Overview

overview

10

Static

static

10

1777a2ba85...b0.apk

android-9-x86

10

5251a35642...3e.apk

android-9-x86

1

5251a35642...3e.apk

android-10-x64

1

5251a35642...3e.apk

android-11-x64

1

7c44519e51...57.apk

android-9-x86

10

FE_Invisib...pt.apk

android-9-x86

1

FE_Invisib...pt.apk

android-10-x64

7

FE_Invisib...pt.apk

android-11-x64

7

HellBoy.apk

android-9-x86

6

HellBoy.apk

android-10-x64

1

HellBoy.apk

android-11-x64

6

Roblox Key...V3.apk

android-9-x86

1

Roblox Key...V3.apk

android-10-x64

7

Roblox Key...V3.apk

android-11-x64

7

Stick War_ Legacy.apk

android-9-x86

1

Stick War_ Legacy.apk

android-10-x64

7

Stick War_ Legacy.apk

android-11-x64

7

Undead_Def...pt.apk

android-9-x86

7

Undead_Def...pt.apk

android-10-x64

7

Undead_Def...pt.apk

android-11-x64

7

antivirus.apk

android-9-x86

7

antivirus.apk

android-10-x64

7

antivirus.apk

android-11-x64

7

b3f23bdd3d...c0.apk

android-9-x86

10

e8947bc9fb...10.apk

android-9-x86

7

insta_followers.apk

android-9-x86

7

insta_followers.apk

android-10-x64

7

insta_followers.apk

android-11-x64

7

xxx.apk

android-9-x86

1

Resubmissions

04-08-2024 12:30

240804-ppf4psvfkq 10

Analysis

  • max time kernel
    178s
  • max time network
    136s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240624-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
  • submitted
    04-08-2024 12:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FE_Invisible_Troll_Script.apk

  • Size

    3.2MB

  • MD5

    3ff43582aa468b8a8d0e063dcfea73bf

  • SHA1

    5d1d34fcec8f715ce045a5bda04741d40f29001b

  • SHA256

    a6f56581bb7ae7b242fcaab3d97d04ec2c5ac8aa5870e4e64ffbcf0d78899993

  • SHA512

    6af7639bc336015161f3087519e1a365ece0d1e0f5f7f20fe1af3243d1e6c3a0f65e38b50dc70f15cd13a232989b22884ca36bf0151630223d37bdba4f250149

  • SSDEEP

    49152:hrOpp2RqaP3KdsFeHcEKYC4KiJK5ncPjPuE/UpXSkdkIDk5sSEj6QiVterxzrK:hYgv6dsFt0FQnGD/UsrLEjS81PK

Score
7/10
collectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 1 IoCs

    Runs executable file dropped to the device during analysis.

    evasion
  • Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact
  • Acquires the wake lock 1 IoCs
  • Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries the mobile country code (MCC) 1 TTPs 1 IoCs
    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Checks memory information 2 TTPs 1 IoCs

Processes

  • com.herocraft.game.freemium.catchthecandy
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Queries information about active data network
    • Queries the mobile country code (MCC)
    • Checks memory information
    PID:4563

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.herocraft.game.freemium.catchthecandy/files/Iksc
    Filesize

    697B

    MD5

    2ca6bda9f648c0dbf35b37a62e7de8b4

    SHA1

    8604a21d698bafd351bbfa785343e992b27001cd

    SHA256

    7d2312c3ef64533beef6e8c06edb6afc584a7d11e7100c017967812f49316352

    SHA512

    0a56599157c17ce43bf9bed1f175efa4453b32b52e2e43c2fd551e5e437202e7898a74925a74e786b39c66f88b4a46e2d8864eb9009227d9bba9814857ad2d40

    Download Submit
  • /data/data/com.herocraft.game.freemium.catchthecandy/files/f2f8f843.dex
    Filesize

    2.3MB

    MD5

    d951efa7f0ca59781f3af35949338902

    SHA1

    ac853df2b6835dbac7c94eb008ab4657e68eda70

    SHA256

    5b0a0d3671f6ff3ea0001624a0c157d057965e60891c5335391880fe9b00e183

    SHA512

    8fbbc1c347ec03478b01ff321d159656abfcad1d9ac3b426382348567c57bbaf1cdb3cac77c38fbcf62e0e17063f170fc9f9bf200a982b940dcad47e30b05617

    Download Submit
  • /data/data/com.herocraft.game.freemium.catchthecandy/files/kNp
    Filesize

    229B

    MD5

    b92a32b3a9ff34ac3eaab946e85952e7

    SHA1

    d3165eb07cf22f1f17c98ec5320787592200d0a2

    SHA256

    0036042078874d8ac867716e6f3526a703c36c5f01c6ae4fbc051123f287c75f

    SHA512

    6fb1252cd6ab67da24c8eb586cac1d80d92684133aadee1c324e053dcda1bf4ac86b542f53a03fdc4bb02ff1802f1246b978f7d8e72edbff407c2f22a9de1c68

    Download Submit
  • /data/data/com.herocraft.game.freemium.catchthecandy/files/kNp
    Filesize

    229B

    MD5

    a397530ec241f1719a4619ddefb44aae

    SHA1

    0bb67ec48540a4485cde5a2b613b27e647846452

    SHA256

    5348424b7b1e8b4266af5bfd6b65d2da2a5cdc562e3857e120844eec375e75a4

    SHA512

    23b3d81f74afe23bad5a2826ad810b6942b28becd5c8f8e924ed4d24601d68d6f65f6df4c461448139ab955cd6345946e1a6c14625dc00e1526492c60cb0bc59

    Download Submit
  • /data/user/0/com.herocraft.game.freemium.catchthecandy/files/f2f8f843.dex
    Filesize

    6.4MB

    MD5

    767a8ce605249b314939882f824f989a

    SHA1

    7cb1e61d4fa739b92b25d13bcf33bbb00cff9baa

    SHA256

    26d8b34344e6e61c8a1380e9773109569accb467b36f954a1e5c729a4d701fa5

    SHA512

    baec83cf6d66fc0dbf13411043c8168acf38b0b66a9c20f9b1ec54d6f5ef21527d22b4c47dd54734dcd5bd85410dc3bb8fe786fb1702443beee9a42e869c4475

    Download Submit