Overview

overview

10

Static

static

10

1777a2ba85...b0.apk

android-9-x86

10

5251a35642...3e.apk

android-9-x86

1

5251a35642...3e.apk

android-10-x64

1

5251a35642...3e.apk

android-11-x64

1

7c44519e51...57.apk

android-9-x86

10

FE_Invisib...pt.apk

android-9-x86

1

FE_Invisib...pt.apk

android-10-x64

7

FE_Invisib...pt.apk

android-11-x64

7

HellBoy.apk

android-9-x86

6

HellBoy.apk

android-10-x64

1

HellBoy.apk

android-11-x64

6

Roblox Key...V3.apk

android-9-x86

1

Roblox Key...V3.apk

android-10-x64

7

Roblox Key...V3.apk

android-11-x64

7

Stick War_ Legacy.apk

android-9-x86

1

Stick War_ Legacy.apk

android-10-x64

7

Stick War_ Legacy.apk

android-11-x64

7

Undead_Def...pt.apk

android-9-x86

7

Undead_Def...pt.apk

android-10-x64

7

Undead_Def...pt.apk

android-11-x64

7

antivirus.apk

android-9-x86

7

antivirus.apk

android-10-x64

7

antivirus.apk

android-11-x64

7

b3f23bdd3d...c0.apk

android-9-x86

10

e8947bc9fb...10.apk

android-9-x86

7

insta_followers.apk

android-9-x86

7

insta_followers.apk

android-10-x64

7

insta_followers.apk

android-11-x64

7

xxx.apk

android-9-x86

1

Resubmissions

04-08-2024 12:30

240804-ppf4psvfkq 10

Analysis

  • max time kernel
    178s
  • max time network
    179s
  • platform
    android_x64
  • resource
    android-x64-20240624-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
  • submitted
    04-08-2024 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Roblox Keyless Bloxfruits Script HoHo Hub V3.apk

  • Size

    3.2MB

  • MD5

    35b6944128c7cb11594bfc93e4ad0d7c

  • SHA1

    1dd7c14f0d05c7560764a5bd2e9693cddc049a21

  • SHA256

    1879320e3bc42bcec7ee18e7e36e8cd579b8711f313d561ab502bcf1d1a559ae

  • SHA512

    5a53b65492cc7756c5a014c812cc620458462b7fcde15251068f964adebd98d61756fd340fc51a68392f8ef58d2debbb8b53fb34ccea3b68cf65cfd34dff42ba

  • SSDEEP

    98304:fU5DjBYQQ/2Kp7d5QDJCqVuc6TjEj/K8h+5:iDjel/jp7d5+kqN6TY+L5

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.herocraft.game.treasuresofthedeep
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks memory information
    PID:5122

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dex
    Filesize

    2.3MB

    MD5

    767ef40815362c541a89c4c50650c022

    SHA1

    46079e6da37683dce34f1d965f68b56deeeccff0

    SHA256

    045e58a267b61428e9b68a2b7f84eccb9335617ed119227acd35c9be5b2f48e1

    SHA512

    d1406c8299796a0c0d10ab6fe36c85c543bf91333e6bd6a8675e79b740e7325d45c66222b74737de320eedfce4ff1ba0f79517076e2ccb176aeae5c244be406f

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/GZCo
    Filesize

    227B

    MD5

    f9827e68987d196d45760538f21983a1

    SHA1

    450d5f21044d7495371f2c935c508bca87804a1e

    SHA256

    e55136f8b4555314c2d7e19a5914d33d8c5f80a8857b77c5bc8e4c61fa7ccfbd

    SHA512

    3040ba123f02eb2c9761298c8159ea92fd2ab6974418c6adb474ddbc4de88816182ed47d6202f8d08f14254ee38f191e79595ca972686ad64d557c02de08fb5f

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/GZCo
    Filesize

    227B

    MD5

    db05bf421c1d82412c83166f7213aa13

    SHA1

    dd9333218b42aa853f1533a317bdedcb9c9b62ce

    SHA256

    e9822709ff53d7ca719871506ce8493b2486f3044494c8c7118366f88d938134

    SHA512

    934537f5d99d47f76c9f13da1d56e304ff5552372caecc6dd4b7422eefd6a0167f13a4649d8dbeb389f55f39bbbd1bfde3bd18f8a0377b559d874861c3f83690

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/GZCo
    Filesize

    227B

    MD5

    4718065352dfa65008091593bdb3440d

    SHA1

    ddc80f3ea78f41f4d67de6f891eef5d42efe6e4b

    SHA256

    330a78479ad1082df1e8879cab45888698a506fe3cfa2051fc2f471a115a3f4c

    SHA512

    d002bf3cedbb713a0d8182316784ad732a77c4db08f08fecf278f951233cc743eeabd30ac6dc80297e91175e73d051158e3f5305fb7fffb84284b9eaf03ad1a0

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/PersistedInstallation3063882221661882106tmp
    Filesize

    569B

    MD5

    d8fb243fbe5681f3204915dcf32ad2a3

    SHA1

    ddfc082d67182d1dd0516e5f13eb96404971589c

    SHA256

    4ef18114851e0db67c7f9defa8956077f41fcf76c4820bbf24fe27d6a6bfb0db

    SHA512

    55c2c864955b1e665ffe57b4d5396118a2cc2c30fdecf4731d391633495c8cb4dd9a18fc08efb4d70340f549632ec8963ad2bbdeac3a7af2c69a95f07cba29ab

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/PersistedInstallation8856373932017377130tmp
    Filesize

    90B

    MD5

    8e2daa00c25ec0f6bba13474c9310a76

    SHA1

    2dd9aaa76e25285bff5af2bdf6590396bde7ff5a

    SHA256

    5c2245ec0e5654c69ae54f60b891f7f7e4767176c288031582d32cdd8a23578c

    SHA512

    34eb660f60f4e097e788233f3b5c9af006d28fbd7d037ac0db6acbb64bb1ac054ee193ddb951cda99deee1d8f002e69cbb7ffc97f2f363b92ffbd0c79c09e9bb

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/WmJ
    Filesize

    679B

    MD5

    efd16812a45512730616ae5be4c2467d

    SHA1

    1adac37b206e3e2dc45c8240f3782f0e35be7295

    SHA256

    41077a447aca5822fdbfcde54dfb7e3abffc8b0fb2639034244bf01a8143d57b

    SHA512

    0a5760d0ee83be1f5511de55294056093d1a43f2d36d839272e6482d73ede0252b4ea5411d863db19fffacd4f042acbe0a12edb88a484d2d11d614784899377e

    Download Submit

  • /data/data/com.herocraft.game.treasuresofthedeep/files/WmJ
    Filesize

    382B

    MD5

    8f2831ebf4a2a3ce664fb3a2f5392a6a

    SHA1

    173df2d1a41b17b0a0841a6710137f828ee6ee5d

    SHA256

    72177963a321a5d03c859366c69c3321b6747fcf9a555cc06dedeb5b084b7990

    SHA512

    83b74eff85c6c9e22d1dc030f8d1f962a9f7237876f3d41d16148dd629b87d2acdea3253c98f2b8e6c4695c76042f189fe78dd8be7556e72bfacdfa2267c5cc9

    Download Submit

  • /data/user/0/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dex
    Filesize

    6.4MB

    MD5

    38c2fd6b3426f301739dd658c91c462b

    SHA1

    98464a62414b23440ebecacdcf3097c8e9f1eff4

    SHA256

    51e662b019aea637e0be77e0bfd8d06eab2ebc3b4d2b07a3b81595ee63f8eefe

    SHA512

    ca7acf337f0069ce63a91da6aa36c4529b7968cc38cd6ffd9559ee37498075eab13331b68866f617a338279df6955ff32d8f7dea2941664da654fa855f4bfa1a

    Download Submit