Analysis Overview
SHA256
ac2e0b8ef98bc32dc38fa105b3682597c8705aeb3c4aee8a8c53fac59704c92b
Threat Level: Likely malicious
The file GTA-V Prologue ARMv7 (1).apk was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Requests dangerous framework permissions
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-09 04:59
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-09 04:59
Reported
2024-06-09 05:01
Platform
android-x86-arm-20240603-en
Max time kernel
30s
Max time network
37s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /system/app/Superuser.apk | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Processes
com.rusergames.gta5prologue
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | perf-events.cloud.unity3d.com | udp |
| US | 35.190.78.8:443 | perf-events.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | config.uca.cloud.unity3d.com | udp |
| US | 34.111.113.40:443 | config.uca.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | cdp.cloud.unity3d.com | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.178.14:443 | android.apis.google.com | tcp |
Files
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/Resources/mscorlib.dll-resources.dat
| MD5 | 21d06dbc8af6432b2b49536ed30609af |
| SHA1 | 11a1c0e2ab2f8c06fe4507535ed47e0dd279a60d |
| SHA256 | c5baa176a5b72cd545266340e42102d393a5e43d38c95796bc828918bb95277f |
| SHA512 | 2971f54eaa14c3ce6e2352e5a1aea5b044f0894bf4eac92de8cd92515b6473b5ca56ebfcad4369a9d4935cbefea2540a83f332fd4d832c37768310e8776ceb5e |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/Metadata/global-metadata.dat
| MD5 | d0de76e8943f86ea4b38291b52c55bfc |
| SHA1 | 5a9c90adc4d433283276c7c7aea662cabc26d514 |
| SHA256 | 83cd97ebeee350ec2b5efa84a77fdba18e3a485defff83045b3822886d0ebda8 |
| SHA512 | 12a256670bf0d0e8099f54970af5494aa2660fd1247e443a5657505623dd32b17c5dfa48d4094820c1851193097da6392d35738bd73d54d16bb93eeaf012434d |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/SymbolMap-ARMv7
| MD5 | 4663fbfefac615ddec824834b2302678 |
| SHA1 | b7b3259c6324e69c1f4fdd62ce14ab298df07654 |
| SHA256 | 3a3d7edff0295ed5a5dd8d3ae8616641dbde10f843bc3a50f013cb2322c44b7f |
| SHA512 | 5014ffc55756e40633e4e33df4c1111970f542f4d119ed9e153a37b6c883a216948c6d2b2c0b1bf98cef7e98088914399f6b03c4b994e71172b11328d6868e7a |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/mconfig/config.xml
| MD5 | f34b330f20dce1bdcce9058fca287099 |
| SHA1 | 936520d5bb5c00a1985d7a4c4f0ef763a9031862 |
| SHA256 | 0c56e34c69124510fa8c19e7b4c2ca6c1c4ff460ae19f798dd0ca035809e396d |
| SHA512 | d6d4a8321eb44c117755a41a2590296be86a0568d27a5347f9d7f32f2d151d8f7e169675c83faed2dab5ad0f8d81858f8cd1167e439cd4bff7e68c243e3544fd |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/1.0/DefaultWsdlHelpGenerator.aspx
| MD5 | 66fed2411c14a0fc8ce4c593ef601bfb |
| SHA1 | 4680a34aae1193f1e4a6aac1a5dd3c307de257fb |
| SHA256 | d87d5196b2ae2abf4e673315e1fd22c3a44df80192f23e89b78108579c287524 |
| SHA512 | 331874a9956c87db0646e4d21937a88009804a59fdf5f5882ea5b1dfb7dd7ef17724e09877d98f52e7327bbf38a46dde0c54d5c85f1e860b88322bdfad64679d |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/1.0/machine.config
| MD5 | 4bad452a2ffc4c6f982e2f43fb44f6b9 |
| SHA1 | 4445d53dc755ca2f977b01bf9d77357b3dfb0cc7 |
| SHA256 | eded908c507a7a230ee7ad3146d8893cf140638e6eaeab58bff05c95c2f3a7e3 |
| SHA512 | 1611968d2c19f3c9472a43d692a4451fd140dec1d6d5da6b819d33e62936f1d69d69e65c13b893158aacf985093bd7167f50d9c80c0789a79303fe66a9ad956c |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/web.config
| MD5 | 2b6303c4f12762b71051db6e947f90a4 |
| SHA1 | a4d7e05516f63d6ab67327b299d4fb2852cb840b |
| SHA256 | 3c1a76a5849074b437d297656a208a3bef6d84b982153542b9c797046c601dfc |
| SHA512 | 80f5da60654e1851ef21526e434b32d94e18883a08bacbbaa0e1f85b80469c46510b6ddb9b429f16cc4be89c6f2bb2627bbae9cb1d0c7e45b665efb7721c6d86 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/machine.config
| MD5 | 433d143955ab359dff61c0bff982a176 |
| SHA1 | 7eab623c58d853d733c0a5e586a47e09c4e3efdb |
| SHA256 | 531d0d5bc30466a8a7ea6c032639721d7f16aab57c9701ef0afab5fdb432792f |
| SHA512 | 914e7043806fcc2788dbe388f94a2c9cbc6b0d5eae59609ee411a4815926d879b05ba8f338ee07b88e95a44304ebc9cbefa19a948fa52ffc0f786957c9729c39 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/settings.map
| MD5 | 55dac562878b7dd98ee8a7ad203a26e6 |
| SHA1 | d16baa15e7d3042bcf9d7318209c696f4daf2cb0 |
| SHA256 | ca89036b7d7f1ae9311a6a2fbcf05fc5b997bd43fd21dd54e11c18018ef65f08 |
| SHA512 | 987c5cd86a9825953de670e5c15404694feb15cd5fa9afa8af4c2d5bda9d805839c9695d44122b32e0ffafe08d720c3df58000e89c8822fd9a5eb28eaf2ad478 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/Browsers/Compat.browser
| MD5 | 0d831c1264b5b32a39fa347de368fe48 |
| SHA1 | 187dff516f9448e63ea5078190b3347922c4b3eb |
| SHA256 | 8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741 |
| SHA512 | 4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
| MD5 | 3b3452c399f27a24ea5a589c7bfe750b |
| SHA1 | b06cb1d09ad3bbdf1d8214c910e3da2a228d113c |
| SHA256 | ae044cd9cc2c7c42f8864195125ab440472d657e5f0d55e131f7890bd45c518a |
| SHA512 | 41c099350159e942be8bc04c8f59c7fb0fd4bd99db46f1c0158f0fa053c08ae0c73e9d169f6816b77376283cce5beafdcfe5d3d5e3b98e8b358d67c34b954a04 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/browscap.ini
| MD5 | 378be809df7d15aac75a175693e25fbb |
| SHA1 | 2d5454e161de8a5b65910f27bd70d9d0ad8fa476 |
| SHA256 | 4ddd50f31fb968f30bedefc253a46dc3f2890192d05cdaa9e0a64a056eee807e |
| SHA512 | d0d181e806cbd2c016eb0a8786f7d9db877463eaac0195db4e891be111c9ed87491a1abcfa0d9ed7c2743e004e1f4a3f4789333d0b535e63358c672ae833c363 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/il2cpp/etc/mono/config
| MD5 | f95c345c1c53b820487f6b72e62d5485 |
| SHA1 | 957e4e50e74c50347af92abf240c2c7aab3f3f79 |
| SHA256 | b585c70c70c88b3e03489361558f5d711c2ef71df9baaf37d92dbf95fbf6cd92 |
| SHA512 | 6b06434d07ee51be064a3efdca65b73e6c8e7560b43fb61633b08c7d2a0d792fe0670e57088c1dabd23929e0b7f7a27f65f503f2b640587042c8bbe98946368b |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsTest.txt
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | 209d7186cee841abcbc954314f6cb0db |
| SHA1 | 2517650336e9de41e1cfdb9d4701f6f814e9ca84 |
| SHA256 | d78086088173ad173e73be760ce2567556fb46a750740345ac7aff25c03c5312 |
| SHA512 | d0b6f3a78705673a570de13ec5d8feb9678b105c53e589c4cc85d6e9beb74187cfe72c3c0a6345dae8140eeabb41c577c385c14ce05d92e86abcc38d27e05d77 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/cache/UnityAdsCache/UnityAdsStorage-public-data.json
| MD5 | a7d1bbb8aed59513e035758e3d881d3e |
| SHA1 | 3215be3f2b57050f0f187e732f87e6bacfa38f48 |
| SHA256 | c18b5eb870f960a641d10b80c364a0fc220cf4a823592526aade8f93ede6ede9 |
| SHA512 | 619b40847eb1fc03863e197a204f5411c6732fa9020b77309dcdcc026ceb7a7dc934e1e6b72c6c07b335ba8f415f5877cd3843cb626c7c77eeca83e1eae72f1d |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/config
| MD5 | 8673a8ac0b06a9d056d08d62f857ba4b |
| SHA1 | a351bea1932270bafbe468584058fef20dcfc31e |
| SHA256 | 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96 |
| SHA512 | edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200000.7fc15f1f/s
| MD5 | 9709fbec17c0f97e2374d535a35d582c |
| SHA1 | 8480989c21d3cfcce9e7d42e2eddedae2a29c342 |
| SHA256 | f610ec2adffed0e5e93986e916e9dae1d84f0c461d76d1ea21c2b8dc8d6548d0 |
| SHA512 | 6e03cdda4b229c6beb154bb60195fb8a3d0887223b98a08717fdbdd3bff9197b2583ba0a5e1a790d7d66ab2c356ee19a4769fd6169546c3f7178d72334398782 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200000.7fc15f1f/g
| MD5 | c81e728d9d4c2f636f067f89cc14862c |
| SHA1 | da4b9237bacccdf19c0760cab7aec4a8359010b0 |
| SHA256 | d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35 |
| SHA512 | 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200000.7fc15f1f/e
| MD5 | f4aa42fcfe26fc11def1bb832b1f41c4 |
| SHA1 | e2a4d9b5a690fc8b8d9dcf4c6ae1530f58458392 |
| SHA256 | d84a7f78a246c972e53480624e55744b9f7c872969f44b6d1c1c5f84f4df9443 |
| SHA512 | 9f3c7e5cbc793a38fdf174d5ead093f863f020dd9c92aec75b36f9c68362a7fae28029336ca592b98c3124633a721b39a36842829bad9692f39bedf8c7a2863a |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200001.7fc15f1f/e
| MD5 | c6af0918f15a63ccb9b9a030073f07b5 |
| SHA1 | f292a7ae1cb9495c349093b7b22e643d2a6ade87 |
| SHA256 | 846510a84da33942546309f328ae6844da99475c29cc8e05cd23444ce3329e3c |
| SHA512 | a13a1519305ada8f0707d13341afacdc0385efd218c0d6a2a7b72e42bcbc0782adc5fcf965705384faf1872af129062c28641208c9d66ff4351fec0cedc9011b |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/values
| MD5 | ce5cce1d05ce900dcfd6426caed7aee6 |
| SHA1 | 081fbb9ed0e6c8b21c5d4f6494ab282986005e0e |
| SHA256 | c7ae65a50e573c12a3b4c4049bfdde93637ed2a7ec59163766ba59fbf703dd25 |
| SHA512 | f1ead5557c89a1132bfb59f2c934fd544f01660dc98c6ae9a12f90d45b14d7e4462d7b8ba1b5812942f103f6e21919a34a3f13e853bb5d5b4de2b216a3d5ce53 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200002.7fc15f1f/e
| MD5 | 7520432b0a3698735af7c1ef1b8eb877 |
| SHA1 | b0a69d896508ff4d603412d3e05969028d6d6272 |
| SHA256 | 005b4c46bf7f3998c2ab2dca7668c64114b2d601d2ed5fafadb2417c258d9603 |
| SHA512 | a0c7891e933e8025b7c2357ad1620bef61579e42e06baf27c1d39a89b248e748224c80b835d5f723125d75c8810c1d5f6e135b9f040aa602be5bfbef38d0ce6b |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200002.7fc15f1f/e
| MD5 | 8e9ffed8dcdb5eb0a8c980bb58fcf461 |
| SHA1 | f717fecb109ffe76347a2b8b25b5963a9c027f1f |
| SHA256 | e0763a74906e322cb94db2efabaa53078b7dfa13caaa0b7bb6d5e94f84e77a2f |
| SHA512 | d1b6ddd3e0a87c4b308249ccd57d2997946324b14969d6e31e52bd1b2dcb7a197fdd6fd0b28e25233e7a2bb21df89bccf253a2489dd802463068baa326a7fd92 |
/storage/emulated/0/Android/data/com.rusergames.gta5prologue/files/Unity/fee8ca55-f322-448a-ade3-63171511f3fd/Analytics/ArchivedEvents/171790921200002.7fc15f1f/e
| MD5 | 7d2b9ce73d02c39861cefe6343c79d8f |
| SHA1 | eba5dc84c4aad476fbae9e4d1290acd8eb224810 |
| SHA256 | 58efeb58609d4b3855840726d89fbe0695a645da9a568ea6ed80f969c1cb4ba5 |
| SHA512 | 7e1410d20d9a5f2b4713fdf692c6a5fa03ecb4e33b751ea03c662c127f65f59f7d6650c66d75b0f4d3f9dcb43ab0d9749cc9641451b70ad76ce74f9b0ae7e296 |