3d4204b29800d233880001f02226fd108f28f0385080fd5b05c18344b42cce3c

Analysis

max time kernel
149s
max time network
136s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
18-09-2024 22:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Stumble-Guys-v0.77-mod.apk
Size

197.2MB
MD5

e2bc378293cc073d332613fd69d910b7
SHA1

fec2455c0e724b97ea620be27d4850158a68a3d8
SHA256

3d4204b29800d233880001f02226fd108f28f0385080fd5b05c18344b42cce3c
SHA512

17c630afbb7ae846fdbc12b83a8e1f8b31f08bf56587523430bf51e20383d19f6d06bbb58e4b5f62df67043e12967d0b3d78f35b1731370c87c6145edc280c38
SSDEEP

3145728:k3dg/EeK1ZSjSBbHIdG6AWAVYwfdd6dVUmucDD3jO7As8UgtuqdHSL6GA:Zc1ZSj4IA6NApfv6MuDTgddk

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 1 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.kitkagames.fallbuddies/[email protected]	4359	com.kitkagames.fallbuddies

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.kitkagames.fallbuddies

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.kitkagames.fallbuddies

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.kitkagames.fallbuddies

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.kitkagames.fallbuddies

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.kitkagames.fallbuddies

com.kitkagames.fallbuddies
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks CPU information
- Checks memory information
PID:4359

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.kitkagames.fallbuddies/[email protected]

Filesize
3.1MB

MD5
9b8164be4f0ffaedadc82125e5346c14

SHA1
c4bf7a6383958b493ed5c4dd6a19862d366fca4a

SHA256
8e632284c9b0180ef28e309b4b0f282ef608cfb9d9046df899d8bdac227ea9ce

SHA512
352b3e9ef70839d0850ff7ca4a1f19f3df546412ae5cac1243a80588e573fea6371edd4c408a2edf1b48d70a10a5cb579513d3cd38a4b5ccf4b7528dd28704a4

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
0b88777eae8849f30263a2ab51f3e4af

SHA1
3e97a20a86ee154bfa134a7f903ea9c3be792c66

SHA256
5b3273fe600e2a1be5ff92b17a75c7e9854e1ecc7d75b4c401c404320836dc16

SHA512
8e6670c0feb7dbde7ebb0341eafc76a89f9f555a45026fbefa459fdc511fa8d5f94fae238c577c0f22c2aceaee9a01527c4fa7fb28bc51aeed3f2c2aa8a51753

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
8c2a18afd23a0ca18cec5bd76e75b617

SHA1
71019f06f3200dc1962d98f616b73ffe2d5863a6

SHA256
54f9bd104787a7f5873b8d11105a2699d78377cfb64888a2f2b4e719eab6ec69

SHA512
ca9f22f4772d488e68d399a6c264c15ff4338b2fdf498600476247407256f19515c32c00ef72b5042fcf7fd12525661f1f43fcfe73a1eb7c2e786e528c037603

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
230517c9f029624f095a6d741347cbef

SHA1
487336695d917534186d397c63719566bbb6478b

SHA256
14f5144e37ce2f1883ca4799a2083473ebf575271faa5072aece6186fe9a728b

SHA512
8a367cbcb926d72c45faa1cb57c99a77dad8a053a64631265a86cd239c9f08f3f80829775989d999507b6346602c3c2165b22e52540ff649246f50728cfa3700

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
09f5e00d0efcb12c7ea6355209edeaca

SHA1
b618cfda43b263d7679f4f9d5d47575c0fecd191

SHA256
563a1ee7eb31e6788a99c2ad2e8cb70f4f9eace645ff4d4045164f4da3dd6ed1

SHA512
3d7a9ba0380d2634f899333bcd4aad94ca5b05f5bb1a558b4e6c141b4f4f927882ce61af2eade4f2a8785566184a51caa464a6ff68e2672d4038bf93d9a11ac1

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
62ad4a05cbdca7f47b3206b7dbda487f

SHA1
4f4044cef7b7b1e5c6184ed9025267fc92bf0cd3

SHA256
18b909096c7c61d51ab076ae8e562effb0d4ada28e2a4ecd0e6b88ef58f6b2a6

SHA512
0936531ed1b2b356a247123200739a43cfc765469ab47a424dcd6e3d1176092a212b0a28591d07f8c2d0cc9d2e0eeddfcea8dde314c2f9343783c61075b071a6

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
fa07c350577788364ea9fa3c1db8bcf0

SHA1
6c2712d8261ca232b8eb9b5a4a5aaa57db95688a

SHA256
43d53f4e747856143f3195ceae14300a1c0e6d38ae6e1de766c099a93f76b91a

SHA512
d7822cd7a8ad5cabdef2d191d2cd9f373dbd03fc69f9c659723757ebbc718af4b52443e2583ccfd5a2a0e6a4657ecc56bde8e69521d03b712022578811b1a3c9

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1a5c1aecbff358dc35728490331ba27a

SHA1
e687bb7b298d190084c46f8a78371b4e3a4a5d1b

SHA256
cfe1a94d4c8229bd7d9e4c9e079bc51a4c2d4f6b3e5bd8d083ed1aa2d8f68ef2

SHA512
da6ffc2d93dc347ce3001e4b069cd4e431aa0d589be9c02ababfc925c7659146a04931b7d517cb6e1d5bdf1d2ea1c79858a2354ba2e10a08ffd259fad5ecfe26

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7938967b654a6f0db2f071f3db1b3e0a

SHA1
449a9f29e91d1b5237cb2cdd70841b4c874990cf

SHA256
0fabd98bccb0b407a3b3211a8d68034eedd37e2a1d55148c24c6fb769a2c70d8

SHA512
39d01e4a8d6b038f9bec0db0f62a98f42f2a015b019a4096611903545acc8153839241c91dad7ccc473f0163e43f7382adb8fe71ef4d197474a407d55fe88fa8

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ac1951e5ced510e5e01a83fed339a965

SHA1
8436f31dabcbd4bc35d3bac3b0aa9ccd15ee6e8b

SHA256
a22e40b7ff6790c0c8bb848bd6fa6dfcc6a3879e3dc24e516da5913081d257ba

SHA512
c70519171aaaa37dbb9a5b07ab7c0ad486704941187e7e0ddad7f0c1dac7f7235065107df5b3ba3cc9f3761a36edb106d07eb37bfb8a83ccbdfce22bfe0a0889

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eba3fedbb4235a2be9d3074f09f61cc7

SHA1
c312952a261c4d39903597dc8a518a5d171fd355

SHA256
fa41cf536868d87b3e87d6dd1dc9216583fafc3db1563694e53ef97c125701bb

SHA512
1c7e07eebb1105f09b38dcb26be10f7a4140896a65719d1a0409b100fe0fd63c122f5baad590251dbfa19b66c4cda6e70759ee73024bbfabd0efd4d112634803

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
4bce3580c27a046c0953de974dd2efcf

SHA1
695cfccad14cb75fb301943cfae16fd5ea147d61

SHA256
9e461b5aaf4e7495dd109ff8542e6757b580f8a8157497713a4c7230b9811a88

SHA512
99287175de94fe37c42144b0844e7daa13fe9351607a586e351b02f7c2b3d2bc26ad126c80509b6a4ad4b432041bff52fc8247934101603a000122e3c7d9d195

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
26a6c24c4e28d9003a1b3f4d527d3c99

SHA1
26dedbbc7306ca80f54a75b5ef3ff45b3340eb07

SHA256
fefef513a4fe45749e9ca34f6789bdf99c12b68473cb8c099d15972cc3fed526

SHA512
bfae57579a4cab89b8ed69559c57e76dd2037022a6ba437f90147a64c96c60f0d1f5925d71e9c7ff85bf41559ea52f54c4e4771fb262749dd55097df0bf0e8c9

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
d71a6e81e9e97368dc43005be6617223

SHA1
f9d5cbd1534b0b1371bf7f369a72a596176dbe59

SHA256
c8cef713d495ebdb1aafd59683b9ec686c8b85a7a0d92ec539461d3fa2a85ae3

SHA512
5a2e61d1551084eab26bb6a5e8ea31cff9066d105a014d1b6308ef1da80dbd8ca7237526711e7dac480b64d427dd155ef86454ffc089ed379e052c26189150a6

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
25d3e9372d2933ca82bd2e4cc207aa89

SHA1
d61daa9d569d1a303a782d456c2722878add1290

SHA256
0eaae750af48e425214eee273cc98e028f258fd817a6b304ea1181d220b25154

SHA512
2784ea555612a4e798bad6a524c6b687b0cd6014f65ffcbc1c69c7975698e4a5c510a911d6f1c92f77a0e3956703bd67564e54d19c4a5548036f59f4f806ffa4

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
c7eae1e101f25c4c5ff818405a22c6f3

SHA1
82d2a78e82ef12578520713e86dbb96f4faba6fe

SHA256
132f3fb206ef240787abaec27b3937821d71061e788042ecd4ad28b1686b6189

SHA512
ed85dec5544ef152793adf5dbeac4810d759b7a2aa1e13075e822f082ebbfd1e9217d71a27cb0687550966cf6a09772b8fccf42ebdd9824f62567dc166271718

Download Submit
/data/user/0/com.kitkagames.fallbuddies/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
7361d481c54dd5fca3b1b2b77513ec10

SHA1
19e8192cd9fa8cbf96c1d51da149a1ae564cb211

SHA256
edaf8e0761523fa8970896596dad1e7545d3ecf582e47643f8371823f952ca59

SHA512
90dff31dcb3a43cf3ed35fc0aac72dbcd377ffb106e5e3b26c0ff2c970bb847ed3ceb6791c467a01f5f70424c063420a684e15392eb8bbb4b5ac095c89f601c1

Download Submit
/data/user/0/com.kitkagames.fallbuddies/files/PersistedInstallation6227229157284114337tmp

Filesize
90B

MD5
6b4e1e6596773f92f2b96f02b282850e

SHA1
81d434a1386e8bc8d2e6a5d6d81438bfb59fa528

SHA256
dc2cc03ee48934b9b12911abfcb14a0d97ae876e6fdc7b4e964c99a847f106c6

SHA512
49b6c2a08e6dbd93c3760a84056df7967342c03900943137847a7bddc87d44c801b2da958ba2551b14edf8ae6c1ce884ef9f21a17f4c8651552eed1110756421

Download Submit
/data/user/0/com.kitkagames.fallbuddies/files/PersistedInstallation7948303717952058961tmp

Filesize
569B

MD5
719802450b3ca7bc7921ebba66bd5727

SHA1
ed342753f6eec21a3c3b7704c9000582655f03dd

SHA256
97d60f8395ba47cabf2a9ab333f558aae6360b4549644ba5239424d4f111b1a4

SHA512
3d2d1bd4057757de98cebeaac8e8d9e2e399d77a3ae3032c93f3a93f379cbcbedb34fb3ca6e85852ad8423ad5fb1145e291a9f4fd18f1a3257c5b15b950eeba6

Download Submit
/data/user/0/com.kitkagames.fallbuddies/files/profileInstalled

Filesize
24B

MD5
f5271ee94bf581b86d81dcab20b52a35

SHA1
0f76dfd5fa6995f916e98f520fc1790e0aab1a8d

SHA256
458bd37e8b1f4f4caf0374fb6cde5337a5ac3c1f8a5e44cc6027a877cebfc5aa

SHA512
7b76b5322a77d4bb85b21a0d66ed5119b6d2973c73b2f421ab94f0723bcc87c9b8f5d67d82715185b2155016b9f547e016cfdf3499545cbce1c452e4116468db

Download Submit
/data/user/0/com.kitkagames.fallbuddies/no_backup/androidx.work.workdb

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/user/0/com.kitkagames.fallbuddies/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
c36d67acde40b3ff11ffb32143a45b40

SHA1
db3e7be71a927c202943af6a8bd6fc75347848b8

SHA256
e40e69824af999da7d66da8ffce44f0c35929fea811c6132f16e5a1c641ef297

SHA512
91df35de4c026dba3b41d503fc694133919020f2d87514c2aae5ebd179e80de8fd8d785140139a2ffbef2179b291fe014ccbbe0f2a2e52fde4759f96df0845cf

Download Submit
/data/user/0/com.kitkagames.fallbuddies/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/user/0/com.kitkagames.fallbuddies/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
400c21051f41bb00abf27ee7a6ceb2ab

SHA1
864df259195f20f96f495d54c85fd2035aae39b2

SHA256
201321759cf8e918c423ae48b07bbf8b5c9f1e921d21792f95ff601a2d0d3b9a

SHA512
d1ec34b4970b5fdcbda329663cbf9bbdad090f65fff4c11645d48535753fea42fa02af59b76527da70af8daa5f9a081585fec9ca2d3a1ebda11f92da7d1bfb22

Download Submit
/data/user/0/com.kitkagames.fallbuddies/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
9bb1dc4292030097fa17966688f447cc

SHA1
3baaefb8c655146b5ddcdf40ff0ddbed7ba11e26

SHA256
41e84254fcec9cbb8ff7412486c49bc03d873c6023714f1b12619a80066d3936

SHA512
eec31ccddbcb7e0d3e4dbb03286ea1985bbd227c689f9e747f9462d266e362118653c447af798116d1be6a3708dcba9f9c3d17de68b4b1f86a62ed1ca1e88060

Download Submit
/data/user/0/com.kitkagames.fallbuddies/oat/x86_64/[email protected]

Filesize
58KB

MD5
b448fb261d50cf12b1b66a122f7f1e8a

SHA1
8e3b4dbe798eebd5db29c797d474e40b6e85c38d

SHA256
bc4a104c0af852a3656cb15d7ba2f088c9a460c2bc592fee90c8e9c2c67940c9

SHA512
57fb1ff77598b1381cfc9fe75f46a4b126210fcef4d0425f3ec68a49f9b6b9fad6b629b6d1d5d14396ebcfa54b526477e91895e6355043f1532ef274c5d5082c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads