4211f2fd989ff097e74eeb405c437461faed036e1b07706da4755c0291cc32b7

Analysis

max time kernel
2s
max time network
133s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
05/08/2024, 19:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Codex 2.635.apk
Size

176.0MB
MD5

70a9c22780e1a663bc4b0d43dcd3023e
SHA1

ecab32f1fc3a0e737b5817bd41021bb5a224da3c
SHA256

4211f2fd989ff097e74eeb405c437461faed036e1b07706da4755c0291cc32b7
SHA512

7dc74e3241aeba84bbcdc3ed7d766ca105bbe2658b3f6c055e7bf5e2890de23e80dea7470f01a108d0609a8f13452ed59485579763508cffabf25989602d9a30
SSDEEP

3145728:HT+zlO67qzRrjTYKOqYGN6m5a9B1uPVk+qigqzPngbR96QFECECtv6nsNDdbQnm8:HT+97ejDO4cm5a9B1QqhqDchFvDtv6nL

Score

7^/10

evasion

Malware Config

Signatures

Checks Qemu related system properties. 1 TTPs 3 IoCs

Checks for Android system properties related to Qemu for Emulator detection.

evasion

System Checks

T1633.001

description	ioc	Process
Accessed system property	key: ro.kernel.android.qemud	com.roblox.client
Accessed system property	key: qemu.hw.mainkeys	com.roblox.client
Accessed system property	key: qemu.sf.fake_camera	com.roblox.client

com.roblox.client
1⤵
- Checks Qemu related system properties.
PID:4252

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...