5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
59s
max time network
67s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
24-11-2024 15:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freerobux-9-8.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

collection credential_access discovery evasion execution impact persistence

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 4 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/product/framework/com.google.android.maps.jar	4926	freerobux.appkh
/product/framework/com.google.android.maps.jar	4926	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	4926	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	4926	freerobux.appkh

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	freerobux.appkh

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	freerobux.appkh

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	freerobux.appkh

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	freerobux.appkh

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

freerobux.appkh
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Schedules tasks to execute at a specified time
- Checks CPU information
- Checks memory information
PID:4926

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
fc572bd518dea6509a2388e84be3f916

SHA1
22543d22fabdf0181217105501be6e9ba3c25364

SHA256
e304777904a7f741aeb9d939ebfecd5c183a96e37bf08fa174d3aadbc28fb3d8

SHA512
43e02e4f5b96d45e084a58cd8504ecdfdccc7494f1dfc8a094d8bfe2e824e15219a945cbc753f58a59d72ae374839ee9bb5b2e0d92805a024b29d3bbe07668e2

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
eaf94a652035c801064163e6de4c9d1e

SHA1
20f17ef7d370a555620204c3284bef3699845a3a

SHA256
509bf1cbd7cbaf58770074457a41f5a1576f96bb3d5f2307c90e8c9a5566bdf9

SHA512
42d2237fdf21a584bea707884f6c5fa3a2f313c1ba96909b2ec516347036cccad99c96fd11dca9b84867ec1022d3afde846facbdfd7fdb57dc781bb97350ce10

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
20KB

MD5
6ed468af341653200966a9b499ac9f75

SHA1
758ce78f46a2625eae9001f204a9396fc798baea

SHA256
bb78541643f0057fd3862f94f379d20913e5b5ab97814f4d0917b4ca994899db

SHA512
d8206dc895644d6c8e7279f57c0e9339ea0e1e4838ea8140c53c7663d2df2495652ef10f3410c9eadfd2f503f5ecbf33967adf284b7007a7db298c3a9176ac2d

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
4061fcc11828e4ddd830d7544eac8cd8

SHA1
5b445b763849b70e1e851f53e5f000528a5d7959

SHA256
d221add35bdb8c5e8aa5f6a1dd51d5bd00282067b4ad346cb53b79158d0530d9

SHA512
396a15efdfcd8596add5a762e84da10a2aa0e969d37db38e01f8b32ed5241e727ee006a0b015400eeda2a9c1ec9579501a90eab2d20cf047a6c37dedf3b674f4

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
bbe974b08a30d11ea70227996843bc0a

SHA1
dbcb39716b19f484234c135aa28c177a681b7fde

SHA256
664e8f7cc8873af6384d1ef66dff3dfb6b30368775d8a6571140ab763bae45b0

SHA512
37cce13a0ae7b3b9762e179a6ce72e47b3acdbbcbba2b34ce90244c7037d27c55b9edc390ea79b2deb422edc34fcd6651b05100fd11be71486d3e5638199142c

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472

Filesize
36KB

MD5
f9046ae8b77b0b7985475015c1e78e99

SHA1
c2375fb46e8dd6fb2528d84fd4c3b4b26b13cc68

SHA256
dc199b549c451ba7986b4a34e2e81e0ca06794b6972fb93d237140f6dd0d665e

SHA512
9614c082339aab0948698d7626e9d9cc5853a631da2b4229e8237fa4f2eed52ff02f84fdfe66c6e2c53cc4eab22e6c18e67671136fbb4cf6a2c13d8b4405815b

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
512B

MD5
a1fce1d9e222efbf7887d58a40268527

SHA1
0e25185352a0576b3a9f3856963f4b61698f89f3

SHA256
473a1dd12fc68ccd673497e4d36e31171d371b388924c683a7d0a7f8f2778c0d

SHA512
4bf650e28a91f447a185c0816951aea5d0c01af35cbb73b79e4a8f9e25f4a49e97d9db47ff015cbe4f5999e08c50d9b86884400d4adfffb52379dc9e6a74b7a9

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
2b19ceacd3c98f300bf4c61695ddede8

SHA1
f747f98c43490234fc6b2a86ec52d23e919c7154

SHA256
0d1b2000299292b1a0180b71eef1b8fccf9be127301499e1a41dc148953fc972

SHA512
a937666f828a76234e1ea7388e3a94a2918a5e2659f1f7a8c36e62316891740fd5aac8da52b62c0f52f452b034cf6115770d1a8f71ab3195980473329c341ee0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
1ca2448bb7c63a715ef4fedf2ba3252c

SHA1
a5dfdf8a13bc3f1f534a56cbb3c9a0a5d7087867

SHA256
536a04784ce2311cf2d5894da19d6d12c5712d3a56e3e91cce7645f7dc6f766e

SHA512
683d17cf2920ad3544ae9867266dd3829c8d46c1b8eabb41e22e6217d03049cfff473e20105e58d1686059f294c5b4db25ea76e4a453e95af0e2146cd63ed8a0

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
a0f16ce4deab3cdc0611e18707ba0f5a

SHA1
e9740508deb209559668e8c6e5445af47eb47457

SHA256
1e00089d3f613f1e80c7173cf9c1bd9691ca063d0552104e7535649570d684dc

SHA512
1408ab6b9a28d237015b36e3ff2d334d941359cca03231ad4cd518ab74af3aeb1ff135110b27860e56cbf290a4738adab574f4ad8cb4418d73eda95bd76a3f72

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
8KB

MD5
1354a23ea24164261f13084f42defa9a

SHA1
8c0975293e2a54e1745bdbc0ee3e855a5c17c6da

SHA256
ae2274029eacca607459792fa16245ae814b363babec4ed7d5a8eb53130e4ae0

SHA512
3e8bbcfab5dd54a2f17d9c0ba3a4ea4ee7d82f6db3771fea57b0048e24da34ef9a312ab4f4823fe8cc38381797145d0414791e777f1adffe05dab71b606c770a

Download Submit
/data/data/freerobux.appkh/databases/appnext_dbs472-journal

Filesize
12KB

MD5
21ed8474311244a2cd59fe08d32f99a5

SHA1
97038b9e3b700bf6e4cda4949e2ffc7b98804d7c

SHA256
d4c0c864402d40516a1e5c1be1eeb78ba6da18c1385b44b4d0a8c3a3f88384ec

SHA512
106d047004c5865a8fcb824ccc14ea03515aee0589d538d7aba37d8e06d191190428bee3c96d3ff9c2b55293da7616f6156a45772db418623da893e10323c9c9

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3b426844711115a89d562c02265be054

SHA1
c509a433cd79ef6618963d753ba7beda60e051c4

SHA256
aa5fa19d2e9629323c9ecddf657b93f2a3015e19c7f8f2f2a3e41546e8e8e74d

SHA512
ea777e6fee97d0713df7fa61bcb30de03e6e9c224bc4b3550a51e015bdcde30913de884a54fa70f7d9fea91dcf5166451175c298bb6cd5bba4b06fdecacb397f

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
133cfa9eaa2aa4c8ab2e8aa1066c6a99

SHA1
d5b43682ea15800f6a0674560ce29257e5e08cde

SHA256
2423df104ca794b50760dc7dea85ae5eadbc2344f4d0eff74b99c5ae17c6f9d1

SHA512
28182126b097428826d591e59b8c0aed01ebf84ef7b3050baccf89f08c9879e18a584da2940dc1ef68ad7836bcc8618ee8f554f0f4545ad660529d9e92fba1de

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7dbad48a3a74fc74a8138453b7b15a01

SHA1
b747183c35671446b25081d6361e17f89d0c36d3

SHA256
43f7e8679704f968f9c4f1ace266fc7acf39a34d9212cedcf43a2009d6b19348

SHA512
a62ac9f33b03ef4b41ffab1218354ba6b41e2470c8e3f2b0524bffb3452e9b13baf93c2063acc8761741577ad2284587ff70c38aedeab9e959d907812baa1cde

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
610b817c99322d381bbdb4089a38b9b5

SHA1
b547389f1f654f388577afa37e7683ff4a3ec016

SHA256
a288b3633b23debdf70978a50bcd2e60149f35c7ed786f7a416ba9f4ba3a30dd

SHA512
e1b1888f0e8b5218bb9625068e1b56fec23ee074422950094115a7412337223b8292b5ff4a435d49f7d19c433dc7d4533aac1f9354ec3c49486c2d933d83a825

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
af2a1ca5e8d3a0e0970d7d9f71776826

SHA1
ed2cfaca0178489c8d8e1957dc971bc06e731996

SHA256
49d16e30a5279a7054d81c0f933dc03f24df8849f42cb5465ad6fc66762245ad

SHA512
109bc45e258f4262a63c74d5516f859462f4a7496db1ef8b00c96c61688d6b654a6b4c44b1e19d59a8fe9f551270dfaf477f69777f002df24db1eb8d28448de0

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
ed59a46caf26afa61c2fa0999a954f1e

SHA1
61036978f136787ffd8a143ce66b00417f9df800

SHA256
ee42addfafe11d881da2c32603254be0079ab6d1a60e6968140fcc4d672a9066

SHA512
581744e882b5b49e17af0f9d5c33058d61a656da5187ccbe0e8527cece38e66123dfd0370f60d7670214703fbef88821b28f0b75d4ccdc95aaae29b4f341a5e7

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a7bcb660e72708cc57383c65b1c41ce0

SHA1
3f71709732e5522d84dbcaedfb74c4944fbd50a6

SHA256
38beced3c626f085cc680935877fd3c0a48eaae454a90c227db57e15c6b5fa51

SHA512
50a1786fb6f199f7a52e252796a3cbb79f57a52580a1b7f25bf826d3d298c6056b69f82b1384546c0363120c2dea474d698774502db91f845d2bf2cad84d5c1c

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
6f72314596679bf26a7f88d61a1de286

SHA1
57f49dd38b2a9e20a61bc3c5e5a5188e82e4e6e2

SHA256
e444cf5203e30d3ec10e1997fe743f1264291c903f55a4d26c952581b5bdbf75

SHA512
956fa21d77c557583db63c58dd878d305885706980d68e631d79f3dc61a394a4599bc5a40c3da8a859d440c85e3f3823e466d7c506e7df32affdb17b2ec18604

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
16c651d240435fab2d979e4b07c5ab12

SHA1
e14ff060fa28c027af27d07a2c7da1b3c0659968

SHA256
ffd4f6ce28e8305e61d066aa2a4eae4f1e6a941a2f2a8fec69de255d02915e48

SHA512
397bc9c65bd20e7f303900aa2c344bb42478bfe7c3e70cc4b61b681c42a444967edbfa5f4e00e8666558d6c3bad1fd66a8a9670506b7859b189df0f813cdd26d

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
3479656ddd7e4013ee49b7d923b11a65

SHA1
68b2d42e71c81259df6d84326393e5d65502416a

SHA256
3e1009b2c55253a6400f11a744d04d6e1555cfa371cb958eff3b455bb5108b8c

SHA512
2d8e77b4944cb8b279a9ba99259bfeffc75a25ff64d6ce514be1a21b4ffeab7ea5a935a75c4967831a0d829f2a7dcb1e25c0edde2773d228ea52ea9a983586e7

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
98593db6adafb3331225d3ce9a302bc3

SHA1
79a77dc7b5228cc07a1df2b8a51afbdbc76cb9b9

SHA256
0c990a63a74f5e7d04b50321f57de63971396ca049600e55fa2a770872618601

SHA512
bb07bcab707c4fe92687798f98abc920f05eac5d9864d46106ed62327fbddd503f4daa0d842f6806717536169f5ddeaa4c9a788bd0863825c1e6b0705eb88d54

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
a7bbf2139ce9b6310d33609a2ba9aa6a

SHA1
4733221c0ea73897ac3edf384189d4ec3b133a44

SHA256
3cd7dba35bead91561add814d656d63edf52826fd51d8909207a67629f24e9db

SHA512
33b5a6adb9bd4fdf04bfd4219e6e77f72bae2d5316e5bfe2689c2dee5e592789aea44d0a92690eacd3750fee81c9b06d3878766812dddef4d12916b6735cf92c

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/files/vinebre_ac.txt

Filesize
19B

MD5
6ba414de84c9ff3865cc95bef5807df6

SHA1
2530d7553cab2aec24efa0e9a8b2bc2a8f49f7ec

SHA256
ef32bb09754d228756385169fd1a0a91e025d115e7b3dcc9e6c2136e66e95d0e

SHA512
0a6cce2213eabab29cf72acb3351993417aba92efa89dec2809b7bddc168d0df3c14fcc7bc1046ba8e7197b2f6b0c22d960b710df2d01ef7fb1978d7d5d96869

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
e94c71d738ee0514cb9cedae729e2b5d

SHA1
71f54d7045b0b0edc78b9e4195dc7b2dbacd8876

SHA256
e3308736cbb1f56398744ab5949c60be8f83f903c6775de695a4fd82362dae4a

SHA512
50f811589e10b4d53d08f19156320ec5ed175066f3751036c9eb8319b9f40a16bad3e9148a403477e7949a9c81e4bb509e45c703c1c34ba4577d0be8f98cc01e

Download Submit
/product/framework/com.google.android.maps.jar

Filesize
315KB

MD5
4899aca36d1ed747a447dcac0d101a62

SHA1
32e43edc0bf3e036683ea8639472e6cd31ab9929

SHA256
67a651acd867e046fb4463b31ea584c1468f7243a9d1e2efd34059e8ee2f130f

SHA512
50b23dd279a9efba566c6a6523c7537723c0cd6dd3e4871f1cbdb8d5bc355caa3ddea99452b1c8e5356802f812b3768066a9848b93d715bb8bdfa455b704285f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads