Analysis
-
max time kernel
146s -
max time network
155s -
platform
android-11_x64 -
resource
android-x64-arm64-20240910-en -
resource tags
-
submitted
14-01-2025 05:17
General
-
Target
Roblox Keyless Bloxfruits Script HoHo Hub V3.apk
-
Size
3.2MB
-
MD5
35b6944128c7cb11594bfc93e4ad0d7c
-
SHA1
1dd7c14f0d05c7560764a5bd2e9693cddc049a21
-
SHA256
1879320e3bc42bcec7ee18e7e36e8cd579b8711f313d561ab502bcf1d1a559ae
-
SHA512
5a53b65492cc7756c5a014c812cc620458462b7fcde15251068f964adebd98d61756fd340fc51a68392f8ef58d2debbb8b53fb34ccea3b68cf65cfd34dff42ba
-
SSDEEP
98304:fU5DjBYQQ/2Kp7d5QDJCqVuc6TjEj/K8h+5:iDjel/jp7d5+kqN6TY+L5
Malware Config
Signatures
-
Loads dropped Dex/Jar 1 TTPs 1 IoCs
Runs executable file dropped to the device during analysis.
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Acquires the wake lock 1 IoCs
-
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network 1 TTPs 1 IoCs
-
Queries the mobile country code (MCC) 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Checks memory information 2 TTPs 1 IoCs
Processes
-
com.herocraft.game.treasuresofthedeep1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
- Queries information about active data network
- Queries the mobile country code (MCC)
- Checks memory information
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.3MB
MD5767ef40815362c541a89c4c50650c022
SHA146079e6da37683dce34f1d965f68b56deeeccff0
SHA256045e58a267b61428e9b68a2b7f84eccb9335617ed119227acd35c9be5b2f48e1
SHA512d1406c8299796a0c0d10ab6fe36c85c543bf91333e6bd6a8675e79b740e7325d45c66222b74737de320eedfce4ff1ba0f79517076e2ccb176aeae5c244be406f
-
Filesize
227B
MD52a0c065ea1e8463ef2554724de7c84d9
SHA164b68ea774b1be72467f5286d67bb38a73157771
SHA25673443f75f5a8ba1ec70b46f9ac6b63e1d662ede4cec8650ca94d576b6f9b161a
SHA512d8fa62aad9139a09ff8429d62cfd3c6d9c0aeb49f7108db88e9eb426de5d275d9c6ead814701616e2132b2e87b3e66c21ee77807973adc534bb2be8fec915f21
-
Filesize
227B
MD52d638d435ecc008f3a5ad800a49dddfd
SHA190e4f53dccaebaf0acc6741ad8ca3fc5b1259939
SHA256298556652ff61717145931ff80ccd6d0e7b9cb167f913aee4bc055abf765456b
SHA51258e3d93a81d13eddafb4e385f25a265bd3787fe4611172b4a1da982c72c35ec17d9103f7c33663258d39219e13d5ed9d778222c5e8b15d7bac95ea5b44e18280
-
Filesize
473B
MD517b06f1659f7104fb52ad2d9dfe2715b
SHA1b33c386be24764e4ffc9b82f7c0cc8040c4b729e
SHA2567ac7ef13b97db5383045f9205bdecb43b616d7fa79fabb96a89daedeea6caa48
SHA512869eafb6b038519a2cabe0b3ca2225e4a783d4f6a48ef82331c88a126e417e6b265f08450a47987252fa2765bdac5ff3420a32e37c7819bd6ac48003ad2c823e
-
Filesize
6.4MB
MD538c2fd6b3426f301739dd658c91c462b
SHA198464a62414b23440ebecacdcf3097c8e9f1eff4
SHA25651e662b019aea637e0be77e0bfd8d06eab2ebc3b4d2b07a3b81595ee63f8eefe
SHA512ca7acf337f0069ce63a91da6aa36c4529b7968cc38cd6ffd9559ee37498075eab13331b68866f617a338279df6955ff32d8f7dea2941664da654fa855f4bfa1a