Analysis Overview
SHA256
199c27a457117334eab655b3811d24eb77f121562518f0bdf06edb676ed5845d
Threat Level: Known bad
The file 199c27a457117334eab655b3811d24eb77f121562518f0bdf06edb676ed5845d was found to be: Known bad.
Malicious Activity Summary
Cerberus
Makes use of the framework's Accessibility service.
Loads dropped Dex/Jar
Requests dangerous framework permissions
Removes a system notification.
Listens for changes in the sensor environment (might be used to detect emulation).
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-05-21 12:22
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2022-05-21 12:22
Reported
2022-05-21 13:10
Platform
android-x86-arm-20220310-en
Max time kernel
3874790s
Max time network
106s
Command Line
Signatures
Cerberus
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json | N/A | N/A |
| N/A | /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json | N/A | N/A |
| N/A | /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json | N/A | N/A |
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation).
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Processes
atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json --output-vdex-fd=41 --oat-fd=42 --oat-location=/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/x86/XPt.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| NL | 142.251.36.42:80 | play.googleapis.com | tcp |
| NL | 142.251.39.99:443 | tcp | |
| US | 1.1.1.1:53 | alt5-mtalk.google.com | udp |
| US | 173.194.202.188:5228 | alt5-mtalk.google.com | tcp |
| NL | 172.217.168.227:80 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | alt1-mtalk.google.com | udp |
| US | 142.250.150.188:443 | alt1-mtalk.google.com | tcp |
| NL | 142.250.179.174:443 | udp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 142.250.179.138:80 | www.googleapis.com | tcp |
| NL | 142.251.36.36:80 | tcp | |
| NL | 172.217.168.227:80 | tcp | |
| NL | 142.251.36.35:80 | fonts.gstatic.com | tcp |
| NL | 142.250.179.195:443 | tcp | |
| NL | 142.250.179.195:443 | tcp | |
| NL | 142.250.179.195:443 | tcp |
Files
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 2f5fc6ddafdcd012b0e3deb1b6552a6a |
| SHA1 | 2cc8ee856285f6b1ae29661cb5fe46a60fa29031 |
| SHA256 | 2e10bcce53c317b583aae5487af533653594a8b2f48d307d9d15707ca9126bc4 |
| SHA512 | f5d939a13a260f6435b7dd477e1d905128c3d2c190764220da711ff156a40b2cea5f8f40f487b1c9cff72cd32ca810a88c9c448f17355547eeab21cab6ce01a8 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 30b8aa196b163d171da28d127e55b297 |
| SHA1 | 07e1ddb3da6501cffafebce8ce3cd2b89638aade |
| SHA256 | 119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90 |
| SHA512 | 9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/x86/XPt.vdex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/x86/XPt.odex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 30b8aa196b163d171da28d127e55b297 |
| SHA1 | 07e1ddb3da6501cffafebce8ce3cd2b89638aade |
| SHA256 | 119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90 |
| SHA512 | 9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 3f54c2bb2c04001e31e183b6a7e36e45 |
| SHA1 | 36e5efbfd1b570143b5601587f8cc5ef3bba00f6 |
| SHA256 | a85450f9b7849a083fdd4488df48d9397fb652c720af5184877971121a7e85f0 |
| SHA512 | 5c04a47bdc8e0d40b9ca48165824bfbb680cbde897ce58c7e2332c37635fa3c14c1ffa3368cf4bd8f3b51b88ed079727308213c16d9bceb6293f6a4860cd8ade |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/XPt.json.cur.prof
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 21223e9184445fe043476484cd8cb1f9 |
| SHA1 | 2b4813f849121d60ba35eb0889080668bb62c778 |
| SHA256 | bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af |
| SHA512 | be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data
| MD5 | dc79f9ce5f3ab5270b33e61119dfc959 |
| SHA1 | 1844bf222a5144b513dcf2fb50a18c011701c647 |
| SHA256 | 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65 |
| SHA512 | 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data-journal
| MD5 | 8c0b9ab82c22be6f9d476439229a57d0 |
| SHA1 | c60100128964428e2c9cd3dc350e79917df741f8 |
| SHA256 | 28f3289ee1e8c2faa97564000d081221913d3455141a7e57b760a9d8170d9a8c |
| SHA512 | ba27eed495e6a17ac1595e3d60a2b376150c38a2a1f6d8e9ddce5df044ee2249c6a3ec54dee6ca439e2406b57ee29a97cbbbad30289bda3a7cb4f77fb26bf291 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
| MD5 | a2e1b3314a17cdff0394d71b6916bf7b |
| SHA1 | 10d299f79e0e64f38510584df5d609a8c63fea20 |
| SHA256 | 1d21a800611f3f95611eec68631356494dd7aeec7857441b5e2385162ea5020f |
| SHA512 | f4ea3fcc1fa768175f473d4ae60020f36c83df07b9cc7fe47046474b809f8a4062d959c1d34274fdf0df9324665225ac2b1520f6777afbb7ac49d5f48435ed95 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index
| MD5 | 93027d42b314432c4216e6cfca48b384 |
| SHA1 | 43448dd8102979c3926828182579691945eedd4e |
| SHA256 | 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c |
| SHA512 | a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index-dir/temp-index
| MD5 | 7197ec0be84c0b9805fb39ca86e72614 |
| SHA1 | 46d78668bad1da890a50160a77a7b5128048ec02 |
| SHA256 | 39625d625760caf6b3ff94acf9a79e72316ebae6f605b5e762300920b6184439 |
| SHA512 | 789fbd8c5bffaae76e73f740f5131cdd5db7573eda71954d1edb57d0b77b96c4d1fe1af5ff6331dd3a77e464915bbe60209a29d7c1d8900b9033fbe549dc9abe |
Analysis: behavioral2
Detonation Overview
Submitted
2022-05-21 12:22
Reported
2022-05-21 13:10
Platform
android-x64-20220310-en
Max time kernel
3871196s
Max time network
150s
Command Line
Signatures
Cerberus
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json | N/A | N/A |
| N/A | /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation).
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Processes
atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 2f5fc6ddafdcd012b0e3deb1b6552a6a |
| SHA1 | 2cc8ee856285f6b1ae29661cb5fe46a60fa29031 |
| SHA256 | 2e10bcce53c317b583aae5487af533653594a8b2f48d307d9d15707ca9126bc4 |
| SHA512 | f5d939a13a260f6435b7dd477e1d905128c3d2c190764220da711ff156a40b2cea5f8f40f487b1c9cff72cd32ca810a88c9c448f17355547eeab21cab6ce01a8 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 30b8aa196b163d171da28d127e55b297 |
| SHA1 | 07e1ddb3da6501cffafebce8ce3cd2b89638aade |
| SHA256 | 119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90 |
| SHA512 | 9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
| MD5 | 30b8aa196b163d171da28d127e55b297 |
| SHA1 | 07e1ddb3da6501cffafebce8ce3cd2b89638aade |
| SHA256 | 119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90 |
| SHA512 | 9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/XPt.json.cur.prof
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 6ef709b8536878951e87c29a1518fc2b |
| SHA1 | 24376c70b00152501b3d98df61fa7db435339172 |
| SHA256 | 10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6 |
| SHA512 | 96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
| MD5 | e6141ea8486c733e0b160143385e5e2e |
| SHA1 | f3feed7b1bbf15e5a62ce0bf01111b16380ffef3 |
| SHA256 | 1a167171af45957ca98410a73a62cab7765fe400833fa78e4ff3d3e6a2eec378 |
| SHA512 | 8372ed1796c85f6a702101c9bc4b0aae074e63082d155e7e99f67f77265ce2b23b612915649a5abd20d051eec372aa3e07f08e346e133817d26d553ad9c9d12b |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data
| MD5 | b663831f8cc130493476d94f2d7a5330 |
| SHA1 | 043a1956ab8e40821d67043f8a9110a8eb36fb93 |
| SHA256 | c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7 |
| SHA512 | e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data-journal
| MD5 | 042e129d99ac5902f26d54e62f9735c0 |
| SHA1 | 45f83e1720273397c53f994ff3a3793b8f1f3660 |
| SHA256 | b702a9a49e788b0a419a115806591d149eaaf364d5f412a4c24e009144bd0e53 |
| SHA512 | 80b6512e970c06a934221de8d2f8d19f60e1bb7a603ed7b3192dd0ae83ab4f5b4f67ad1b705e85b3cea0de8b23e21481262899395d39e4b52e8c4deba461be00 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/org.chromium.android_webview/Code Cache/js/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
| MD5 | 99f9dbce9217fca4293726ea9d766208 |
| SHA1 | f1868f37716eb0480b6d71de0515e8f62c72c389 |
| SHA256 | d0bf966865b5c576e6ec9c0b8440a3eceaa81ce2a9a63c86a02706a4bf8c0ca7 |
| SHA512 | e79551b0bdc509da9f989fd3ed17f62eba9345231595610ce1dfbadbe877943984dee141d8f8b4eb7d3dbc84b4887b7c7f10f9dfeec92be934bc65c030795e7e |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index-dir/temp-index
| MD5 | a0d30132a99d5644f283496550ae6c1d |
| SHA1 | a78f771e986f7cb93a7c162e2af2b1786e157b22 |
| SHA256 | dba3545fa4886f2bc7c5c9bc673dc1231f7d12f0c9db68ff7eef1c7047315acc |
| SHA512 | d851d62b8ccb098a1765eef5e45dbde49d2c4b9e43310108d2df3697a41163c93737e8128a2c4e19d04c9c5bd28c17e108b3cb7a8bc85bf2fbe86c4c5f8c90cb |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/WebView/Crashpad/settings.dat
| MD5 | 035bc969546201aeecd79ca828f2e77f |
| SHA1 | ba6c3d1629a5306619f0247f0924c339244a81fc |
| SHA256 | 853b6cfc63ea2718dd8da5fb8a796d38f4b6c37e4c88579387a8f8579c488312 |
| SHA512 | 274a4fe89dee8753b0e20543894bdca9cb8074a123649137ab3b160d12656b478e96df8aaebc7034684af7ddf6bfe98a38a605d9924c7b3794adc9a9f758cbfd |
/data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/.com.google.Chrome.Ki1atf
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
Analysis: behavioral3
Detonation Overview
Submitted
2022-05-21 12:22
Reported
2022-05-21 13:08
Platform
android-x64-arm64-20220310-en