Resubmissions
04-08-2024 12:30
240804-ppf4psvfkq 10Analysis
-
max time kernel
178s -
max time network
179s -
platform
android_x64 -
resource
android-x64-20240624-en -
resource tags
-
submitted
04-08-2024 12:30
General
-
Target
Roblox Keyless Bloxfruits Script HoHo Hub V3.apk
-
Size
3.2MB
-
MD5
35b6944128c7cb11594bfc93e4ad0d7c
-
SHA1
1dd7c14f0d05c7560764a5bd2e9693cddc049a21
-
SHA256
1879320e3bc42bcec7ee18e7e36e8cd579b8711f313d561ab502bcf1d1a559ae
-
SHA512
5a53b65492cc7756c5a014c812cc620458462b7fcde15251068f964adebd98d61756fd340fc51a68392f8ef58d2debbb8b53fb34ccea3b68cf65cfd34dff42ba
-
SSDEEP
98304:fU5DjBYQQ/2Kp7d5QDJCqVuc6TjEj/K8h+5:iDjel/jp7d5+kqN6TY+L5
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.herocraft.game.treasuresofthedeep1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dexFilesize
2.3MB
MD5767ef40815362c541a89c4c50650c022
SHA146079e6da37683dce34f1d965f68b56deeeccff0
SHA256045e58a267b61428e9b68a2b7f84eccb9335617ed119227acd35c9be5b2f48e1
SHA512d1406c8299796a0c0d10ab6fe36c85c543bf91333e6bd6a8675e79b740e7325d45c66222b74737de320eedfce4ff1ba0f79517076e2ccb176aeae5c244be406f
-
/data/data/com.herocraft.game.treasuresofthedeep/files/GZCoFilesize
227B
MD5f9827e68987d196d45760538f21983a1
SHA1450d5f21044d7495371f2c935c508bca87804a1e
SHA256e55136f8b4555314c2d7e19a5914d33d8c5f80a8857b77c5bc8e4c61fa7ccfbd
SHA5123040ba123f02eb2c9761298c8159ea92fd2ab6974418c6adb474ddbc4de88816182ed47d6202f8d08f14254ee38f191e79595ca972686ad64d557c02de08fb5f
-
/data/data/com.herocraft.game.treasuresofthedeep/files/GZCoFilesize
227B
MD5db05bf421c1d82412c83166f7213aa13
SHA1dd9333218b42aa853f1533a317bdedcb9c9b62ce
SHA256e9822709ff53d7ca719871506ce8493b2486f3044494c8c7118366f88d938134
SHA512934537f5d99d47f76c9f13da1d56e304ff5552372caecc6dd4b7422eefd6a0167f13a4649d8dbeb389f55f39bbbd1bfde3bd18f8a0377b559d874861c3f83690
-
/data/data/com.herocraft.game.treasuresofthedeep/files/GZCoFilesize
227B
MD54718065352dfa65008091593bdb3440d
SHA1ddc80f3ea78f41f4d67de6f891eef5d42efe6e4b
SHA256330a78479ad1082df1e8879cab45888698a506fe3cfa2051fc2f471a115a3f4c
SHA512d002bf3cedbb713a0d8182316784ad732a77c4db08f08fecf278f951233cc743eeabd30ac6dc80297e91175e73d051158e3f5305fb7fffb84284b9eaf03ad1a0
-
/data/data/com.herocraft.game.treasuresofthedeep/files/PersistedInstallation3063882221661882106tmpFilesize
569B
MD5d8fb243fbe5681f3204915dcf32ad2a3
SHA1ddfc082d67182d1dd0516e5f13eb96404971589c
SHA2564ef18114851e0db67c7f9defa8956077f41fcf76c4820bbf24fe27d6a6bfb0db
SHA51255c2c864955b1e665ffe57b4d5396118a2cc2c30fdecf4731d391633495c8cb4dd9a18fc08efb4d70340f549632ec8963ad2bbdeac3a7af2c69a95f07cba29ab
-
/data/data/com.herocraft.game.treasuresofthedeep/files/PersistedInstallation8856373932017377130tmpFilesize
90B
MD58e2daa00c25ec0f6bba13474c9310a76
SHA12dd9aaa76e25285bff5af2bdf6590396bde7ff5a
SHA2565c2245ec0e5654c69ae54f60b891f7f7e4767176c288031582d32cdd8a23578c
SHA51234eb660f60f4e097e788233f3b5c9af006d28fbd7d037ac0db6acbb64bb1ac054ee193ddb951cda99deee1d8f002e69cbb7ffc97f2f363b92ffbd0c79c09e9bb
-
/data/data/com.herocraft.game.treasuresofthedeep/files/WmJFilesize
679B
MD5efd16812a45512730616ae5be4c2467d
SHA11adac37b206e3e2dc45c8240f3782f0e35be7295
SHA25641077a447aca5822fdbfcde54dfb7e3abffc8b0fb2639034244bf01a8143d57b
SHA5120a5760d0ee83be1f5511de55294056093d1a43f2d36d839272e6482d73ede0252b4ea5411d863db19fffacd4f042acbe0a12edb88a484d2d11d614784899377e
-
/data/data/com.herocraft.game.treasuresofthedeep/files/WmJFilesize
382B
MD58f2831ebf4a2a3ce664fb3a2f5392a6a
SHA1173df2d1a41b17b0a0841a6710137f828ee6ee5d
SHA25672177963a321a5d03c859366c69c3321b6747fcf9a555cc06dedeb5b084b7990
SHA51283b74eff85c6c9e22d1dc030f8d1f962a9f7237876f3d41d16148dd629b87d2acdea3253c98f2b8e6c4695c76042f189fe78dd8be7556e72bfacdfa2267c5cc9
-
/data/user/0/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dexFilesize
6.4MB
MD538c2fd6b3426f301739dd658c91c462b
SHA198464a62414b23440ebecacdcf3097c8e9f1eff4
SHA25651e662b019aea637e0be77e0bfd8d06eab2ebc3b4d2b07a3b81595ee63f8eefe
SHA512ca7acf337f0069ce63a91da6aa36c4529b7968cc38cd6ffd9559ee37498075eab13331b68866f617a338279df6955ff32d8f7dea2941664da654fa855f4bfa1a