Analysis Overview
SHA256
bb1146c08e39e704dc50c81ba12169d0eede42c38fe9ea5eedae74952c75433a
Threat Level: Known bad
The file BB1146C08E39E704DC50C81BA12169D0EEDE42C38FE9EA5EEDAE74952C75433A.apk was found to be: Known bad.
Malicious Activity Summary
Cerberus
Makes use of the framework's Accessibility service.
Loads dropped Dex/Jar
Requests dangerous framework permissions
Removes a system notification.
Listens for changes in the sensor environment (might be used to detect emulation).
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-06-03 06:24
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2022-06-03 06:24
Reported
2022-06-03 07:32
Platform
android-x86-arm-20220310-en
Max time kernel
682714s
Max time network
147s
Command Line
Signatures
Cerberus
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar | N/A | N/A |
| N/A | /data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar | N/A | N/A |
Removes a system notification.
| Description | Indicator | Process | Target |
| Framework service call | android.app.INotificationManager.cancelNotificationWithTag | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation).
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Processes
com.xwrmnh.qoszdczhgyt
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/oat/x86/hcwryfjcfr.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| NL | 142.250.179.202:80 | play.googleapis.com | tcp |
| NL | 142.251.39.99:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | alt5-mtalk.google.com | udp |
| US | 173.194.202.188:5228 | alt5-mtalk.google.com | tcp |
| NL | 172.217.168.227:80 | tcp | |
| NL | 142.251.36.36:443 | tcp | |
| NL | 142.251.36.36:443 | tcp | |
| NL | 172.217.168.238:443 | tcp | |
| US | 1.1.1.1:53 | alt1-mtalk.google.com | udp |
| DE | 142.251.9.188:443 | alt1-mtalk.google.com | tcp |
| NL | 142.250.179.174:443 | udp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 142.250.179.138:80 | www.googleapis.com | tcp |
| NL | 142.251.36.35:80 | tcp | |
| NL | 172.217.168.227:80 | connectivitycheck.gstatic.com | tcp |
| NL | 142.251.36.4:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 142.250.179.163:443 | tcp | |
| NL | 142.250.179.163:443 | tcp | |
| NL | 142.250.179.163:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp |
Files
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar
| MD5 | 389ee3aca5bf67053f3ea3bb9580fa59 |
| SHA1 | 986113f66add0927a37c7eb5ee8f25398313ba2c |
| SHA256 | 6337ad9bc6fd7c4523a9684382ed4841f453fb6b65c1fbcc5126be4fe8a866ca |
| SHA512 | c312855f55e9b4fc9513250f6a565a157b2cb638ebb9c7a2c23319ece532a580442930bf7579af08c835de54c296642689f96108f2c1d69f9fcf8b6d7771b737 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar.x86.flock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/oat/x86/hcwryfjcfr.vdex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/oat/x86/hcwryfjcfr.odex
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar
| MD5 | 9eac7842f81b72657e16ba33e90144a1 |
| SHA1 | dc213d3833f485c96b77c9c660d5b85ee9b8586a |
| SHA256 | b73f3b5256bf3173c1454d31c0c4f94efd9e496a640596aa293f62beaab35a0b |
| SHA512 | c4d666b14323378a693a2444f8ab8dd7dee7fb0e57c999495d628a2c29ca2b53ac85119a191bec8cfae3f5cec493b5e74e77b36ce46015dd9ae5845b9f734d90 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar
| MD5 | 87746a084c21774ab77668aa202ced3d |
| SHA1 | fe02e4b84dd2aeb70241a2bb08045f4d8807a416 |
| SHA256 | 3727f85275ee33318b849712d8844a3096284faab7cda26a26615359b36b727d |
| SHA512 | ae78baec75e1a88d8432338de4ebd8fa484098d812daee69dd806936b80aaece5005996c749783418eccf45df285882e8c63a79096c142884046d772b033e5f4 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/oat/hcwryfjcfr.jar.cur.prof
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 21223e9184445fe043476484cd8cb1f9 |
| SHA1 | 2b4813f849121d60ba35eb0889080668bb62c778 |
| SHA256 | bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af |
| SHA512 | be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/Web Data
| MD5 | dc79f9ce5f3ab5270b33e61119dfc959 |
| SHA1 | 1844bf222a5144b513dcf2fb50a18c011701c647 |
| SHA256 | 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65 |
| SHA512 | 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/Web Data-journal
| MD5 | 25690097d93ebf395aebfea7e6932749 |
| SHA1 | b1f4b0434c607fa089c1ef2b6e1260bca9cb2f12 |
| SHA256 | 7edb8ec863b950f003e6f980ac21cb514d375d0c7100a4ba07276077c74856d3 |
| SHA512 | 750c7532a8c8c72b51d3fb113a1e56061c2debd42b4ba5bd7bd7018f7e7cba137016489c66033b2031673f0478b2f461acea6e1c61bfe127b74842928f8813eb |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/metrics_guid
| MD5 | 05265012f5cac0d69593d5f8676b7404 |
| SHA1 | 826e2c7a18e3d4b38413d62909925c696e9e67da |
| SHA256 | f031460460c722db47aae01eafe431a4a0576dda25bd313f4d9f3af26f17f1d3 |
| SHA512 | 88fb67f3d89f6eb97a766216aae841f6e50b8abd0c806e764912a369849ad0fb2f1ddd23ccafef6a2b81ddd900c5031bf6fce4f45b1764423ab7a8de767167a7 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/GPUCache/index
| MD5 | 93027d42b314432c4216e6cfca48b384 |
| SHA1 | 43448dd8102979c3926828182579691945eedd4e |
| SHA256 | 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c |
| SHA512 | a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/GPUCache/index-dir/temp-index
| MD5 | 31a593c2cbc296707aa0ac2bf54ac6b4 |
| SHA1 | 12878b2c18e0e1bb7352d78a0c225257f0f08705 |
| SHA256 | a63e8958dad94da14ff5de48dd910742e4bb9ab01e208ec9de3400502c3a87c1 |
| SHA512 | 09993694e1f40b9d30290fb34c75cefb4c877257c9c57297711ee8756a4d90e601f6421f0ad2ee6a742a06cd519fad9c9c7df2d7a5be88811d597f74a0c8a73b |
Analysis: behavioral2
Detonation Overview
Submitted
2022-06-03 06:24
Reported
2022-06-03 07:15
Platform
android-x64-20220310-en
Max time kernel
678098s
Max time network
161s
Command Line
Signatures
Cerberus
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar | N/A | N/A |
Listens for changes in the sensor environment (might be used to detect emulation).
| Description | Indicator | Process | Target |
| Framework API call | android.hardware.SensorManager.registerListener | N/A | N/A |
Processes
com.xwrmnh.qoszdczhgyt
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp |
Files
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar
| MD5 | 389ee3aca5bf67053f3ea3bb9580fa59 |
| SHA1 | 986113f66add0927a37c7eb5ee8f25398313ba2c |
| SHA256 | 6337ad9bc6fd7c4523a9684382ed4841f453fb6b65c1fbcc5126be4fe8a866ca |
| SHA512 | c312855f55e9b4fc9513250f6a565a157b2cb638ebb9c7a2c23319ece532a580442930bf7579af08c835de54c296642689f96108f2c1d69f9fcf8b6d7771b737 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/hcwryfjcfr.jar
| MD5 | 9eac7842f81b72657e16ba33e90144a1 |
| SHA1 | dc213d3833f485c96b77c9c660d5b85ee9b8586a |
| SHA256 | b73f3b5256bf3173c1454d31c0c4f94efd9e496a640596aa293f62beaab35a0b |
| SHA512 | c4d666b14323378a693a2444f8ab8dd7dee7fb0e57c999495d628a2c29ca2b53ac85119a191bec8cfae3f5cec493b5e74e77b36ce46015dd9ae5845b9f734d90 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_offline/oat/hcwryfjcfr.jar.cur.prof
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 6ef709b8536878951e87c29a1518fc2b |
| SHA1 | 24376c70b00152501b3d98df61fa7db435339172 |
| SHA256 | 10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6 |
| SHA512 | 96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/webview_data.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/metrics_guid
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/metrics_guid
| MD5 | 80d824ce1d3e28ca285c5cf6789cbe3f |
| SHA1 | 8c5437a331a268890f0b1c3321f382d25b4feef6 |
| SHA256 | 70c05e4f21b77c867ac89239c0a09545da023e17af7ef893662e32c811963138 |
| SHA512 | c320760f38e73e94b4d942a6eaa5dbf3a89c8393daa9e64959317665b78f2b5aec44280f70a4f781128e8549b73cf28d7ce1548cbbbdf948f17fc63693037d61 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/Web Data
| MD5 | b663831f8cc130493476d94f2d7a5330 |
| SHA1 | 043a1956ab8e40821d67043f8a9110a8eb36fb93 |
| SHA256 | c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7 |
| SHA512 | e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16 |
/data/user/0/com.xwrmnh.qoszdczhgyt/cache/org.chromium.android_webview/Code Cache/js/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/Web Data-journal
| MD5 | 4222ce64eddac792d9da20fed1626f8b |
| SHA1 | 36f7ddedd5c7797f875a2e25a8ffd833bff6909c |
| SHA256 | 53e740ad4c9d3e3d89b7b0821e4d8c6e82aa493bae5e4c6994dc916e09d2100d |
| SHA512 | a3ab36cb7bdf4431f30039c8fb90a43280b65d4d5e4bff1bf395daf437f9cf0fd0545780e22e1a50909861ffd28b4330c5ef44f31b602930bff65ec6908bf2c9 |
/data/user/0/com.xwrmnh.qoszdczhgyt/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
| MD5 | 2782e5c8e7b34715bae8589169c0634b |
| SHA1 | ec264004f1f2169b804f93c5889e71f8745469b4 |
| SHA256 | 90b03bf705e085fc35ac86028bf2de130b670959875726edddfe7a69024bef51 |
| SHA512 | df08ab0b90f5ac49a1bdca520675c7e6fe55bcbdf8e6b5206e9fba83b030d96ad03533dcbf440a211ea4f9ca3827bb04f9e8da1f611562f5255ccdb3cf3ece0e |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/GPUCache/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/GPUCache/index-dir/temp-index
| MD5 | 4210ae3b9ae6441515e557301fa9fe78 |
| SHA1 | 38668c229169d79def44afe1b2853cf68d224bd6 |
| SHA256 | efd1efd4d5fc48cc495ad8e3545838129c3fd7be80d25f0a061121ce702ef391 |
| SHA512 | f6de52d4c6fb81861f0f305bedf5af263da38d60a802f8ade5092dc551efc2495066e52488e37a8ab085a79c32e0ad71de6d90fe66a2eec2b9de36e2f292bcfe |
/data/user/0/com.xwrmnh.qoszdczhgyt/cache/WebView/Crashpad/settings.dat
| MD5 | c4f6c82a95f8e756b63fa352d3da3171 |
| SHA1 | 99529c1e47d3407e65efb7a27f385d017f26290d |
| SHA256 | 03050ce524d578adae1a90cc57de689a5cbae75c1de15e12e6276a02e62f57ed |
| SHA512 | 4367ba3f0420a809d81acc08220f2ae06061eddabbd1cfe6ecf2442460469119f068c9d7089e115243da8ef347546e71441681c2c514a0cb4060f96e954a4320 |
/data/user/0/com.xwrmnh.qoszdczhgyt/app_webview/.com.google.Chrome.RKehnm
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
Analysis: behavioral3
Detonation Overview
Submitted
2022-06-03 06:24
Reported
2022-06-03 07:09
Platform
android-x64-arm64-20220310-en