322065142db14c1103eb59757f4f05906462dee7019b9099a031015acb6edf53

Analysis

max time kernel
4s
max time network
131s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
06-07-2024 22:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Vega X.apk
Size

175.5MB
MD5

e1061a8c5a62968df5d31934e07e006b
SHA1

9b8f0a9d1ae9c638958aa55ef763900b446c8be5
SHA256

322065142db14c1103eb59757f4f05906462dee7019b9099a031015acb6edf53
SHA512

82b206ce29309d33453e6384d21dac260a12b5a1bc41b3e410612ea43cd51bf6ce91d07bdd6d4ec5fcc1186373d7fb8442cb3de549728233d7934da218661f95
SSDEEP

3145728:uO3licqZjodXtSm6ayAjsj3fr7o9LBwGt0JApK4tBKtNa01PJFW8jp+XcycQwssg:uOPqlsvjsr/opBwHJA048Nx1PnW6pWcG

Score

6^/10

discovery

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.roblox.client

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.roblox.client

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.roblox.client

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.roblox.client

com.roblox.client
1⤵
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4266

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.0.tmp

Filesize
7KB

MD5
42e0180287c82d0dac6cd22a62c742e5

SHA1
36895c9d3521de7703d8ea5bfe24582fb4c5d997

SHA256
02ea0c3f21a254dc77681b135810bc66809baae43d47ea4756f4887e8f0ffd73

SHA512
97ac2547d1aeba33935d34d64fa0d970d95e1a9c7bfd8b97c3b16b27e40ec3fbf89dd7265c00d5ac81dd24b1302b8c0a0fd50db5fcca4ba45ba199ec72acb563

Download Submit
/data/data/com.roblox.client/cache/0de3774d53f29efb27fa09a940a0ec5f.1.tmp

Filesize
221KB

MD5
e8bb634df5969f8fb91bb834a926a5dc

SHA1
b5d1625857a90a3c7ca69c155a10f2cf0ec24451

SHA256
76b1dc159032878d6a68f7ab1e17fe8c9fb7c25edf8f21759a45f1324ac33029

SHA512
f26fecab7d53bdab00d70c14b5cd7e112ab9cbf70cf4e5b8e330cffcbdd1294c3d84f81ae51d33750ef3e617c87e455af72cce9c54ebd4ef974e89d48c3ac763

Download Submit
/data/data/com.roblox.client/cache/journal

Filesize
126B

MD5
729bafb8bb4cd114a71bd598194d2551

SHA1
7111c06d019c71a8d4223204386d7c76ddb83835

SHA256
6ba030173347153e2ab7c648544d2ca3e457378ab8d562018c1fc0ebe27b1aba

SHA512
e3e5e6cc08ce4ea4cc4f0c7ffe6760deedea00cfdcb4bcb8e83d595fdf55d6e6bec834e2f515b0891d227c46602e25af9ebd3f7ceb1ddbbefa5f08ef157f6ed4

Download Submit
/data/data/com.roblox.client/cache/journal.tmp

Filesize
36B

MD5
37e8e716e0e2f4a0b05cd9571d95b84d

SHA1
f8d068f6931707bddb8cd69f706f2224ad1fea3c

SHA256
7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

SHA512
e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
2dfec03505a42bf0424088d944114241

SHA1
edd0430d2d535c39bdf6af9cdda8528a9aad5d5b

SHA256
fd28bd9af9c74ab2f4c893f63ddfa8be7c34424df93ef247dbf904109ff682c9

SHA512
a2bfbadb189df62286b4e5a498bb646668755c252bbbc1a9a2a877c8ef12c9b592f39a35b8e494149489aaa350270157c46579dab187fc2b98fc94ae80c5e1c1

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
87aefd02e64c51c5fcd190555887187b

SHA1
930c2d6b5ac864a1530fce41967f713efe6d760e

SHA256
58c19aa12362f3de20179f54187124ebf0b5385e62efb6c407132e88c5a8d70d

SHA512
b6677e523bad723cff52855bf25e44e8a6f65ef3b4a0e83835995291d679f22cc3345c4d96cbc26d7b4f332bb35dd66e491484eba84846f8ec45ac73496c720b

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
8d461272c4e2d22e9ff6790f5337540f

SHA1
b8189d7e7f229a9107c3a7d9619624b6f3327edf

SHA256
cbfa33fecbc7c5d9e4b52bfa4d559762e742cff25655870731601af996d48d54

SHA512
2d0a11941a9852fc6e28b8cf4b8939a9be62927f0aae91c2142283f8b2d8592b2f14ed04bfae6c7c6cc674a9cc72951ccd3620333ef5dcc8b86ab144712e820e

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-shm

Filesize
28KB

MD5
cf845a781c107ec1346e849c9dd1b7e8

SHA1
b44ccc7f7d519352422e59ee8b0bdbac881768a7

SHA256
18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

SHA512
4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
1c39419122fa8d91470c076fddf8801e

SHA1
23c784ba84ac280b1a81822afa47f27765e7add0

SHA256
c006b4fb859735adb47dceb8770e7dff30f1a454be53897b39103b4cc4d59d1f

SHA512
26109791798b3b8c516c44f7d9e86015e7e01c663e6dc0c8878008f98ee82930507bc804a790d414877e1cc883c9d21014d3b7c329949ebec525b92695da8350

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
af3a8f5923d96493289e08442501986e

SHA1
6bcd3e931587dac8a49ec886bdfc7bfac1310014

SHA256
c8f7deef515382720be05e0ad4aa18015759fd846690c19638f61a363e90a456

SHA512
a5db48c9f343d63661bfa312ba7a9928a0ac581bc0095476ecefd8c5c9f84ff0122edcf55863bb875536cce1ecbbccdf7428f8cd1adeb2316e0d6e6592dbbe52

Download Submit
/data/data/com.roblox.client/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
470cdc75d1cee6092e4b694a28ff9216

SHA1
bbbf0d7507633e273a06fb466f658e05b1034518

SHA256
bb396c3e5df64a576de3342cdf439ed390e94658b73702552342e44ce5c8e6e0

SHA512
a0d82e55b1da4fdead440d9ac0988167b42464db9482117c42631c03dd242530d9def168756f60afea02682652be170aff512435310d30f0ed32b6f4ee05b644

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation7175535585503394952tmp

Filesize
560B

MD5
744ac91f8745cca769914e86dbfc3ec5

SHA1
674e52fa8a615351aae423ec5dec441afbc4a807

SHA256
14352c0097d1dfb28efc4546c928c7bb9f855e9a4dd2eac37e7ed4cb2b8776c9

SHA512
5417954a4bbc526d21f98657a00d7920d2991dce7c77689cbf4e487187d41b330baab7d44b3f19ddcd54b9f1c21fcd0682b3b8700574010e8b86d6a59d545da2

Download Submit
/data/data/com.roblox.client/files/PersistedInstallation8143606899102148397tmp

Filesize
90B

MD5
821e642aed58ef88c5d536401f32fc7c

SHA1
00dfded832a1b57b02ddd927c557bb5db66bfe6b

SHA256
31427ce29d4715d790bb329e2b3ca88b404e04058c409d52543b7c5e15ebbc5d

SHA512
d51071c8b4c4fe98092abd483832970e7ccd92946f2858e7617d72b9e479717d5d38db83609841178965457bff191f787fe1a9ce15c2064049dca935291a92bd

Download Submit
/data/data/com.roblox.client/no_backup/com.google.InstanceId.properties

Filesize
63B

MD5
5c6fea77268dcce63a6974f4cd1a7612

SHA1
5b3ba04ad2229f56214c5272ec2830f7efa80c7f

SHA256
06518273a51db8bdcf5cd9e6715515aeba57a2e77d9b1b4deb8c089dd56b089d

SHA512
c6304c3b5d3d41b55040d6aab71b4513bad10e65599eefe629103b24634b9ecb79c5075e2cae784d23fabab58cb64af607376a933107de48c7f621afe0fb1faf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads