ef763a9031862 |
| SHA256 | 0c56e34c69124510fa8c19e7b4c2ca6c1c4ff460ae19f798dd0ca035809e396d |
| SHA512 | d6d4a8321eb44c117755a41a2590296be86a0568d27a5347f9d7f32f2d151d8f7e169675c83faed2dab5ad0f8d81858f8cd1167e439cd4bff7e68c243e3544fd |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/1.0/DefaultWsdlHelpGenerator.aspx
| MD5 | 66fed2411c14a0fc8ce4c593ef601bfb |
| SHA1 | 4680a34aae1193f1e4a6aac1a5dd3c307de257fb |
| SHA256 | d87d5196b2ae2abf4e673315e1fd22c3a44df80192f23e89b78108579c287524 |
| SHA512 | 331874a9956c87db0646e4d21937a88009804a59fdf5f5882ea5b1dfb7dd7ef17724e09877d98f52e7327bbf38a46dde0c54d5c85f1e860b88322bdfad64679d |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/1.0/machine.config
| MD5 | 4bad452a2ffc4c6f982e2f43fb44f6b9 |
| SHA1 | 4445d53dc755ca2f977b01bf9d77357b3dfb0cc7 |
| SHA256 | eded908c507a7a230ee7ad3146d8893cf140638e6eaeab58bff05c95c2f3a7e3 |
| SHA512 | 1611968d2c19f3c9472a43d692a4451fd140dec1d6d5da6b819d33e62936f1d69d69e65c13b893158aacf985093bd7167f50d9c80c0789a79303fe66a9ad956c |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/web.config
| MD5 | 2b6303c4f12762b71051db6e947f90a4 |
| SHA1 | a4d7e05516f63d6ab67327b299d4fb2852cb840b |
| SHA256 | 3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc |
| SHA512 | 80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/machine.config
| MD5 | 433d143955ab359dff61c0bff982a176 |
| SHA1 | 7eab623c58d853d733c0a5e586a47e09c4e3efdb |
| SHA256 | 531d0d5bc30466a8a7ea6c032639721d7f16aab57c9701ef0afab5fdb432792f |
| SHA512 | 914e7043806fcc2788dbe388f94a2c9cbc6b0d5eae59609ee411a4815926d879b05ba8f338ee07b88e95a44304ebc9cbefa19a948fa52ffc0f786957c9729c39 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/settings.map
| MD5 | 55dac562878b7dd98ee8a7ad203a26e6 |
| SHA1 | d16baa15e7d3042bcf9d7318209c696f4daf2cb0 |
| SHA256 | ca89036b7d7f1ae9311a6a2fbcf05fc5b997bd43fd21dd54e11c18018ef65f08 |
| SHA512 | 987c5cd86a9825953de670e5c15404694feb15cd5fa9afa8af4c2d5bda9d805839c9695d44122b32e0ffafe08d720c3df58000e89c8822fd9a5eb28eaf2ad478 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/Browsers/Compat.browser
| MD5 | 0d831c1264b5b32a39fa347de368fe48 |
| SHA1 | 187dff516f9448e63ea5078190b3347922c4b3eb |
| SHA256 | 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741 |
| SHA512 | 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
| MD5 | 3b3452c399f27a24ea5a589c7bfe750b |
| SHA1 | b06cb1d09ad3bbdf1d8214c910e3da2a228d113c |
| SHA256 | ae044cd9cc2c7c42f8864195125ab440472d657e5f0d55e131f7890bd45c518a |
| SHA512 | 41c099350159e942be8bc04c8f59c7fb0fd4bd99db46f1c0158f0fa053c08ae0c73e9d169f6816b77376283cce5beafdcfe5d3d5e3b98e8b358d67c34b954a04 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/browscap.ini
| MD5 | 378be809df7d15aac75a175693e25fbb |
| SHA1 | 2d5454e161de8a5b65910f27bd70d9d0ad8fa476 |
| SHA256 | 4ddd50f31fb968f30bedefc253a46dc3f2890192d05cdaa9e0a64a056eee807e |
| SHA512 | d0d181e806cbd2c016eb0a8786f7d9db877463eaac0195db4e891be111c9ed87491a1abcfa0d9ed7c2743e004e1f4a3f4789333d0b535e63358c672ae833c363 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/config
| MD5 | f95c345c1c53b820487f6b72e62d5485 |
| SHA1 | 957e4e50e74c50347af92abf240c2c7aab3f3f79 |
| SHA256 | b585c70c70c88b3e03489361558f5d711c2ef71df9baaf37d92dbf95fbf6cd92 |
| SHA512 | 6b06434d07ee51be064a3efdca65b73e6c8e7560b43fb61633b08c7d2a0d792fe0670e57088c1dabd23929e0b7f7a27f65f503f2b640587042c8bbe98946368b |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsTest.txt
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | 6d7c7741e8811820b98b6bd0d91b256b |
| SHA1 | d378e23abb1217e8ca41f9d02199d0d75d58a70e |
| SHA256 | 3c7f7761068071aef2f426ed99ad987edf01ccb1a6ee358a2cc5a2d85708c407 |
| SHA512 | 66c98fb66010a8a9e948f0caed112f1a2eae9bf780231a40514aa6bacc37d05ae8cd428a2d9b12d77643d2465faf59aa070f4994e1d47b2204c705fad3539b0f |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | 834c14a74b16c751a509643c45d03ede |
| SHA1 | 10c7fea1417e4f9475f1193c2e679c8b026d704e |
| SHA256 | c7a4463c8bcd9e295a9a0d56b9ce19c301282de4d951781c1fd29db568eba789 |
| SHA512 | 909c3fcd9d1156a1143a4af3a23f9c88e9e85b0f50096f38606ea3e64d25c008d06a1e9f51ce442348d0785c3366978ddd21fb965e425dceff8d1a02649d02ec |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/config
| MD5 | 8673a8ac0b06a9d056d08d62f857ba4b |
| SHA1 | a351bea1932270bafbe468584058fef20dcfc31e |
| SHA256 | 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96 |
| SHA512 | edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400000.c9fa2fd0/s
| MD5 | 35e8a19dc9a57fe01ec407174f8b99b6 |
| SHA1 | c0faace14ec172fdb5afb7841d6c7676c9358c82 |
| SHA256 | 845ed436abc09378eb900a7cee1e9a332cdf37a51107b033f90acca8baa28c62 |
| SHA512 | 01936de56009019500c70aa6044db3f90dc420d0711ab173a3cf3d1ffaa7f9be264870ce2f373eda6f0d09cfdff791f41772ebffb0025d8d70e914f34c30eab6 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400000.c9fa2fd0/g
| MD5 | c81e728d9d4c2f636f067f89cc14862c |
| SHA1 | da4b9237bacccdf19c0760cab7aec4a8359010b0 |
| SHA256 | d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35 |
| SHA512 | 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400000.c9fa2fd0/e
| MD5 | 426ea679cde296dcd28d72528b22b984 |
| SHA1 | 8d0d10d62428f90db8cf5111e5f6bfa30f46b983 |
| SHA256 | a37e25e699386e93ca6f12d4cc04d8dcfa94bd1687176f7fadebbce1dff6b304 |
| SHA512 | 8fad1dd5ed61569088c0d2d66c663d9d4b9a2375ca93f21bdd85d01182283441b391fec171a54cbfa39d73b80ffcb79d68e609cc12505fd5382b02f0783a73a1 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400001.c9fa2fd0/e
| MD5 | e8c5be020883f1943ee3ae20cbe1bddb |
| SHA1 | 7fa9d597c6dab83656f244f1662eaf296c9388ba |
| SHA256 | 17dd4a0e78e7bad6e52df1df1ad52a6b6865f6926b86fb14c23e0b550a44be07 |
| SHA512 | deeca3795aae1af8b4cd5000a08e9890074dfaddc741ba33ba63212ae14b8c94c2a0cbb3f33182e83608f33068a668dae566890202e3cdfeb629fd9191a6200b |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/values
| MD5 | ce5cce1d05ce900dcfd6426caed7aee6 |
| SHA1 | 081fbb9ed0e6c8b21c5d4f6494ab282986005e0e |
| SHA256 | c7ae65a50e573c12a3b4c4049bfdde93637ed2a7ec59163766ba59fbf703dd25 |
| SHA512 | f1ead5557c89a1132bfb59f2c934fd544f01660dc98c6ae9a12f90d45b14d7e4462d7b8ba1b5812942f103f6e21919a34a3f13e853bb5d5b4de2b216a3d5ce53 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400002.c9fa2fd0/e
| MD5 | 59f2683d55d4bf0d1083a45749a20221 |
| SHA1 | dff91953939a49698dd677152bbcf44173a210ff |
| SHA256 | 307aaf8f8e4daba89414d91c133d9d597b1261f44691bf24618d03c2ed8141af |
| SHA512 | 7b828c75175fc604f358a9bf80f5df4e3a552f7fcca5f7d8601051c3920cd5dc0b4ae163e620553906c5762003782e9a2e097162d396f1bd9c1a837a12f10703 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400002.c9fa2fd0/e
| MD5 | ea47cb4407d5c38b8351a39e3ec89d3f |
| SHA1 | e8f0b164678ab01737637577b151f059e57617d1 |
| SHA256 | d6620f0c2781d6de719bb7c02ec2283351429c3e120538b2d71c95d4323c47b1 |
| SHA512 | 2334b5df1ff41e531f3c4ade0150d5f8047268a6343c99202400d782ddb1144f20b3574861b95e657c42cb66d65cda50d77f7f785920370885655edee2b10bbd |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790930400002.c9fa2fd0/e
| MD5 | 4d01163b25321085500f504418245a2e |
| SHA1 | ea4e8f9d396ad89b46ae359014d5a326cecd3be8 |
| SHA256 | 31aba3195e73b3b5954e5f481d5f935c9a1ddfa205c9f709521e6afee4b363d8 |
| SHA512 | 3d5d93392707294487a632b24b2655debfea207e29c54c2b66f0a480a37310f388733d5bc8c96c78c5bba500ffdc71851da7ee42fb909ea79a2662aa72048f91 |