5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
54s
max time network
165s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
08-07-2024 03:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cb15257128695991a490b70a32e2e9f0.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

Processes:

freerobux.appkh

ioc	pid	Process
/data/user/0/freerobux.appkh/files/audience_network.dex	4324	freerobux.appkh

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	freerobux.appkh

Acquires the wake lock 1 IoCs

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

Processes:

freerobux.appkh

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	freerobux.appkh

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/cpuinfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

Processes:

freerobux.appkh

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

freerobux.appkh
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4324

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
06ee145d3eebeea1096d1a646137148a

SHA1
470c754ff48596424c018c0d5c1b45db9cd66da9

SHA256
8be0aeb6af28ddd1c3137b5e4cc5faffec6715f72750bb63992d362261eddbfc

SHA512
e4c666f8b4ae5d4fd3b45f0a82f15eb5fc8d0bc9e7999885236b829f665fcaf062ff79899bcb1dfcc84ad502e78e315fce4d5497992f520a35785cc914c9b250

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
2f1792a2b16a9490e78f2fcac6169db3

SHA1
070ee8121c85cdde7d79f23106c96715fbadc647

SHA256
4e89f27377039f5282878678b72050d5f8e34bedf21669a7de17c16e6c48f023

SHA512
a373f6e2401525fd048daafd2fb5300892b31b4835c7ba9cd3092b3687054a06f40957beefdd203ffb01b44bb0be6b248999c726758ae17f8932bea6fe837611

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
60c29b6195adbaeb6815fb70e1e3dc51

SHA1
78bcc81c4e2c834bd02035dbe793800db9365da3

SHA256
e2aeec465e4c64ad2a5188e2556dc4a7e22fba6dbd0f3a2866a45ffc1f9905c2

SHA512
0735ebf7c0acc3ad4d342aa4a84a3a0e67d60133323701a430ec3e5e8949e5ad15eb3adc28567bb9f4c0377f811875ec9adc06ce0d9e13fcfb7ceaeeb11f1834

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
eb5b13e1d8584dea20b40321ae3763cf

SHA1
0c4b7a6ca19fd586127f85abb58bd00bba2d8c83

SHA256
6370eb9b1ddaf9024a38d02f9e0613e3e7936e340ad3d9d6c20df8fe0ef294e9

SHA512
f742f9f835058177332c25c4bc5e33f89ab2962d29c1ee0bdbaae94491c1e6a0bbe0fa2f7692fd902a514393ccaf70265b03a3994ae1e04282dba3c4e35bc130

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
54e4a13f6635c4917470465ecf813611

SHA1
1669019be650d76ea85d6efb04295f7f0a412aa1

SHA256
a031253858d57757f5693ec62cc2e520aaddf9c8846b22d0e41596501880db27

SHA512
f70e15d92ad8cc79dad396ddd85a9f6158aca4a059701c9baf57ebc13724c0bd37489969b78eab2681476d083d6802b0cf678567c4bd8df345ecd9f087b0d0b3

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
d85590456835b8322ebfe2b4a4543cbb

SHA1
65ae7458119247e88082aff3030e6ab5f4efb549

SHA256
76eac416ed9e7c468fccf62c71850116479963b63f97633c834994b4a49a0c68

SHA512
6029fff54d88670b7fcca0b5a23bb635d684a119aca1901ba5e0da8a42d766ed416ff83ae869d2b055311fe5b40cfcdda1b31a24f19fb021dfafbabd1f6ff3ba

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
512B

MD5
556dc023a97f46850e926f195e7636fd

SHA1
58a1ed62f5cd43ff9cc018d533e92827338b7c9f

SHA256
c6d18609ca742bc1ca1cdc39701ac292ea121043a554ee59e4935cec9cecee93

SHA512
6d146778ff39880600312daffc05939ce747ae9d32904005dafb2596f6e89e3a2ae3c8a54e67617db366b5fb3fc3fdaf0a09cfa60365a519a88c6734fa49194d

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
5d2a78c55149a1c4ba76a442f4d2d650

SHA1
db88630d3b71793b3b4cfd08869ae983ce0c3565

SHA256
135a4791eb7fa2da1b933414a3a131f474d8680a3ceb6344a8d6014b6ea2d592

SHA512
97c0d68f32e9493859031ced8441ee25afa4e43160ce5c23cbc048170396dded72426bde5acfccfa33015eeeca95358605362c4f765986133c66d88e205a3e9a

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
dce7f71f77e225c71885d35eb0d43005

SHA1
e1214d4dc5ae0deb7c363ac740b194b7cc16b190

SHA256
9c04251f01e6c2e6b53bbe1697f8b23d2ec96f8dfed32ef86d8c7a03eec10dd1

SHA512
a3049d7f4cef2c50167d544a02f3d21bf6f34934129c53e8dde31dfb558c686d38e66cfcc048eb53eb86f0257538bac26734874f5703c76583dee9f3597fbb45

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
e6eb622b2b78494cd7038f40d6e25334

SHA1
a523533a47787214889e4c826e86862bea582ced

SHA256
1a1a61555265c1659b25e4c9b92514fb1480af910ce6c9cb4bb8447ae94e6420

SHA512
56fff012afb3b3a10d499eb2c84be7456c0999c2ceaa1410d21cad2dbd1613d42324732750c450bfa0f354250bb12157480c72aeff61f0ec7a214816f1468d1d

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
a0f975c6fab91a72b82ebbbd86b78652

SHA1
c2cc90a80be60af33a429c1b3bb967e3e743dc31

SHA256
aa11b96173824eb33ac4e78f6c07fe0799a907dfe94a359b4f479c6314eb0f18

SHA512
dd2fc6325c9fc4c1972486a3050e8fdf35d1a93c45d838f518c7ea9da220a4a5f69e7bf05e4baf0e46484113e1ccb2558da318f0ee570ae199ff2a9d58df15db

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
12KB

MD5
d634c5388c0f2d560510d0926e25e245

SHA1
38878d3c91f30d48a0d46c29675e303428ff9987

SHA256
488c21659c4a8ecefbf748deff18f7812a6fd007e99e66cb9af94e1ba34d77a2

SHA512
c033d18c3175d2ad50e189b27dd617bd09f076e415980b55f7006045b3589f27b687121b956f67b3be1fa2675c0cc424a44262ef22112532690de66faee96d2a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f261310dfadaaa77901da36702630a53

SHA1
e3d409ce220b72d08a104583f4dbac9cac25b830

SHA256
46748552317af101f3c02f0731e47354fe51107cdfa28a16986dbd6e586eabb8

SHA512
44b7dddd752df36ab9615b5459803198fbdfc674cfdbbd1a297b36774082cf4d794b4423e756a1cb4518f2e97697af3a59f1f46b1b01c46d52fd27729e17d6ec

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ab9fbd4f797c71ccb0404f158410c1dc

SHA1
b91cbe892d9b566bcad063a61d74fc9c2ba1cdaa

SHA256
0151ad06197c115b952eb2dfa92b91255d83916fa6b33c631e7ab2b5368cf18a

SHA512
544845f5e5c2949fffbb4a36f0604612ee3c1fa9b614d6cbc2763eaf626bb5d32117e09742dd802589da2ae77a881edb19e39d91e3adf8594d42fc0dc904e360

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ec46abcfbc81333ea2fd9018d72b198a

SHA1
4653ed4175d5326b6fa413fa7a62a3d4c67f1111

SHA256
35f11e27327f2343e96cb131a0df2967e2632a3892c01ff9cabdee0e105b21b3

SHA512
419e0c0804ff518dcbf9810cd41d528326a3ef1f4d37781d941590e1944cc29ae680c70af52914969eca7fd5642030e707c6ce07aa0c58167922f52e79546876

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
d36998e1e19686dfcdcd67bec44486e2

SHA1
70ff1060dac9bc25db7ec4fa0bf9f8cd055f670a

SHA256
9a90293aac982152f6c1778df56703722fad8cd490bc8dd46e2d7be567a6bc74

SHA512
7f9a68db0cdcc02439a8ea0b968d1145a127a881ec219780a617147cd0b1b6a89775965d260ba13c95cfda92e61888f725ac3430138eccb07b86ea6b6f79c524

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
07124e79b22ef8d5a5c6851420a0e6c8

SHA1
df72f6bf36e231d88cc5721e7453a4ffeb67de48

SHA256
83829267075ba95d5332fc79fc554b01840069342bec9006017abf0cf8a9796d

SHA512
e2f086982758d1695b8a7054213f0c2e8bd35ed1d52062b64aca375e21e084579eafaef7f96fb896b229d7d5a45dcab2783593c3f8d16b1dcc337ecfaba57a0c

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
73f09314903a34a7fcfe89a0fc999a39

SHA1
61facfc2decf19828054c611415421fc7c18b8bd

SHA256
70ac5100308b6933f778dd5a5f98f6e17974939ca5dc2cd4ffc7928391de5894

SHA512
ecfa19d5728c4dd13793205a5851aabf832e6a4162c35e1489147482e38a31eaf79931d5bac0468096059db4688230062d97a0a480b7d5cb982ee431ce388ed7

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8128adf4710a1cffcb44f072d9ddf937

SHA1
5187dfa68b37e9b08985bfc7a214619bfce61998

SHA256
9a5c58288594622f17737e70edc68870f78988dfa4fe1074e3264cbe0553e59e

SHA512
b35805fbe8be0322e408d41c9e9c88b745b277b7fe6891ae4cbd5b74ff925567e47f41fb520011a87696bc78c3fe24b93c6400ec510cee7fe82414cea5e102f3

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7736fefaed3887c0e47379ca3db775dd

SHA1
0f99ad9da647e5e176f71d4fe8b276403d90c7b5

SHA256
6b7257d8991e68add412535926a48ad0c1f40684c8d3e0af0d8dcff947c9006b

SHA512
2d827a1b33140e4cb481e29fbc612a696f999d71ab12a9b0d109b4a9b703bd2e4139996a4ac39d2572837fe07509ae2c6839cfc576739bd40f44a19542d623af

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
a2db532223bf369af506073f7b8e6086

SHA1
b2d6150d6f4a0e5e8fe597a62758105d4224116f

SHA256
af436db933d05ca8896b0099d8d90272973b026b5bf7de2ffdebcc9f8dd875da

SHA512
80c8bcccef8639a1d033c31d0dae6be9f80278f58e60ae12203f6d2e8f8bda6261dfff2d20909a24fc1b502cfffd015bb0a0ea4c0ce41e07e0c8357070d5dfb1

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
8394e855008b362017ba5ed817f620ad

SHA1
3e832dd9ee331198afc8d98140cf39bbb0b85cb4

SHA256
4c25c8c0c7ab8f32fc436c0b3a9eb4ae78a29efb14921fa35da5cbffe8c22d33

SHA512
14befcabf366c3963ea941aaec0e7e3037d1656ba933a1975dd2c430d033d43ea4a72985db7deb694a474ede580f27c3e90a4c930a59d1b5b4f33607a71f459d

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
4dd460d06f2f6fdd226f6127f218caab

SHA1
78296a0e1adee254c9fad97f68a29a1cd9a0f268

SHA256
51df71eb2c14e3a8ce8fada0cedaa21d6fcf172e170f5380dc895745cbf15215

SHA512
b87e02ba077bc8331b43a81d3915c201b5802b293556d18655672b035a751a60937daada3d2cf8fa54c5c6539b6f13608b9bcf3d3f6a61b234fa1db9e25abf47

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
db006c545273a15b168a79f55a46bd97

SHA1
6e46b76cb5ec676053a57bcbf533994ad349d9c7

SHA256
09c799570ea8d62ea30db2d63b1528424900100f5e5eec9baf5f3385b3ab6136

SHA512
c590e89557d857765f0f3902b9ce3820b263493be7a4e1b3db47b25a8cf0adf27052f279b102b2491a3b79bf50ac06ed47fba6036d617183a0dc82a6307f963d

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/files/data/appnext/videos/video-760352-15_1719905120.mp4.tmp

Filesize
713KB

MD5
ac5796e66d4491184442672a523df37a

SHA1
8866a6ca089ee93c1df9aff950298fbb14ef6eae

SHA256
8cc8e5c7ad6a061ca38b4ae1fb39beb7842beb76bcff07810bac3f6835e84701

SHA512
6639ab3adc636fad98ed51c5bee909e99bfe9460882378d9d0fcb29a2b787da86c52abdeadb114868ef5ae6092fc9dd6ce5c659b0e9d91f74abc1d22cdf172f7

Download Submit
/data/data/freerobux.appkh/files/oat/x86_64/audience_network.vdex

Filesize
58KB

MD5
bf25ac24c18fd9aaea777714fcef9d5e

SHA1
bb7f96ac21b4472e8b247a7e28ad9c992beaa6f2

SHA256
f9351667f50014f90fef5e8cd9238e4b77db2e316aa160a56329c4661ed4af0f

SHA512
5fd9737a7949689891a7c2a34dcd630b73b79f9b68e11af824e853233a3a2d91fc74c94b5f423749f89c629bdf7940827404594b7dae1199f4a4d92cdb2cd996

Download Submit
/data/data/freerobux.appkh/files/vinebre_ac.txt

Filesize
19B

MD5
6ba414de84c9ff3865cc95bef5807df6

SHA1
2530d7553cab2aec24efa0e9a8b2bc2a8f49f7ec

SHA256
ef32bb09754d228756385169fd1a0a91e025d115e7b3dcc9e6c2136e66e95d0e

SHA512
0a6cce2213eabab29cf72acb3351993417aba92efa89dec2809b7bddc168d0df3c14fcc7bc1046ba8e7197b2f6b0c22d960b710df2d01ef7fb1978d7d5d96869

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
894de176e7ac3a02c55d4da01639e33f

SHA1
5c2344ce1f771302f25b5f89b1dac8095eff5f0a

SHA256
f680ad0b54702818eb6e830f73edee211cc580c3ba12f4399c8bb18740fe7f57

SHA512
9216baa7226736c802d595196fd2373ac7a3dbe259af829cf4c426274f07cd1f494deff7ee2bb9ea8f57a860418a2363103fbe6b5e57f4870e6b31a377ddc1d7

Download Submit