Overview

overview

10

Static

static

10

1777a2ba85...b0.apk

android-9-x86

10

5251a35642...3e.apk

android-9-x86

1

5251a35642...3e.apk

android-10-x64

1

5251a35642...3e.apk

android-11-x64

1

7c44519e51...57.apk

android-9-x86

10

FE_Invisib...pt.apk

android-9-x86

1

FE_Invisib...pt.apk

android-10-x64

7

FE_Invisib...pt.apk

android-11-x64

7

HellBoy.apk

android-9-x86

6

HellBoy.apk

android-10-x64

1

HellBoy.apk

android-11-x64

6

Roblox Key...V3.apk

android-9-x86

1

Roblox Key...V3.apk

android-10-x64

7

Roblox Key...V3.apk

android-11-x64

7

Stick War_ Legacy.apk

android-9-x86

1

Stick War_ Legacy.apk

android-10-x64

7

Stick War_ Legacy.apk

android-11-x64

7

Undead_Def...pt.apk

android-9-x86

7

Undead_Def...pt.apk

android-10-x64

7

Undead_Def...pt.apk

android-11-x64

7

antivirus.apk

android-9-x86

7

antivirus.apk

android-10-x64

7

antivirus.apk

android-11-x64

7

b3f23bdd3d...c0.apk

android-9-x86

10

e8947bc9fb...10.apk

android-9-x86

7

insta_followers.apk

android-9-x86

7

insta_followers.apk

android-10-x64

7

insta_followers.apk

android-11-x64

7

xxx.apk

android-9-x86

1

Resubmissions

04-08-2024 12:30

240804-ppf4psvfkq 10

Analysis

  • max time kernel
    177s
  • max time network
    139s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    04-08-2024 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Undead_Defense_Tycoon_Script.apk

  • Size

    3.2MB

  • MD5

    fc35546a7395a68b6440de033afa789d

  • SHA1

    4afc8724e58084164148b7ce518ede8b203dce3c

  • SHA256

    c1b81966fa17c4e7d5137f13b2f4d04704c97d66a54d57dcfc1f42ad1f4029e7

  • SHA512

    ae32d9e7d7403a6ab0429da69fe4f803001a077327a0f103ccc9bcb90b17973ef10be8dc2cbf1909549a04f1eff5e85c81c2dfc2d99ba7fa93369efa47beca6c

  • SSDEEP

    98304:BaqBN1el9eL+FB8Y2nzDNWbVAneM/EjF+894S:oqX1nk52n05AehERS

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.herocraft.game.birdsonwire.freemium
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Checks memory information
    PID:4677

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.herocraft.game.birdsonwire.freemium/files/KWW
    Filesize

    722B

    MD5

    42dab2cb4f548d89097d4d3294c54d6e

    SHA1

    3e56662ca616ac59a8f14d9b12f6b583df7d877f

    SHA256

    a9253dec929d2008fe679c8910ef964e32ed86e015d383616468ed603402682d

    SHA512

    3178dc91f08eaf7141d7e4f4c27118e07a3f6501ba385f7e6699c57b9bae662b16a79748ad57a3770ad1b34d03d2d85878ebad838442d85ad04a9cf41f4a78be

    Download Submit
  • /data/data/com.herocraft.game.birdsonwire.freemium/files/UMYa
    Filesize

    242B

    MD5

    e208f56229cb418f834d3956b2cfa463

    SHA1

    7824d0483a669c303f2e72cd61924e6ce69d07f9

    SHA256

    3d458e2bd784dfe88cbc02f7b2bca5c050835d4a6b3e9b8e49df9ed324670ad8

    SHA512

    b9bf659e6e24dd4a8e15b6b33345dcc5ec02d0c0e1e16f3ddab59f6b462b9edfb2e4d529bfd2b0d38fa3fef6e6154eb397f5d1bedf203b176b9ecc1b841d8f6f

    Download Submit
  • /data/data/com.herocraft.game.birdsonwire.freemium/files/UMYa
    Filesize

    242B

    MD5

    8093f63b24dacce98773b476cc149cd7

    SHA1

    246a1ad2c3a2da6d9f998ca74ea46324291c469a

    SHA256

    42af84fd38ff69db981539fd5684927540cd877ad5efd9ea9dd2777b38bccdf7

    SHA512

    1bb5f91849032785bdf358d6da4a50288342cde09f6bbad8166c0104df13b7a6f38f118bbbcb430c8609bc4e5de0beccc94cc789b7ecd631442d23e88fe5c33e

    Download Submit
  • /data/data/com.herocraft.game.birdsonwire.freemium/files/b04e7800.dex
    Filesize

    2.3MB

    MD5

    a2c0379f196c91a175f47b801895518a

    SHA1

    549b6e1c77021378b4189f736b7eb7437a9d9497

    SHA256

    35cdc216518a388e7842f6b67a2c65ea06ca5302286087df3a9db29603b9aa21

    SHA512

    e3ebb67eb0a9c9e13db1dd29474bf93af6e0e3b9607623c0a70672bfb4f2505abc1f2c23e1592175317bc4f384fb7966954f0d37e6f331f7eb724ff5e6be4205

    Download Submit
  • /data/user/0/com.herocraft.game.birdsonwire.freemium/files/b04e7800.dex
    Filesize

    6.4MB

    MD5

    670d8683a3c1765ced65f8b60bfacdba

    SHA1

    24bc8f1ec3e925316fa05918fed1962379debe15

    SHA256

    fc48615db02bf829b738c5efef9cfc368b27c0a40fe69d4fa165cf59b0d6cc9f

    SHA512

    c6e7c7104c31d2b567874fed9684c172b1dc722d084ab998b0159420554e27ce044ed8b0099194919c18d782ac9d075962c966c602eaaf021f36d9d262bbc9a8

    Download Submit