d96de2b0a59f1bd8a15a309fadd9b7c66d819900386c83870cde581bbeceb029

Analysis

max time kernel
298s
max time network
304s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
03-01-2025 07:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Roblox crack cheat 1.2.apk
Size

753KB
MD5

4a4603e3014d5101eb30623b131b2ec2
SHA1

471d97da289f1c9ea20a11352dee327fc586e661
SHA256

d96de2b0a59f1bd8a15a309fadd9b7c66d819900386c83870cde581bbeceb029
SHA512

e19fbe094f7fe96229141ca934ab230fdfeca38a551a2c5badd7e701bf70398206955c44752a32b1d628158a04e4325a78b57a780f2b30b2ec81f58dccab1eae
SSDEEP

12288:bW8Ca1a8LreGMHAAfb5WmpYshXZPbGwidNpgN1I:bia1a2eGiAAfb5WmD9idNpb

Score

7^/10

banker discovery evasion impact persistence privilege_escalation

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	cmf0.c3b5bm90zq.patch

Requests enabling of the accessibility settings. 1 IoCs

description	ioc	Process
Intent action	android.settings.ACCESSIBILITY_SETTINGS	cmf0.c3b5bm90zq.patch

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

T1626.001

Account Access Removal

T1640

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	cmf0.c3b5bm90zq.patch

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	cmf0.c3b5bm90zq.patch

cmf0.c3b5bm90zq.patch
1⤵
- Makes use of the framework's foreground persistence service
- Requests enabling of the accessibility settings.
- Tries to add a device administrator.
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4254

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Foreground Persistence

T1541

Privilege Escalation

Abuse Elevation Control Mechanism

T1626

Device Administrator Permissions

T1626.001

Defense Evasion

Foreground Persistence

T1541

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Account Access Removal

T1640

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/systeminformation.android.app/config03-01-2025.log

Filesize
61B

MD5
ea8c39c2659efc4c7656029ed81517e7

SHA1
db07f05982d89630a9b33cbfb015403dd2d7b040

SHA256
d4754494345729c996568ea7563057fdc6a41c439ecc77e9fc1c381d885b62ed

SHA512
c3df480b1de1c8c4b5c07c6fbc1cf91878a06e9c0e88f0220d80afaea0e8c871cedd0376329d0fee3afd631bb7a8122b5b0bc38cc3de1572f6beddd50a4f1d82

Download Submit
/storage/emulated/0/systeminformation.android.app/config03-01-2025.log

Filesize
63B

MD5
a429b99a348f750d40e5a09736b54436

SHA1
ff96e3d67f75a6b1695d41e4232ae37c113f07d5

SHA256
7cc3968a46297363518b9f9ff85a8ff2ee9904e6013e30267e68ca29a2d2bce9

SHA512
06dda1fdcf613b0431038cc21b4fba81e00e064572fadf8ae67e86084ed8a80ad9c144992bc0329fea893cc6c405dde0bd23277d1c2de6b587ad2f14dff757bc

Download Submit
/storage/emulated/0/systeminformation.android.app/config03-01-2025.log

Filesize
229B

MD5
ca5d80c83152e45da7c9696e1ab0be67

SHA1
6f551117a001e1210c9d328e61cc489bd3dc02ac

SHA256
e8bc4a3b9167d3fb36434ba9cc9ff3f4ded314e782f887e451c83d4440ebbc1e

SHA512
996df2b34dbfde0611bac7e0874bd2d666d6977b94eb9ff0a26450ac795cf620912268b8b1a20c7414d323d65e42fcbb8863f75db35f316edec595f36de5c7c8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads