Analysis Overview
SHA256
1430dc0cc26adfb7b7715624602767af26f453e3f34df66f1a6d41c38a35819c
Threat Level: Shows suspicious behavior
The file gen_signed.apk was found to be: Shows suspicious behavior.
Malicious Activity Summary
Brata family
Brata payload
Requests dangerous framework permissions
Acquires the wake lock.
Reads information about phone network operator.
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-08-17 16:32
Signatures
Brata family
Brata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
| Allows an application to receive SMS messages. | android.permission.RECEIVE_SMS | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2022-08-17 16:32
Reported
2022-08-17 16:32
Platform
android-x86-arm-20220621-en
Max time kernel
2896571s
Max time network
22s
Command Line
Signatures
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Reads information about phone network operator.
Processes
ir.shz.shzkisi
ping -c 2 -W 10 -v google.com
Network
| Country | Destination | Domain | Proto |
| NL | 216.58.208.99:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 142.251.39.98:443 | tcp | |
| NL | 142.250.179.138:443 | tcp | |
| NL | 142.250.179.138:443 | tcp | |
| NL | 142.251.39.104:443 | tcp | |
| NL | 142.250.179.142:443 | udp | |
| NL | 142.250.179.170:443 | tcp | |
| NL | 216.58.214.2:443 | tcp | |
| NL | 142.250.179.170:443 | tcp | |
| NL | 142.251.39.104:443 | tcp |
Files
/data/user/0/ir.shz.shzkisi/no_backup/com.google.android.gms.appid-no-backup
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml
| MD5 | 300ab458e5799c2a6145cac38ae6ccaf |
| SHA1 | 5e99094cfba60e999ec6b5517d4acbc79dbadac7 |
| SHA256 | bd27ad822fb474758efbf8f7b20bd50a2dc7f4f459e2bd7ac07be635f6b03f59 |
| SHA512 | 98e3289bd5b19281feb9053aaa2215a9579807e8140d43e8b55744f7dc59350e8e5104f7ece8bd823fbe842d88904877032c5c47909d8b5e60d291695d3390dd |
/data/user/0/ir.shz.shzkisi/files/generatefid.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation5971899611093629008tmp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | 70ce98cba754d9cb462901b638b6221a |
| SHA1 | 9ceb7b0b4d5664e5d1e61fea4bf1bd89a462e5c1 |
| SHA256 | 24662281b787ef6a323225c2d18d059bc7a5f77696cf0b9777aa74f393a5b0f7 |
| SHA512 | 49d37fdeac0270670e23ac029601ef50fc4d9cf30565a86ceb33ebbecfb9828e1ab44b8154f0d6a1cbd2b2d5dc2ca04e7702ee53c008687ac5cf77deaf411d86 |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | 1b7bae209824eba95032f1ecf7f4bce1 |
| SHA1 | 2316b67cb20f5719ea28720b892f7008532275d1 |
| SHA256 | b377d31153c5e68dd8400088b49b1cf56494c3786e37ab036869d6e050e1d910 |
| SHA512 | 68cfacf310267e7319eeacf0193be52842b5be7bc695c25fe80c8754f501922475b9c12f94d4b73cc964b66ccafaf2e4a6708f20b66f687ba832aded2325b82a |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 250b4caeba60ddf53228405750ba66ca |
| SHA1 | 422ab714feb34e9f3b4f1cbe669887bcd581ddb1 |
| SHA256 | 2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e |
| SHA512 | 373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb |
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation725043565727862834tmp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | 42f8200c8fb7831685b196c4aceee591 |
| SHA1 | 262a97f7bc1fcc78a84a43aca9fe879d9326aa66 |
| SHA256 | 1bfd0a7b7ff7341787b732f1f3c76ae4045453aa68878295c1ff1de83d78e274 |
| SHA512 | c74ad17db14b773cf7cebad59107e08cac324ea335573553c45ef6e5d176b11aaa3d9b81eb04826ebd5598b303c8de12dba70a294e77252d24f0fef22ce9bac9 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 2839b55f9fd103092b563d3ae8d4bb0b |
| SHA1 | 6f6fa50442bd7ae4bce5bdac3dcd0a00fecc3e21 |
| SHA256 | 94fc0449b907131e37df2595979a8fe4a3059d6291a7a54a071dd254c270df3a |
| SHA512 | 4f85705659a012571fe971de5ef959aeb20d0b58ea757f6b690579237aa6e4d14f6130f623250609b9e144604d29cff968f9e43994b50c79998213f4d7cc6467 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | c6528633ab1bcb93b739f8569c797aa0 |
| SHA1 | cf450cc1f8bb0b7835d8b18d46f8639fda7f5b16 |
| SHA256 | 3770c31a3717ee769ae08c1167e9e59d4796c58108b84823502b34ede34065ac |
| SHA512 | d54d05994c35e80c6c1b8c5bc58f742759b00b9a53d9dc342c48841ce564bbaeaf7948ed32935b3c609a5fd7b3f6bf05bda13f885603478cf2d90600b80f43bd |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db
| MD5 | 89cd606d433241b0e400ec6e41988cef |
| SHA1 | 89b9c657f7f3fb4ccfb91cc80fc96e8856c48ed3 |
| SHA256 | fcba6384af560e501a3fae9ffa613d5f9d08484ae6c759bf54ae4178d4c2d253 |
| SHA512 | f79809217f10226f1a915adad15ff5d89aae50835c718a7ca3a9a25fa570f005c8b0ae0eaea767b68bb666d8128426be51b3fbad8e3b024a7f0f0302b14179a1 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
| MD5 | 515fd859d9af09c551ce2aee49233072 |
| SHA1 | 4a514e2b3c7aac7196af85938f3d4e9d632dd179 |
| SHA256 | 7b8a5b6c1c58408ab0be404241e56c853b5cc8a6c4220610c7b072f9ef9299e7 |
| SHA512 | ebaf0f45a51ad17f6df94c26b7ef62492afacc981ef648fab071f2e668c81b689f095ddd903e714011727be77a082737021236527a499501fe778eec57ec33bf |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | 0b067e890a7cd33a7d0e28f60ac5ce08 |
| SHA1 | 326d2a15e9f01ccdd0ddccc7a0ac06c80bd3c65a |
| SHA256 | 98bbafcb045c69bb67ffeafe5cd496ebf3f704089c15a584c463f7fcc76f1a70 |
| SHA512 | 940206d5ae3ed877dd59ec73189f24ac284605b1a9932106dca6e9d8e7b18a6384ae969ab3ffd3c1e9e1fcd00dc336d2a9ba00590d2618d68ffa096d6aeaf3f1 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | aef60a3c5cfd71c8e641425170b15e68 |
| SHA1 | c332b63cbba499da3b6eed0f931948f924bf6374 |
| SHA256 | f06018cba7a7a68d4d8a19953342fb4a4b8d20ab95de77f9d72c96da8b3b3d5c |
| SHA512 | bf7a679edc02ba08f7b0c4c2cec662584457bedeae0d846a34e4465386e3c4ea49af8bac0c2a6103276d41c1cb9649fd427fa25d74f303e192470670fed75cbc |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | da4d4ab6e30491d98c642c6b8829810a |
| SHA1 | a93c88ab0ea384cf6487bb0dbcf5fc7bf852ddd5 |
| SHA256 | b1b5393cf0aa1195d23bd25e616f73a33ba6420ff904ca78e57e4e9454a2e2d3 |
| SHA512 | 75d48327e2daadc80b852bff00b6215e095d7f06fd2a57d1cda778177941a16539ee017f7c361b46a914eb02713759e7eaae8e49ef9d17767064da0e9aa10804 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 3108459174d6ad7c79990b71c20b1f2d |
| SHA1 | 7e37985dc0bcdcc991682c9c3b3a7430a6161f85 |
| SHA256 | 75dc0a9df9ed0c4a3f9119b82013a324d92677b4bfff57bf8dd8daffdf6a9c36 |
| SHA512 | a9c30fa001922d0fe120163a585d3aa883efe4e79f457d72082026ae72b112406926645742c73b3a36deda9c09b0b3ef5dbebb8236dccc163939cfcc01ba1390 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | d3b7e43c3e481a36840ece55f290db6d |
| SHA1 | 7e4014462927f21e05eb76ce6670dc9b4350530e |
| SHA256 | 53ca1e4f0c554158e305112260e4571b476e1b85af19180c1227f2ac8c0fecde |
| SHA512 | 435356d731467e002aef9db0457aad89f45a7f9aa0ad661920de94a8141b624c5bbe9ffce0ea98561199f96851cde47435e3d2f8c507e8d3e2017b72ecb7daa4 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | 62b8d38d45e7ea65cf32f9eb71171e99 |
| SHA1 | e403d72d62ea5ec3e30ffcee0e952e5bf813b23d |
| SHA256 | 055f85793f7dfb14fbba2f381d164b49eddf34192db3670bca6e17008ab810af |
| SHA512 | 59d2c3d518e2eeacdecb1864ec36ea40349e1fb1359e9504212bec0e2d3d4a5809499c6672fa29fb680623f391168d0ecc1b4ef11078e503ecdd4f66ec576ecb |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 2484b21da08d8b5539c95cc51f4c05b0 |
| SHA1 | f0cebfc859ab14084071b2af3a67cd96433b270e |
| SHA256 | 5e98e2c7899a5185ae4b6939007991163068d29918863eab669239f87c0784bf |
| SHA512 | 0f5bbb2298dec1294b52b89978605b6ffeb1ca91c478549f60d29d04630ceefd0bb58a094121f5ddba880df14b179a1f30d11a907e9284cfbfda376f452b5d53 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml
| MD5 | 6303be2b607e7547c196cc70adb760cf |
| SHA1 | 2e3585e76da8fc27cf81368aefceda930b3ec4c7 |
| SHA256 | dacbf2519c95446162c6c3c1a01ffdb3d42833d0878c689a2608bdea6aee4986 |
| SHA512 | 0339b31348b2938d30878f66a17f9c89d4889dddffb365f26a2c9d23926f2d4031e2352ca595eed020d3ae2428c243ce224d155d373be4b19b4d9aedfbd68292 |
/data/user/0/ir.shz.shzkisi/cache/~test.test
| MD5 | 098f6bcd4621d373cade4e832627b4f6 |
| SHA1 | a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 |
| SHA256 | 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 |
| SHA512 | ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml
| MD5 | aec196d65099ffd67131029bbce47638 |
| SHA1 | 01cf025c83370890651dff539e2b73e1ce0716dc |
| SHA256 | 2de0025f194826f7f46822142308de003538c6c566cf31a3adc5cd8f2382e334 |
| SHA512 | 37473837ff1cfe0619f4d1727bc6061379b9ce80512ae3bec5bf932ab4ff4a17958c2c26159845433fbebc73f66570ba1659cd3c7377320a91aab0dd595d9863 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | a62ca47c7a4f567d74abf776342790da |
| SHA1 | 44ede2bc860a4a84b53b85dbf93c79bcee6100f5 |
| SHA256 | e1080ec3e5b60a3daa64227745ce73982f2280702e329d31dbb85f1f8b544d89 |
| SHA512 | 71a6f2e8dc9f0500e609cd2327a3b76d57fc8e912fdd14ae29c9e96d6400be4c0f634816531cff08911e5779b2c5e485069f75c3fbbe088dac7463addf03db75 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | 93bd99d9c08e847c998d3d93475ba533 |
| SHA1 | 59b5f460cf4793b64f93ae2b9b588e54cbf38927 |
| SHA256 | 5e249851940648a79c0c045bd1685735d8e813703f3b66b6ee45bc8de15cd19c |
| SHA512 | 3916de9b680afc44a791b0ba81561400d6c06d365d8c2dff1cbee3cb6bb4304ad847e9622ea40ac008734efbb53369d28ad56786f0f40ae57829f3b8644b7c71 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-wal
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-shm
| MD5 | 7dea362b3fac8e00956a4952a3d4f474 |
| SHA1 | 05fe405753166f125559e7c9ac558654f107c7e9 |
| SHA256 | af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc |
| SHA512 | 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 64774b00c492f3a9a8cde70d57561417 |
| SHA1 | 231469f96a4b4fcd5c2a412abd64078a815bd293 |
| SHA256 | d4bd6c4e41699695b62f2c4758219d89ab2e9424d4cd4822f4f052b65af3e205 |
| SHA512 | 05f73296050a7c4441a0330f77bb2f9c1379ea60514c49e4ad6532df4dd47cf2bea76ae18ddedf197a1a3c2765b48eb7c85ee9077a47b97acba8d21772f590b4 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml
| MD5 | db41d9ce17d2008ed2a4e99f7646306c |
| SHA1 | c5ba84a021d54ee0474847008760b596f0527142 |
| SHA256 | b04105708823e14d888d89e3027348c179248d50c072a9b4976abfb9205da7dd |
| SHA512 | a30f1c8e2db7ec777246fec7450713c18118bcfb42218faf57ec4136f5cf420ddab2150f8915ae6885e6d8d9a58117881ccbabe8596fe81d4c5a0c67e58516a5 |
Analysis: behavioral2
Detonation Overview
Submitted
2022-08-17 16:32
Reported
2022-08-17 16:35
Platform
android-x64-20220621-en
Max time network
135s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.168.202:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 172.217.168.202:443 | tcp | |
| NL | 142.250.179.206:443 | tcp | |
| NL | 216.58.208.98:443 | tcp | |
| NL | 142.250.179.170:443 | tcp | |
| NL | 172.217.168.202:443 | tcp | |
| NL | 142.250.179.195:443 | tcp | |
| NL | 216.58.214.14:443 | tcp | |
| NL | 172.217.168.202:443 | tcp | |
| US | 1.1.1.1:853 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2022-08-17 16:32
Reported
2022-08-17 16:34
Platform
android-x64-arm64-20220621-en
Max time kernel
2896717s
Max time network
162s
Command Line
Signatures
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Processes
ir.shz.shzkisi
Network
| Country | Destination | Domain | Proto |
| NL | 142.250.179.195:443 | tcp | |
| NL | 142.251.39.99:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 216.58.208.99:443 | tcp | |
| NL | 142.251.39.104:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 172.217.168.234:443 | tcp | |
| US | 1.1.1.1:853 | tcp | |
| NL | 142.250.179.196:443 | udp | |
| NL | 142.250.179.170:443 | tcp |
Files
/data/user/0/ir.shz.shzkisi/no_backup/com.google.android.gms.appid-no-backup
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml
| MD5 | cb7d75cc3d55a86c4e19f6a75802de6a |
| SHA1 | 7ef04d2929ff8bdfe68fd91ed2a207a35af8910a |
| SHA256 | 3c6f4d0d992145c1134191e057335fc06d9a57d1606d6e8a558355656008d4ce |
| SHA512 | 0dc8dbacca6dc04646c8d576a6557af4b9327e4e605c78174671ff5327306e7085b510b9c73e856acf5ba7093a082bf89ef39699f5307b22567c4b293f38984e |
/data/user/0/ir.shz.shzkisi/files/generatefid.lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation3208643008408890126tmp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | cf198d8fa16d3ec4be0f4add4c03c7d6 |
| SHA1 | 870f696aa44f914494668c7f6f026b4c31952605 |
| SHA256 | cdee69a446c22f72e09ceb70f39daa149e2f92d67f3c5c6d6e2c407d543ec52a |
| SHA512 | c33bdbec29f68b819ecd887e68b3d250c9f7377c78477768b39ef8fd4ca4d6545b2e37b50bcc019df9accfa7991f0b019f1feb6fdeda010cb637262eda702176 |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | 51b3e5d5bc7893794dd45b332d0bc780 |
| SHA1 | ec79a68f7e6367c0890177fb60552b66ee11fb94 |
| SHA256 | 4ce9a478345ea640442d4374ddb293bb3abd64b430156ef0cd7e5fec650b9bcd |
| SHA512 | 5c00d8a6c77b52c67262bbe40255bb9486c904c4f38317b620225ed52c14306bf4a2486719000883b7364e9a16e94707cd8073ade3f7c0952b7fe9cb3020dc99 |
/data/user/0/ir.shz.shzkisi/files/PersistedInstallation3510737775562140280tmp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml
| MD5 | 51ebe5192a22be3cecb649b2925ffd8e |
| SHA1 | 5d83402d6ed4069ec0006a2cdabaafeb5f6c478d |
| SHA256 | 7000028988c1d690ff588e39a7d87ec9b5dfcd3a871b85043ddeadba823f845d |
| SHA512 | 081e20f2fc8753f78fcab8a1c814b991b38c79404d46da62bc485d55c2cbdc9dd2e513ad5b4878dca8010757404b12917ee69d790d7561e4a58e395cab600dee |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 250b4caeba60ddf53228405750ba66ca |
| SHA1 | 422ab714feb34e9f3b4f1cbe669887bcd581ddb1 |
| SHA256 | 2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e |
| SHA512 | 373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 7b00b87549415b1cbfc5c5d69bf4b790 |
| SHA1 | 8f4df8cf4611e9908e344a0b3c52c0d98e69a19f |
| SHA256 | 6eb034844894afd9a73c06fbc58df577fe3fe4fe72b87a71eed22a190b2c6b00 |
| SHA512 | 91f5341e1f412668186ec9d456d2333aa783bd3178092ad3aad5b2b2e9a010f10c0d820e48c4749408f0a82f47b056352c4f89a65830d486c519e5dc1e1dbdc9 |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 8e1b2c914bb985857d2aa695f1211210 |
| SHA1 | 02cede841e9ac63d9c3f5e3f7d4042e2354a0a17 |
| SHA256 | 2740ca9e8b7563e7807be98e7b2bb60801b386d4a67982ef20bf8123321c2e24 |
| SHA512 | bee5ac1d57a522ea17e98357c7386582b8048747afbba38cc88f412c01e7e0d5f76c7613d091c842a72af395d22a27b2156f6bbacc7133377a5e0045a803b14e |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db
| MD5 | 8dfcfdcef5a9793fb83bda404ec3f42b |
| SHA1 | dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b |
| SHA256 | a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2 |
| SHA512 | e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807 |
/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal
| MD5 | 58974fa4de885561c35dcefe0f349a8a |
| SHA1 | a3958a7b3198a39eed8d8cd3a9f045496242a9c2 |
| SHA256 | 34e0cef2e8ad905d261b5064bfaff29a754f9bc6061ed6fb8ef3b852047efd54 |
| SHA512 | 079142169bd5f13f2e882cb1388d5f7f1fb0af27e2cc377a5f6496d60aa254e66d0001f63e9c236210fd31fcc5fa0c3dc3c9f14919c8365022b28be6baa5db4b |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 7babb87e1c3879f210a1e1c92861feef |
| SHA1 | c703ce09e44543854e341250fa472484a7413243 |
| SHA256 | a433e298b09c0c48dd516c989b74a32f129750250b185e64323b25a289e4eb7e |
| SHA512 | 156c9e6d82b1dd7b3409fb17c944796afbc91a69201bce3f9a7a1adceb7605ca11de4040b06f461ef6ce5959ab1ed5986c2bf6960e034cbb7d8b05b15f5c3b6c |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | 1bf9343399d9514430224cf53a6d733b |
| SHA1 | 7a55998791ee27e179c55beb94ea974c3f1ba2a0 |
| SHA256 | 3ba26cf49d97a0c663f78288152b0af42335321ba5b666caa9c47bd7c0919dce |
| SHA512 | 5080b9c63988944bfcf697d18cc7c5276104e7d6513e8850962bcf6750a5759aa5e6224a1281e510b58c6d3e4f884c2d5b687a13fcc6f1281db01311bcf4062c |
/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml
| MD5 | ce09f35299d3d08321ddaf5aa9cabb85 |
| SHA1 | 6d44c551c8c746b21cad6f3c5516f5e80031cb67 |
| SHA256 | 9ba9a64d5cd0a822f6651b03af37bcb4b4f6b79d201432f166bc2a5aa7494cd0 |
| SHA512 | e63428ab469a1cde6b65d27da909817444d19777d4352798eedd8ef485a42d6a79f315e035a150544f1f67dea68abea507ee03cd0884918925a119ad6148f0fa |