Analysis
-
max time kernel
599s -
max time network
587s -
platform
android_x64 -
resource
android-x64-arm64-20240624-en -
resource tags
androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system -
submitted
08-01-2025 07:49
Behavioral task
behavioral1
Sample
Roblox crack cheat 1.3.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
Roblox crack cheat 1.3.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
Roblox crack cheat 1.3.apk
Resource
android-x64-arm64-20240624-en
General
-
Target
Roblox crack cheat 1.3.apk
-
Size
785KB
-
MD5
966f04bef5ffdafc41cba883dbb88ad9
-
SHA1
6b035453d4e981fbdbfa851cb7bb3e109f5f3638
-
SHA256
93d402cf38f8fa4085ed8f482b6bcad66293967a5a89aeff693a96cd517f38a1
-
SHA512
b4ad48543b417040dc43277341a4ea94710864f59c5540ec3da683e9b03fcb81d91dda76356f896fff5ac78e45365fcc4d3728f2e770fad60f9b2dbd53822eeb
-
SSDEEP
12288:xo3Ca1a8LdeahgRCfvPMQ05WmpYshXZPbGwidNpgdl+:xVa1a6e/Iv0Q05WmD9idNpF
Malware Config
Signatures
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground cmf0.c3b5bm90zq.patch -
Requests enabling of the accessibility settings. 1 IoCs
description ioc Process Intent action android.settings.ACCESSIBILITY_SETTINGS cmf0.c3b5bm90zq.patch -
Tries to add a device administrator. 2 TTPs 1 IoCs
description ioc Process Intent action android.app.action.ADD_DEVICE_ADMIN cmf0.c3b5bm90zq.patch
Processes
Network
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN A
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN A
-
Remote address:1.1.1.1:53Requestssl.google-analytics.comIN A
-
Remote address:1.1.1.1:53Requestssl.google-analytics.comIN A
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponse
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN A
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponse
-
Remote address:1.1.1.1:53Requestandroid.apis.google.comIN AResponseandroid.apis.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A172.217.29.174
-
Remote address:1.1.1.1:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A142.250.200.40
-
1.3kB 40 B 1 1
-
532 B 40 B 1 1
-
1.5kB 40 B 1 1
-
1.5kB 40 B 1 1
-
847 B 40 B 2 1
-
11.2kB 10.1kB 31 38
-
5.6kB 8.8kB 23 24
-
1.5kB 6.4kB 11 11
-
135 B 40 B 2 1
-
135 B 40 B 2 1
-
520 B 10
-
3.7kB 11
-
138 B 2
DNS Request
android.apis.google.com
DNS Request
android.apis.google.com
-
140 B 2
DNS Request
ssl.google-analytics.com
DNS Request
ssl.google-analytics.com
-
138 B 69 B 2 1
DNS Request
android.apis.google.com
DNS Request
android.apis.google.com
-
138 B 178 B 2 2
DNS Request
android.apis.google.com
DNS Request
android.apis.google.com
DNS Response
172.217.29.174
-
70 B 86 B 1 1
DNS Request
ssl.google-analytics.com
DNS Response
142.250.200.40
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
39B
MD59222be395da1d2cd3f6dc10388318ed6
SHA10aec61b68cb5c446522672622b971ee4088cc26e
SHA25660fd02b89917c741595ee02c1f9a51af5d1f1cd107c0251799e39c3c5afafbd9
SHA5126f06ad5089edb9de56761afbc0652ea847070ee686f88cad33ff0e57a435cf51cbdbd9d33af87d53b694b89dedbfcb40e8e3636a64e8305897cf228f9da4171e