Resubmissions
04-08-2024 12:30
240804-ppf4psvfkq 10Analysis
-
max time kernel
177s -
max time network
140s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
-
submitted
04-08-2024 12:30
General
-
Target
Roblox Keyless Bloxfruits Script HoHo Hub V3.apk
-
Size
3.2MB
-
MD5
35b6944128c7cb11594bfc93e4ad0d7c
-
SHA1
1dd7c14f0d05c7560764a5bd2e9693cddc049a21
-
SHA256
1879320e3bc42bcec7ee18e7e36e8cd579b8711f313d561ab502bcf1d1a559ae
-
SHA512
5a53b65492cc7756c5a014c812cc620458462b7fcde15251068f964adebd98d61756fd340fc51a68392f8ef58d2debbb8b53fb34ccea3b68cf65cfd34dff42ba
-
SSDEEP
98304:fU5DjBYQQ/2Kp7d5QDJCqVuc6TjEj/K8h+5:iDjel/jp7d5+kqN6TY+L5
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.herocraft.game.treasuresofthedeep1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks memory information
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
/data/data/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dexFilesize
2.3MB
MD5767ef40815362c541a89c4c50650c022
SHA146079e6da37683dce34f1d965f68b56deeeccff0
SHA256045e58a267b61428e9b68a2b7f84eccb9335617ed119227acd35c9be5b2f48e1
SHA512d1406c8299796a0c0d10ab6fe36c85c543bf91333e6bd6a8675e79b740e7325d45c66222b74737de320eedfce4ff1ba0f79517076e2ccb176aeae5c244be406f
-
/data/data/com.herocraft.game.treasuresofthedeep/files/GZCoFilesize
227B
MD5b35f9def59bd8511ddfefe522dfb9b91
SHA1943da5442336ed5741f4bdb9e31f628c79de3278
SHA256afc9dd5e8a0b5c0d46defe450eec08a0c9b10ddd26f17e655d3f5c1597329163
SHA5129939ef6284c2ddfd82fdedf9d1918976fcddc9c9f13eb074a1637d691d0b4af92b309d691d44da6eeeeae9a5adfa106b58445e05dca63168a52bfd87f1f92c13
-
/data/data/com.herocraft.game.treasuresofthedeep/files/GZCoFilesize
227B
MD5e057ad471d5f883f589e815179e6b35f
SHA1702eb3e1fd5af1d0550a697d74a021ac5d3a9067
SHA256e25806d0cbab061f03d83e5577c4f1e2d934fc5486ff9da6332cfed4cc44e8e2
SHA51216298477a5180d1a903575ca93eb62c3f71df64c1e48d978062d6e98789df69a87958ee52cbff91337e91adee811b07fe7ce48572990bcac9ae90877e3e1350e
-
/data/data/com.herocraft.game.treasuresofthedeep/files/PersistedInstallation7524765214598914980tmpFilesize
569B
MD5d46f00d8e2220fd12f6ada76a2712e17
SHA11c4b4fa856e9726b4e9743b95b4062aed2678b89
SHA256e31e27030158b334ca05feba00f34daace289ab439ac4e9517d10c1a8ec018b0
SHA5124c69cb08d4d0d3bc12b401b1edbd28a773fea7aacaee6c568a8ac6d2cfb009e5632d542c40a3eaab4bead98cf15b7db818f87a8226deacc9c80023ee99fe1141
-
/data/data/com.herocraft.game.treasuresofthedeep/files/WmJFilesize
695B
MD50971afaacfaf0a7359780e36be2f75ab
SHA1dff7ceeddcb40314eb61bce1602fd71a4ded91a7
SHA256840edeb78261b86463c3085e922eec851ebe93155dda4973c98326bbed1f59c0
SHA5129f5cacdda779f1e8152baf881ab17ab548730c28b5a3707002862d4edadca2602d060085b0488209798bb4a1a7cb06fc01ebd5753e301799b21f6a301a3b3afb
-
/data/user/0/com.herocraft.game.treasuresofthedeep/files/7f8f78df.dexFilesize
6.4MB
MD538c2fd6b3426f301739dd658c91c462b
SHA198464a62414b23440ebecacdcf3097c8e9f1eff4
SHA25651e662b019aea637e0be77e0bfd8d06eab2ebc3b4d2b07a3b81595ee63f8eefe
SHA512ca7acf337f0069ce63a91da6aa36c4529b7968cc38cd6ffd9559ee37498075eab13331b68866f617a338279df6955ff32d8f7dea2941664da654fa855f4bfa1a