Analysis Overview
SHA256
1cd704ca2729a62bfab839ffdc5fd1c19de0bc15fb961da305c7ae1ccbe8e1c7
Threat Level: Known bad
The file 18562_Video_Oynatıcı.apk was found to be: Known bad.
Malicious Activity Summary
Hydra
Requests dangerous framework permissions
Loads dropped Dex/Jar
Requests enabling of the accessibility settings.
Reads name of network operator
Uses reflection
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2021-08-24 13:23
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2021-08-24 13:23
Reported
2021-08-24 13:26
Platform
android-x86-arm
Max time kernel
2018968s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
| N/A | /data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
Processes
com.kxgosnpq.wxwdgdb
com.kxgosnpq.wxwdgdb
/system/bin/dex2oat
Network
Files
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/tmp-base.apk.classes5400978114002329997.zip
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/oat/x86/base.apk.classes1.vdex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/oat/x86/base.apk.classes1.odex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/multidex.version.xml
| MD5 | 7d7ef37c6ea4c3e39ce668cd2ce98eea |
| SHA1 | 1f68e9057bfb480b33fb8d323797447d0714861a |
| SHA256 | a90b1aa923b4a0f087c58d07fcdf241448561ede1aa98d65c070336b1dc8ed65 |
| SHA512 | f84dc522ab4d4e3b5a551d8b6da413a41bb88fd278f9abdc7886fdb89bbe12018aab9bb25006943f9c04b25882ab07efab9c99884ab635cb5039878ae239ba4f |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | 6ee75d511e0dffdcc42d7e2bf15586f4 |
| SHA1 | f4fa1edb6de143325ec36f57c0da0b2a108b95f2 |
| SHA256 | b1763d92db255821e1f4cf6d7f4455ef902cb8d84bd7d375a9583c047c9587c3 |
| SHA512 | 5de446fdad8caa336d41fabdb14ac36661978584d52d592a66bbb03c7e52507f2a3f31886b0953a8d992cdb1540c1b3bbe1d3709c3d6f8b6c3d10917789fa975 |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | ab71582744338a77fb8012ef7292c494 |
| SHA1 | 951f60719cebb0d9231fae3a23ded825691a8a6f |
| SHA256 | c2859e1892acfd38eae074443e24a545f7ca60044947bbc32a92a5e74283d0bf |
| SHA512 | 8cb66eed48a92d97a7a6d3e26545d240708b033027cdc65197873ed912ce594fa629dd7dc1be943731bd26e618eeddb64acdbdcb1dcfa18f4b775487e9889201 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | dee79aef7fa3d3aa27613feb2d1e1ac1 |
| SHA1 | 57b21dfda31c470d6501aab36066b32b6f15e577 |
| SHA256 | 29bcc39b9dbaae303fe8f967a0f278041fd5638fadab0853e0bf4454b7b1dcb1 |
| SHA512 | 99d13038a8fe152ab484e64c8c8fae2525614e74ad7559abda799f569f508c31be1a2482f6a1207c7845028ebaefe9d4f72116aa079d376659c1ed3c67a05765 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | 2703c2433242eb7df82f8725f8aded17 |
| SHA1 | adb4d1155aba8bc80540bf8505c67b2413ab3169 |
| SHA256 | bd6689dfd67939fc6a7b08bc76ce0e831559b29bf774e9e85bf6a6a6e191a505 |
| SHA512 | 9714034f5ad7ea6d5db46221f21f76b48fd3af46e412ac78af04fd57fa419756a8212c8f6c41dcca0f524a535387d98c6b31c8dd364090f6b95c50471cfb9f89 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 3a4a4c6f4953c0d37cfbacd11247af52 |
| SHA1 | 9f71700275b8a3240576142174500c0e8a9dacc9 |
| SHA256 | 73e42375591f2e699205e516b521fe3f0f83a2b3d0419525bd8526c0bee1387f |
| SHA512 | 3dea71ad2c2d5dc2a3b21a8d8dae528c3add8743ab137781df857ab0c298091dde5667c633eac98577568e28775db87b86996edbdd563e49d58f16787483be08 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | e7a792e90f1d04f7f3c096b1e5c628d2 |
| SHA1 | 780dad2d5e5ef61cdaaed51ad9e9851bcad11eb2 |
| SHA256 | 94a3e11718429290d7abb17ca5056bf4712cee935f9b6b0c641c29e197ffa617 |
| SHA512 | 96fc72f076d9c01899e58b01e587d2e4e0c72833479d0cd0e7289eeff5abea57501f17eebd4d39c6ff2edc48aeaf4ea6c9a8a3b474fe737c675b110ec6196505 |
Analysis: behavioral2
Detonation Overview
Submitted
2021-08-24 13:23
Reported
2021-08-24 13:27
Platform
android-x64-arm64
Max time kernel
2018938s
Max time network
187s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Reads name of network operator
| Description | Indicator | Process | Target |
| Framework API call | android.telephony.TelephonyManager.getNetworkOperatorName | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
| Acesses field javax.security.auth.x500.X500Principal.thisX500Name | N/A | N/A | N/A |
| Acesses field javax.security.auth.x500.X500Principal.thisX500Name | N/A | N/A | N/A |
Processes
com.kxgosnpq.wxwdgdb
Network
| Country | Destination | Domain | Proto |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 172.217.169.6:80 | ad.doubleclick.net | tcp |
| N/A | 172.217.19.196:443 | udp | |
| N/A | 172.217.16.234:443 | udp | |
| N/A | 172.217.16.234:443 | udp | |
| N/A | 216.58.212.238:443 | udp | |
| N/A | 216.58.212.232:443 | tcp | |
| N/A | 185.199.108.133:443 | tcp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 216.239.35.0:123 | time.android.com | udp |
| N/A | 142.250.200.3:443 | udp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 208.95.112.1:80 | ip-api.com | tcp |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 185.199.108.133:443 | tcp | |
| N/A | 208.95.112.1:80 | ip-api.com | tcp |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 178.132.78.156:80 | maddisonmill35.xyz | tcp |
| N/A | 142.250.27.188:5228 | tcp |
Files
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/tmp-base.apk.classes4288132437212477427.zip
| MD5 | 84bf67de7bba3792b9bacdc3961d81b1 |
| SHA1 | dfaf181dff8cb6033166428f7c2268861dc33129 |
| SHA256 | 7acfdb954c77b57ef981d6b8db5eff723b30e5cf1d803587828c33b069666ba7 |
| SHA512 | 876bd67a1bb41f0cf7c62922fa6047b2e4822cc86ea8b56fb2263a35cdcd2aacef9dddc7bb8251eaa9e7fd55c88d2d5fbaf4e321d952abd709051cb29684ff84 |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | cd40f31b4229bbf687198e85a687066c |
| SHA1 | 653bfccef387e56a9903a09c945bd44cdad315da |
| SHA256 | b7ba60ca4f4494f8415b7ed71d07e486cf1541168e78f8602fc47fd905122807 |
| SHA512 | ac46be620dbd8960693cb3845ee91bb4ff5b23fc13bd81fbf4cfd0ab1587b64c3b360a2566e722063c8b800fd29f85897aa941cfa6deddc931c67a70fb637825 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/multidex.version.xml
| MD5 | b2c123c8f850c2ab4348d9dc09680c17 |
| SHA1 | 9003b8f2cdb3da65e6bfda5cec1642630fa3d0dc |
| SHA256 | 9d46d66e832f810cb7fe16513b3ca3c5a0038e392793285dc1bd9a2bd1e18581 |
| SHA512 | 7f462389f3dd8009185e2159e03132760984ca20974c881cc51720016b17f63b3b63e5b87d0b3b4214e0bb94312cdeec5992d1190fcb5772428039fe213a6d0a |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 2472407259a7e3cac0427580e8f6ccab |
| SHA1 | 12fca09c5c807959436a4b1e174b862805b22cfc |
| SHA256 | ac39f652690f6f0a4e8a650130ba2c2f8d8c3b6f6b40ea731802280cc9646029 |
| SHA512 | 63c8742fb91406c6977f5291c00e116873cd4a40b653a9eee67db5af93c72a2d8df6fe1dee1a977b772d7888c4c33785b488a4fcf02411e6dd38669e3e31fb51 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | 1c6b6a6a91f2ccf7ac553f9a439ad69e |
| SHA1 | 270b45bc1c3255f95fecf8bfa85f7dbfc8fb5748 |
| SHA256 | a7958ee3107cac53056bac67328f317cf9e3aaf4533e1072f0c4f0334ebbffa6 |
| SHA512 | 8a61fcab1bc82977f72af693d4a749ad41df81a9a9c6eaafee0f4ffd36a34f069a259c6b20046a8bce58a6eab526df122cb82e8d093be73cf5ff9d41e489bf8e |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 3efbc68fe358c93b3e8614f207f535c0 |
| SHA1 | 21459776daa2ce96cd825a2099599cee3e7da929 |
| SHA256 | 42de81d9bb210fcc42c216d1ab30bba3423351ddf5614fac203919a0285f5af7 |
| SHA512 | 018e7f7e2dd172624bf2b72062b82665481b8bd36f74c4d93151df16d0e8252f86d52df2dcacc3e917d07ecdcbba1a584198f66e7577f6f3733ec569ea6445a8 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 9965093e515ef6aa13076020e012be9a |
| SHA1 | 98893e94138b6abddca8b4b8c6ee99a35173e4b4 |
| SHA256 | d5b7fd0e9daaddd48b64a6339dab4f70ac23ef2126fd362a7b14db815bea75b1 |
| SHA512 | f8c4cd40352dbc6169e9b337fcc2513c7d6757b778271f96f2c03664d46c7a3784125d4a4d3a2413d8ac300bd59b2252c323649f293831f2406051e6de7955ec |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 6c64ba08d6cf9fbb89df77e5bcedac9d |
| SHA1 | b01a3c94cde491e2aa4b79d833bb3166610e6ba2 |
| SHA256 | 862bc458a4a80b12717b3c7f0b7c625a7f817d60a613048d4e3adfdfd1444493 |
| SHA512 | 1c550c89f874389868a26723f705b0623a3d525bef2f9079287a057eb7eb707b5b6e900171868ddb3ce5f40bfd65d5a519797966ae63048780f3d8f5256f7e31 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 2d031c6b0497a261a9a95dab3b542ad1 |
| SHA1 | 2389271360f5f6d0941309514896331cf2610641 |
| SHA256 | dc0c6ec63d9077b409cf1fc2467c3a8605a78a57137ed95a93e3680cb351697d |
| SHA512 | a6ab51ed44aae5b8d28e0a87b5e3ceb049c06b4b5cdc0095bd8542978583f626eee4eb403a4f1245cf9d2eb034bb622c2136cf3950a2e41c5a66638a809416df |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 052bf1dac56c46651b91702bbff17f1f |
| SHA1 | 8396df9aeed34697e637f8e351e2761c4aff04b4 |
| SHA256 | 802fcd0aefb975e8c4171cfdf44e9c3c2e94b8bf01e411f202d6b96c65ac708d |
| SHA512 | 6f9705674449eee982b08f57c582a79046e65032327759cfb60de544dea3bc08ed190508567c42b43baf81646ff943d465e0719d38b8f09b8b53dee3fc3b373f |
/data/user/0/com.kxgosnpq.wxwdgdb/app_apk/payload.apk
| MD5 | 3baeaa766ea7f31a9147208efd957c75 |
| SHA1 | c701de3d0e55425394ccbf8e0967639e86f3c54e |
| SHA256 | 75e162dc291e15d13b0f3202a66e0c88ff2db09ec02922ee64818dbddcb78d6d |
| SHA512 | 9f3ccb1fc9a177524ba2d39f809be4851af385073463893bd4a8664308253fc0da2b9ab330c85675dbe9ce0c44b631a0d1ec7800491687c7b2540504b351295f |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | c3b410d9527ac6cdafe5bf2460296ae9 |
| SHA1 | bd6eea5345d35b8a579863e68c6566d3bbfdce36 |
| SHA256 | 959a3937be4b9a94d3baa812c311e973214b4e689f8e94ee4d5de884a66b28ba |
| SHA512 | 4400c692b56c54343334e36b07aa2f0e93200e0f0faedd856feb635a27ddf7050882f4fcc4294b9c33a9338d36c94825eda976073b187a2ee5930ab6b0384d8b |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | 9f1f4f437c95dd1ca14cba13e35168b6 |
| SHA1 | 3fdd88f318495b6c6778541ade7587541335e165 |
| SHA256 | 3cd1f95d27f900d1af2576404cf32c94e50dd324d30a06b6ab1883124dd8e770 |
| SHA512 | b60b647bf88f406065e2a7a199ad84089f63a07b1e87f9b974b03fc19cd67ac4d74a25bfd0349897d4ab26e0d32d21cf6a5117c465e3b620d2821a4bd7d07f2f |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 28a2d61745fb6b1f78e8f95081a2227b |
| SHA1 | 28cfa73c76d8479db6a3f473d38707ddc4dee64e |
| SHA256 | 0eb7114f916970eb035548a5c843ac68ee553527be0576fa4ead422581522c42 |
| SHA512 | 4b02cb7866c95bf3a7baa0ebd8fa386313d70dd46942320282272301014eb72b5ad10870afaf50d670aae1111917a992ffdfcc691e1bb80030534798f034e1a1 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 8ec43b4c7b9ba9da512a180ab1e2218a |
| SHA1 | 2ca5185b03587122ce42d742ee8fd1d5bd3adfe4 |
| SHA256 | d3f8bb3d1c0f82b8a435083393ae6fdb7ca85cba9b4b86c462f1232f4b3f4019 |
| SHA512 | e5a69ff2385035d17dc6e1600af9ae80942351df420168f25b2cc2f59f549d2ce3d7647e8be646015a6492dddf42436a3346fd39d33daf62068538e59855f82c |
Analysis: behavioral3
Detonation Overview
Submitted
2021-08-24 13:23
Reported
2021-08-24 13:26
Platform
android-x64
Max time kernel
2018962s
Max time network
37s
Command Line
Signatures
Hydra
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
| Acesses field javax.security.auth.x500.X500Principal.thisX500Name | N/A | N/A | N/A |
| Acesses field javax.security.auth.x500.X500Principal.thisX500Name | N/A | N/A | N/A |
Processes
com.kxgosnpq.wxwdgdb
Network
| Country | Destination | Domain | Proto |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 1.1.1.1:853 | tcp | |
| N/A | 185.199.109.133:443 | tcp | |
| N/A | 216.239.35.12:123 | time.android.com | udp |
| N/A | 216.239.35.12:123 | time.android.com | udp |
Files
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/MultiDex.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/tmp-base.apk.classes7558529795777161880.zip
| MD5 | 84bf67de7bba3792b9bacdc3961d81b1 |
| SHA1 | dfaf181dff8cb6033166428f7c2268861dc33129 |
| SHA256 | 7acfdb954c77b57ef981d6b8db5eff723b30e5cf1d803587828c33b069666ba7 |
| SHA512 | 876bd67a1bb41f0cf7c62922fa6047b2e4822cc86ea8b56fb2263a35cdcd2aacef9dddc7bb8251eaa9e7fd55c88d2d5fbaf4e321d952abd709051cb29684ff84 |
/data/user/0/com.kxgosnpq.wxwdgdb/code_cache/secondary-dexes/base.apk.classes1.zip
| MD5 | d4b46cf34bad03fb9262caad79399076 |
| SHA1 | 5216273bdcaabd18b9b7a98c3a1ee4c2404b5e6f |
| SHA256 | 946570ac0ee066bd67c7a410b21a8d0e53f3b2d183385026e1b2678b45000fbe |
| SHA512 | de4616fb72619544c190f0c2bb1aaeb99f7deb67e6e2913dca0ce047415af6c3f70257485a8a73db7a2bf43c092286366aaddf6ad017108fada3c7953c2b4426 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/multidex.version.xml
| MD5 | a9dbea406cbbca0eee99ac13f0423008 |
| SHA1 | cc14846a6df91907929f4ddc52bad630da80935b |
| SHA256 | 6b96b228e366fd9f2db427c29ebd5a4a3d5ae2d596181f5e302487f54f3ccf4c |
| SHA512 | 0a6533011bd482a0bc1ba70ad88f92638a665c95519cdb6efa9ae2648311253f5e40f09252d97f9c7028645b48abae339604d780473779f9e4f3f3980be5f430 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 3710f34a6d117b62956acbae222b8f41 |
| SHA1 | a64b8936ec49093678c14ed80dd3a3e8ec2649c0 |
| SHA256 | fbe4b9faddf1ed2d1e395c5bfbad261ca87926b65fe7c4f9020de4f3dba3908b |
| SHA512 | 2d183f9e22e747924cfb6308ad51de8954c31a2a57590e47fbac7425a857a7105d6f73432dbd08cb1e1233400aca1df25b053dae2cd06752d209ed13d6fb0928 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/prefs30.xml
| MD5 | 12d6ab1d27552f5788e1667ec0eb1360 |
| SHA1 | f0c1a775a55b7bb45fe65579b526cf4360c0c4d6 |
| SHA256 | 52e178aa40fd1c71b3a4e8fdfb73fba744ac754430d94697f4d2aaa6823c0d18 |
| SHA512 | 87eb0dba3f5fbb8801a5b8a07849c8634698d64333f77d548f4596221d2f3d7cba7288ebb0fe0b7f9357add2636b07c6e9cd24aa887dd6cce6d22a1b7e2d3d32 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 887fbfc9d04a0b597b3fa069eddcc246 |
| SHA1 | 5bb99b1f20e5ca50fdf3103d5881dac20df494b8 |
| SHA256 | 1d581d290a293c9e421ed27f1a52236b4dbf344eaa6be10f0b2af68a43745b35 |
| SHA512 | befa3bfda0d1e7546bc8e72211216258d98b2e9cfd0bf6e703f128c51f0a03f818165a927f45fb18b324a64ff682b8eec0828626398b8380e58d0aa2bb1622a1 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 7e95f18cf7f1b8c4ce61e10aa7774088 |
| SHA1 | 462cf0d43a945e9356b1f288e1445aed71fe0da6 |
| SHA256 | 69f41866ca631f73ed61937b139e3226e6e7d11065b5c71e5d3169797dea1cac |
| SHA512 | 11308d76bb9e6b6a3856188fc17f7091958a4cf1f5eae619bf2d52dbdef5737daf7856e0e8a3fab0ce0fb902a1fb1cf6d418d158e3aaae4474ee73a90eb6aa93 |
/data/user/0/com.kxgosnpq.wxwdgdb/shared_prefs/pref_name_setting.xml
| MD5 | 2a56f8ee17a25cb3f66f639d6f5303ec |
| SHA1 | 14f41e4244be6f7ec84b4a54e37d75608dc26c42 |
| SHA256 | b970e5b5caf0f09d66ccac367e6dd7bc9a21f40e4298ba7f1c264642d778cd5c |
| SHA512 | f96e178445f20e867597cbc733adbc9c6cf4ca20f29282250ff8eadd701da09f76445e1a929471c796b2055b93f85b6aa0380754d344c0fe78d698fb27737a31 |