5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
61s
max time network
68s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
24-11-2024 15:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freerobux-9-8.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

discovery evasion execution persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/freerobux.appkh/files/audience_network.dex	4236	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	4236	freerobux.appkh

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	freerobux.appkh

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	freerobux.appkh

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	freerobux.appkh

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

freerobux.appkh
1⤵
- Loads dropped Dex/Jar
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4236

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
69f9a3cbee94ce51bfd16edf2cbd31ea

SHA1
ad9caf25250503373464772d8d8ff077d98f020a

SHA256
c3757d0124d83163c230f91c1ecf5ec189c1c08f9ab6ac6eaf85594d8008ac92

SHA512
d58ebdcbcdb2f28fc9aa73c80022776bfbcf2521e8e936c88c2446d6507f54762c113e91df04076709efdb9570c8152c1c6bc4d0a32b2632ea8906dc1a21f8c3

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
8e1e01f57deffee51259b76827a0c152

SHA1
74a7ae2499a711dfb09acea732b9937563fda148

SHA256
22f474f88c6f523f2645300a271651d5253cf2b26b4cf087a0d7cbda50e32c7d

SHA512
9de87ad85de50ef6b709ecb9eb1351db8676ebf4c7d9c328e130b716d707d1c42c7269ffc02cafe2eb20af117ab59b9ea7abb8bef18f2aae083e822689df7420

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
0b60e7da912f8e7ed8498bb4a921ba31

SHA1
26d97d4668dbdf90fc51b61b70f260d2afc5d684

SHA256
06ee68bf765a8a99d309195f510e1b22859c8941e12dd72dc3107a6a19a8ccba

SHA512
14ecb56fe65ac5cb110cdc54745ff12df188c84cbd2901fdffea7586576846f82641cc6858f5c68f3ee2a1605c0c72062e0834e64e1d6b3eb5d2c413ccb417c4

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
92f2a7b56ff7d4ff34397bb5e560deb1

SHA1
47b1540d6150798f0ffaad3fef272729e58220a7

SHA256
e760e5fef77e2b3f8f71727ca9b3225509787624fe305e1c7cf80d4c33b0e284

SHA512
c981a5a838c53b7394efa9adcacbf716b1c0ab91b0d5ffc06af4910817cbde2fc6a81cefe64f8fbe23e3b2fa593945beafa67861f064a3b2ff4148d488b528c2

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
e5671d3af053aea048777fc7a47f9ef2

SHA1
b98d88b0766936626ef8a6a83ae728df10b3f02f

SHA256
d88b7002ce2131adcd01c4945953270ac7f20a370784bbfdeb7eb0232aa9a749

SHA512
aee0946af94875446d05001b54257c67a6c1bc1acbaf497180a12a34d16068d44b381db089606d9ba6520894402011889966f464db179ef585556066a27e38c0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
c0a9c4972282b9156a61ffb608696c3d

SHA1
31c364a30ed0de9479615d4d2fa1ec64fafbbd7f

SHA256
89e604da77225ee98a6776310a12bed0a58e45693955b7dbdb9dbb5e62fbea90

SHA512
06d39965240339f9b4ca590cbab9599516f65f51d207e5b7c8ae36ef468608821eef2ffd0267f2224d29c62b6a4d600b7471b68a136310ae1abd9889dbac37ce

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
512B

MD5
cda9cad9c7b771b4d2ba34c056255dbe

SHA1
4864f3995c4363f924a733564429a3f06b24087a

SHA256
52e5128d838f0a2f26e3ee2dc03007a611c0bcba6e92432b098d878ae1cc8a2d

SHA512
9ed0c74a6f1d9f7299330a75d081176a9a3ab3741737e0d57c1806625e9ec009034ba04445c4c4c3f75b41ffdb6b7867e2b6bd192f11a07dace494ee9a2f5bf0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
48KB

MD5
cff8b43210643195888e2ee484a8603c

SHA1
06be03f2a86a0522953f0908ac505452423cef7d

SHA256
e66536062933eb7ba4ca0366f778bcdf7552e569a5d353312390b267573d83cc

SHA512
6fffd2c6b5dc67f4957f5cf02555a01b496fa2706ca49a7f3ccc98a4d74f7709d03a0698094c2f5aac3ae39c14d124e2dde288634f84331b996c5bf750b29046

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
4KB

MD5
27715605c11d8a4597146c56b2e7d4dc

SHA1
34820e7f9772ed63e755bcd4cb1b99c09330c61e

SHA256
f35158680b6a504cf02c4c631d747a41c66a4f048b1592b472a9c30670bd78fb

SHA512
7a57554580cc3e295fe80c0c062b9a552988b52de2ea9de23fa582e0de7035de1cbc25e295bc6eb7fc1724d3cd1cd4176bf887b6752e8ea32864b96440281e98

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
4KB

MD5
b749d9c5075b51300f69c3e5f4d0ff1e

SHA1
f77dc9a57b1dad57fe5abbc957691791f30816c9

SHA256
6c709f5b072170a22c49dfe746a7fd82bddbb908da95812a122d51559e7fac32

SHA512
406c12ffa25a5d093d329b909446146b548fb4f2e0ee99f1c582fe431682e96d1b20a44aa58db2692afab2206dec84af5564f09e94f9c5ad13515ea019f0cd1d

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
1c602c5fecb2b2d52457401593dbed43

SHA1
4c0e8a8aca5fdce3e25e7691f0deb859f1c93732

SHA256
d7c40269d06995bdaf8f2c7fc7337373aa69021a5f9b0504240ea22d0c128188

SHA512
3a723683054ed1a059495203246e978df48aa4db77bf5de99f012d2fcadfe39d223e84316bec4b3fda44cbd2e5da81162ec6e8d7625f21bcffaab29a4571f7aa

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
ec83b7568ab542f6c12d447113127a12

SHA1
eb43c0c7f83925799103b5ed5bd9558968edd2c3

SHA256
2c7fa0198a659988f6a46e8bba93b11d83b07153ee88799145c2dc4fae4dfe4f

SHA512
03c520634c4f570a3352683c76db05bdefaf8d0f7b39cc5724f158a6bf245e5325a8efab670196d0c3df78a494b7b250c3eceab7036bfc4b5047f26ff571f87b

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-wal

Filesize
8KB

MD5
fce68a6c71d270960e4b163edf30dd69

SHA1
4f63978ca80d3c2dcebf4a49d9bf34526528a02e

SHA256
ae3d3224dac2ae82556399307570403294e26994cf8bc758621fcfd6ca3dac0f

SHA512
9c061899416127c2a8356367f9f44df4104f7e1f6e3006f65ddda61cb2ff237c089e749b3a33b79e3e16df2d7498f861224f695eb4bcbbac176169d078d1a269

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
1954adde6379241c1f9312f2863144fd

SHA1
2e758ca5624a53303495d46584a3589561dd0366

SHA256
57e925d0992924ae44981f027a446106de4a6d755fe87dea40f724d3b9869ea9

SHA512
0801655b3555300ca7fdf9f671e80a0b33342517a06f14dd4d952f86e91925d7034098f590fff5a9c75ff0440c5f490d02ae65962cbe7e9bae80ea58add42cd2

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
a75becfbe52c333f3e15e1c8301a0808

SHA1
eeff84a0d751f0a62b50789942dc4ce090e559bd

SHA256
4e894dcc08b92db832b8e4722857f1e47a271990131883021f4474d60b592fc1

SHA512
9cfed6d4ff52328c6b1f7e9a2b0691eeffe6ab1738bb91bcc39d1ffe23c58e3b857c8e2916dd948099ee8349511233e26660570104b4bc85cad8d11bfec50cf2

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
28d56a87c9676dc938900fcc38c2e10f

SHA1
d5bd488060241181586a5d0edd1fab7129571702

SHA256
e4c884809873ee0f2e39508ddd03148c5e335675893a2e4c3a58203da5698d0f

SHA512
9f7377b5244c4986ad5e220c846d7b7514cde141e572d8dbf867f732c999e7187d90a4b0d3cb094412ebc75def3bd02afecf13638cf1e03ff1f99f0699404999

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
9fe57fd65eacdc52c36dc18d1bbf759c

SHA1
ae094d2a61c94b4e6687b58f32a127283fa56863

SHA256
ccc51e0073c3aee54e0f3f3cd0916fe0251ab784433ddba92e5907b5324e49bf

SHA512
adb876e449c2ebaaa369ab0addffb5e53c01c0b5638bc8a376301819f28ddad893fbc0f107551b6c346bb0638186f010848fa49b088e330cfdfc8d4cec249eed

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
20b12ff0b13b375107aa4ab1e409e9e0

SHA1
7cf208f5343046b21e36deed23f77d3a6a9fd5eb

SHA256
d570a17eba7d58439fafca7321a5328704852f298d11992b72a541ebbd122c1c

SHA512
fa7c1ee9b969a63fa12d178505d23581b238008ce64e33fb945d7c17773f69d0e3144eb4046402eaed873e9b23197c6ea720ad83ff5c0367f85444693d811b05

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
48516ce8b6213de04dfbc4c0f153db2d

SHA1
5c67fcd859a20d132459a292b15352bf94671410

SHA256
9796e64435e1c77c6adec8aa4594d55b5c89b26f67b80ca57b8e2c86838d8415

SHA512
7ccf20d83dc52f3202c282c265a281d67e20d1c325c7031ce5127c4bbf149c501544b632bd85de24f537f4e004c2c77bd816c821ee518abd0f3becf6d285dd8a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
52947516c5278fbab1bf3b3cd003af37

SHA1
54a72fe9d733e2d834a896e1d05b4b75df6fe958

SHA256
240e86ae97d90d1a6622ecb4719ea336b49ea83de42b2e41686d53a86723a0a5

SHA512
064137ec9d9c883f19b7344998a62fc8d10dc448ce0cae5bcb0d27d8a3469bc1c52b28c789453c63d735b64e225b59a3798547de2ca9d53b5dcdbf581a81d2e2

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
041b45171a9d305b75b2c263293641cd

SHA1
bfc583f4aa38102e62d1d6149de69c2891fa094e

SHA256
35c500002eb1c68ec26927ef7c26165b09796b79ebf113ef7b1222e4e8408f5a

SHA512
0a8e31f11dc3fd1c257e4b6d20cae2b1084d69649412618ea044369b00d41e5d6bcda8ac3e878a742abd4614c1bb1d8f82a60fa07e34792aeb0bf59631e6040b

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
a897d7a56fed115a0dbc5e035f068f15

SHA1
6fb720124bc9e8996af21efb7896658807dc8559

SHA256
74781a90a248600e507564ec528c19b1349c084aaf40711f6d7eabd613b3cdf4

SHA512
796af34dfbf2a1e7c1d06b60035519dc5de609cd0226b608bf4f53fe3ba4c2a52514e8856839b736e398925121b55b377b40abc977b386d921e47294dca6ef75

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
62a7afc074fbf6381111214571d6b9bc

SHA1
b0ec295f1d42eb46fbe473dab41433b8edafae7e

SHA256
df1ee631dae66d9a1c121da8816395356d79b7d60f5d3e1475931666bbe152bb

SHA512
1c7b70ae348096e32cfd79f31dcd540c9d6604036e6e3829765ac63cf7139bd543fabae9c415145934f935278b71ef5b8d283e52050ab889e621fc224eef264c

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
c5c2f8a8c885f30b7f6eabfb69c9a9de

SHA1
6f703d566d3cb5c6f83031bb4d8854137fe64dba

SHA256
bf58e662a6c76746ed61a2bfcea9c59e15f0b2f5f5b7a8abde5f61da9649aeb3

SHA512
7069ae8f252308cc0e79cfe248bcd0ee251fadd9d1dc42380a843beac7cc29c634d6e3340fd50d35c0d2f6bc4104fd31eef185c3300a46f8e5eb98518729f11e

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
192fc96240d66f4cdcedc5a177fe1a91

SHA1
f1a4c1cb5c196c981d30112a6c49940d2f8e6a93

SHA256
7451d1df557d12d39025744a9df1c774cccab08f37ee905af7377dc1c155faed

SHA512
c554617f4ee48c628e1f3ab39fe31a44aedfc325b8019f1ddd0cb644b1b6ba2d4137eea1240f77da5cc7b1f412f4b23a59c72fbc12b40d738d31d1c367bf366a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
a0a505da507ac340a8440f37e7b0998f

SHA1
6c7dd16121fb4f94cbdb16ec918a832e51195765

SHA256
cb10bcb05bfddbffac03a4169496f10727945a1676d81e669d4d2bb4b071e23f

SHA512
35d0ae730a53eabd59bb5b1f5dbd1a6c55bca4db81ccb03e5b4a43c6866b66b7f174ea90a3924f42c2ceddf82252c46177ec2d4a7b940fbd6077d9998cd67a50

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/files/oat/audience_network.dex.cur.prof

Filesize
355B

MD5
0f3f93bebcb85e638b0683887fca5efe

SHA1
45e07467d95071039e34baeb8b54705265461e47

SHA256
aba24c3d2d01a2004bae8db596a8867bf5d75765d4f39220226a8a711efa77b6

SHA512
549ed6419fafcdd959f262c600a5017cce29510eff23cbdcc49dae665a5335b3564f26d54c1f6e2e420631d12b9e04a9459792f43cc1b6671f3ef627863128c1

Download Submit
/data/data/freerobux.appkh/files/vinebre_ac.txt

Filesize
19B

MD5
6ba414de84c9ff3865cc95bef5807df6

SHA1
2530d7553cab2aec24efa0e9a8b2bc2a8f49f7ec

SHA256
ef32bb09754d228756385169fd1a0a91e025d115e7b3dcc9e6c2136e66e95d0e

SHA512
0a6cce2213eabab29cf72acb3351993417aba92efa89dec2809b7bddc168d0df3c14fcc7bc1046ba8e7197b2f6b0c22d960b710df2d01ef7fb1978d7d5d96869

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
4b48370d48c4ccb5f73089998703630f

SHA1
e2ac29e103f72d784634fd0a2b6aeac2ef97e45c

SHA256
3f7b6fc7a29d06ceaef4ddd33af5e8f7605e1d3a71ea0f7a8b3b18c4b181c9c5

SHA512
40ad82a77154aae13f31aa8bc3816ba33bb9c15fe16c2322ffe008154e3e6e58fd831de7d784e8d97bf54cfd293dc3179f22dc0d295d7c8490182c219b67d9d2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads