5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1

Analysis

max time kernel
671s
max time network
902s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
19-01-2025 07:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

freerobux-9-8.apk
Size

9.2MB
MD5

cb15257128695991a490b70a32e2e9f0
SHA1

d5bd6500ae07fe8651956da78bdae50bcb1ac4bf
SHA256

5812872a1cfa2c88dd7477881ee7e4015b237f35ad7cb9b3d930d291d560e6a1
SHA512

405edd8363992e9c918a57fedf497172c64579fbab0894d8ce221a6208d5936f758188c31ac822fb34d598e7b03af69927d7a3c07123c6205f94f6da1e058981
SSDEEP

196608:mO4rYye2J4LHATYmx3ynDstkgGdrjjVUntcOEZdZ7OEf6SZ:m1YyT4LgjCDgUrjZyi

Score

7^/10

collection credential_access discovery evasion impact

Malware Config

Signatures

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/freerobux.appkh/files/audience_network.dex	4822	freerobux.appkh
/data/user/0/freerobux.appkh/files/audience_network.dex	4822	freerobux.appkh

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	freerobux.appkh

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	freerobux.appkh

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	freerobux.appkh

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	freerobux.appkh

freerobux.appkh
1⤵
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Acquires the wake lock
- Queries information about active data network
- Checks memory information
PID:4822

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Command and Control

Exfiltration

Impact

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
dd86ba8ca8332be839abe05662eeffdc

SHA1
f424ed2fbda9913bce3cebfecb4df0862f4cf370

SHA256
ed3420372ecf7ae52236d827997f5614aae367f27c3d8331a0a7eedd532e8ddf

SHA512
f8d93163e71a6091e90443a3e9d940f9086529133e46b1b7a9dfe89a5f0bbe2498e87fc68fc6d3da607529bfdb570e570183e6d4dc7ffec1cd7c95879538d692

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
b860c94773ca56e3d2f2f12200bc0060

SHA1
71722f87753f5ddee7350154b565bc98dfe4df8c

SHA256
0ff91d5f7417a8338f3be41d4caa3bd02ba9ced235088f672e103c8e4d3a4bd9

SHA512
9b723af1e5aee638ce0b3fe5b095b83c2903f2728dbc09faba0c19b5bcf353eefe32b3f8134f67cb37c8013904e4290c9e18c83927d4970a6922f5d58573c44c

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
78a6fa8a31adb661246034185aa64f2f

SHA1
c20600aaf0ba114d9f0f2c9be7b33ea5be5f1274

SHA256
76760a8bcb015df5e6dfc5642176aafd355d25190db8ca79b31d84bd2a3afb9b

SHA512
860d97a59cf8d781bd99a9531dc3ca005a50accc17b517de9d15692b9a0cd27ed79c930faca30a7f819c54d3e8502852e4e9dd9f9a6d34dfe950c6302c342ffc

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
05062bf6bce3c4075d93933af50ccabc

SHA1
a7dcf4b99d0593efab37c1a56f5ba373eac6739e

SHA256
36ed4227da163cef5e1faf405a0f00697f3c3381a73b072379470e82ca73905e

SHA512
a90e7ee894a1e43ecb5f302fd9f74528d01228c35f8278c49ba17ea9c07be749f641a9197f773ea45c0fec4d3b88aeccb1eac3e99196f6a9c905a623512191c9

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
f29acb55f769909f6733e8e18bf0f5ee

SHA1
01719692447d8e31b3c395173e1e9f8d09b87e9c

SHA256
25a8e9b69255126aa7e8cd57698578dc114559962c57d4a7da858455927674db

SHA512
443cb130e46da0b91122fe171ce69b4eb6963fc699f17586c35ea6b28801f70c0a1a5317b6e69ecd6d6c2b601e79dc0f65397eaa9ae224833924d1e4b90b9f76

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db

Filesize
16KB

MD5
6a4654171f3c7fd03280d3960d344498

SHA1
5224daceecc1b3a37ceb50b320b315e3d20bff56

SHA256
9dcefe13c1617c28161e759bf6bdb7f5a3c4aeeca95a676b849ef028b264f39b

SHA512
2123081ff885b0796116fd29f6c0f31978db62660bc4c361f40dddc7a74739107a6cfbe88ca927952534c1463dd53a72c3d3eac544b2f3e32ae5dcee251f490f

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
cb9518a7bc5b15ed0998e6d4567a3240

SHA1
37bf3423bcec5315d30e4e40c570a016a0cd2a26

SHA256
ee319792df27bec39efea44d7eafed1a895e5ff3b913d63a26b30c6a25b8a476

SHA512
b6f6cbfc61805fbafeb5da57d7ca1861cc3511c39b4ac8c09d7ad92ee1c76c41d530ade13871b8c5184858a84fbc51117f904dd64dc59bd4bb9508c8ba2a2930

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
81e849af387c1e73726517a75bb1d7a4

SHA1
eb6e7da5833b02cae07d4a5c1d3551a600f3eebe

SHA256
bdf799598bc8278e7a6fe401bfee3966447683f66a5fc11518b97941cc2b6c66

SHA512
766a235f0a3411c461c5f2a004719190f9316b16594ab37fd5196a2a0e9883dd9647bbbb84f139f0c2f1f6957b1167c0814b6af7377ecb08f23a24775d15ab7b

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
b69f90018f1993415c9a122586005f22

SHA1
5ef02fe0565af0cc700edeebbd1d9db8e000bba2

SHA256
3022fb2ce0cceb4734275d31a64afd9987904754239219dad919d1b087ce883b

SHA512
5443b25d376fbf2e0b1c52de6b572bb32a55f5f13bac358b7401fa23bd322cac2294af0aafce71d27d3775872f85936f6e6d02657fdd90b3c840fd56496e1851

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
859c6861c44a7ca1d4d365624fb44a0d

SHA1
59aa423d7a02dfc37599efa0c128e7425389865b

SHA256
57fc31485cc145af0a146bf020cf5eda7c5b97d82e021f43ffde6fcb3463a425

SHA512
b04730245d711e2c408f9c433c66a381e0c0187f65a2acebf9351c1a69404fde4cf66afc5ea3f49aa7867b61d9878c89e46c87fbfd0a7b3a78eb678faf8955ff

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
4738f4f69c70697d25a6dba2db85d2b7

SHA1
1287dfe65aea416fe9c55098b4d0ecb8f5e4513b

SHA256
7b0aa023566bc6c4d954e88bb3a969bda604cc7339d89e582990c5b16e3dd42b

SHA512
7339800dba26715fc716f99513d7b3b28e5f91d60011d84ddf3c350a62fcaf3fded995cd5970083519e856f8be19538f194f9dca818c141334b60b153316ac4a

Download Submit
/data/data/freerobux.appkh/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
13f424b61cfab742f3b55e49d9a51d24

SHA1
828f2371354215607b6b09045004d7512b2f7da2

SHA256
71025609cf0f188feaf9ec4a51bd858fb0f32b9b6ece3bdbb0679688bf2f455c

SHA512
b3ffd14899ded45b220379ec7af9ecd799c545b1bda12a531d4e19e96252541e66da779fd969b0293ca75a672d1be94861c98801f2f103eebdf1b4cdf07c6f20

Download Submit
/data/data/freerobux.appkh/files/audience_network.dex

Filesize
3.2MB

MD5
4905ee4caebdf455b9debee76ea89cae

SHA1
461d5626e22bd87e0f0afa3440d5ce61d2363571

SHA256
0bfad0c78e6e439d2c70d43568d1dc541bff8d4b4c5bfda9e81e03ae790dd864

SHA512
89bce0984264008e30a635852cbd3ba0c822b0917525a9029ff029a33409c161dad0f60ccf67406bea62e3d42ce0364250f3a9f502db8bbcaeba277787b2fc3f

Download Submit
/data/data/freerobux.appkh/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
b39033c343027a0d17150463daaff3ac

SHA1
8d286e1584ce16f7abcc8280ef6e2a67860f2ef0

SHA256
fba8a4a66b5e5426dc15e54574833167b388b1eb2f910275ceff873f362be796

SHA512
3581ffc14131976bd9e0e5be6fe7f1faaa14d40224d3f8a687667ffc239803716b9c32f0eb2aa6d4476607c1a6b4cdb420e3049cb3c7b28bfe766dffd420fd76

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads