Malware Analysis Report

2024-10-19 13:14

Sample ID 220820-1nrdtshagl
Target لایو سکسی خاله های ایرانی.apk
SHA256 73a061cb875d964a1bc2c252101d660563a66b4fb425ccf3b20d2642d039078e
Tags
brata evasion
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

73a061cb875d964a1bc2c252101d660563a66b4fb425ccf3b20d2642d039078e

Threat Level: Shows suspicious behavior

The file لایو سکسی خاله های ایرانی.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

brata evasion

Brata family

Brata payload

Acquires the wake lock.

Requests dangerous framework permissions

Reads information about phone network operator.

Removes a system notification.

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-08-20 21:48

Signatures

Brata family

brata

Brata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2022-08-20 21:48

Reported

2022-08-20 21:50

Platform

android-x64-arm64-20220621-en

Max time kernel

3174846s

Max time network

157s

Command Line

edward.org

Signatures

Acquires the wake lock.

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Processes

edward.org

ping -c 2 -W 10 -v google.com

Network

Country Destination Domain Proto
NL 216.58.214.14:443 udp
NL 142.250.179.195:443 tcp
N/A 224.0.0.251:5353 udp
NL 172.217.168.234:443 udp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
NL 172.217.168.202:443 tcp
NL 172.217.168.202:443 tcp
NL 142.250.179.162:443 tcp
NL 142.251.36.38:443 tcp
NL 142.251.36.8:443 tcp
NL 142.250.179.138:443 tcp
NL 216.58.208.98:443 tcp
NL 172.217.168.234:443 tcp
NL 142.250.179.138:443 tcp
NL 142.250.179.170:80 play.googleapis.com tcp
NL 216.58.208.99:443 tcp
NL 142.250.179.138:443 tcp
NL 142.250.179.136:443 tcp
NL 142.250.179.142:443 tcp
NL 172.217.168.202:443 tcp
NL 142.250.179.142:443 tcp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
NL 142.250.179.196:443 udp
NL 142.250.179.138:443 tcp
US 1.1.1.1:853 tcp
NL 142.251.36.8:443 tcp

Files

/data/user/0/edward.org/no_backup/com.google.android.gms.appid-no-backup

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/data/user/0/edward.org/files/generatefid.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/files/PersistedInstallation798290079537894365tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 803f91d13eaacdcbd83ec738c9b2f146
SHA1 d6438471cdded11f63d652133b83c2fefb806701
SHA256 5bc73a04afb9bb3562260b78534d0d18c1e889480e2f4cad0ab921ab55f5d926
SHA512 7b5fa4aa7677d4c755a07497be969e0604a13b3c11583be73e72b50a6c7ae212636852ee5b0d7a7d1fa8de6576153acdd4bb71e25ddb68aee4fad792dc966a58

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 45ef0ee3d930195670e0112b4a32aced
SHA1 46f1da5c6d96c699cd7e52a5bba42124cc4146ca
SHA256 d6e2e7a387eeded9dc1f05498ba0bf101645c75c8ee6fb173146af3b61274a54
SHA512 c6d633fae738261e1b6b6489f035809b83ddf17e7f907723ebd802a2f68ac31ec72719864cbe1163f7a297e88184bbcf0f50707b5622f96b3d4f0f623ff409ad

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 250b4caeba60ddf53228405750ba66ca
SHA1 422ab714feb34e9f3b4f1cbe669887bcd581ddb1
SHA256 2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e
SHA512 373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

/data/user/0/edward.org/files/PersistedInstallation2943347272502808873tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 f6e7936ec3335c7ffdd19e50c0a24c5b
SHA1 f868ba6e9830e4da245a7cee7b107a7b00c78547
SHA256 b6208fd70e0863ebc420d47b16f451fae53d38f9a414ce498cc4aeedef50c54d
SHA512 3085b9e0282d94b0b1caec81cc5282293c891c0385fe26adee86dfd2b863daf68ce000a9219996bb5cffffe54d088a51c2c507f91f482b6e65f2c27f373a2749

/data/user/0/edward.org/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/WebViewChromiumPrefs.xml

MD5 97ccd9a2b2063143df56b6937f961ca4
SHA1 5e78a91ae5df289ce83443cb7d5589dd3504fb5d
SHA256 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd
SHA512 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 ba06bf2acaa1826302f619cdc043a46b
SHA1 f412b22cb002f8556e3fc0eebdc17a40ac5f4bb4
SHA256 8d9e68d9d7a24f8d244d9e5d97661fac96f4def4d960018c822583c556d3e74a
SHA512 3aa039bd2e780fa6c0962ae63e0edbaf802ea9f6f5097b146b15b6c86c4142bedfad4b88011027b59602e0a2d07b803a12400e0a7593e1c48b954af13acc048e

/data/user/0/edward.org/app_webview/webview_data.lock

MD5 31b97799e65d3533be667905a7bb9b5b
SHA1 61920dfae9906dc2413aed7ce4c2771555609587
SHA256 a2dde953071881f943d4ca2dad212357bcb4d6a7d9c512e90c5fb3b5a41c6f44
SHA512 3a97fa597dce7f331cea28c54b6583a2b32a9ba86d4e9029f762f304f361cc2e02bfeacd050947e4a294407bdd24f80e8c17641e8eef3089af298173a14b36a0

/data/user/0/edward.org/app_webview/Default/Web Data

MD5 a48cd9324b1f8754b07f00d863b840f3
SHA1 11c6614775b35a58f440971dfc87c8aaac6d6173
SHA256 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420
SHA512 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

/data/user/0/edward.org/app_webview/Default/Web Data-journal

MD5 9ebac81748dc807543b11d09d4c3c0cd
SHA1 9b212eb3bb71c780a9dc4241abb9c894b21b470f
SHA256 9d37cf90c526c9f5172ca0c0378ddb69764bedb9448d9be39447a0e46114065e
SHA512 944ea9ecb897bc9f5d1bc3dfc8d934eb60a24ecccf8b89a4928139c401a78ab226748ca29396d29d0802973aade10156dfd9ca036ffd07c04c174a9727c24c3d

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 52f5e745454bec3ff15e14fd0fedfe1b
SHA1 c689be1f5209f1cf19cd84af4588ab2d96de874f
SHA256 60d3f53f5583f618a9f6dc09ad638a699bac30246991cfb1712d70654338c5c3
SHA512 6b599a359ecc08ba83547e17f51e684ebcb0ba56ba413d0136daa9048f820dbb0aef62fdf8edc3bc6587cec4570c10b1169eb13adb6327c74db6d733d3098d84

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/Code Cache/js/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 d23141f36ee5b9c6de62f58a21a51d1e
SHA1 74b1e0fb86afaeba5eb4062f8b88daf6c6a59f01
SHA256 bcf18d82f25407047068002570c688917105e16d0e2890687059fe18da981449
SHA512 85a5a39f18754dd5b45f3ca2e886dae3f2be37c47509c53adf0b785049b3aa758dee1c27f10889ae2f523db8f40d185147519fdf895b58ed681e7b771bbccdc8

/data/user/0/edward.org/app_webview/Default/GPUCache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/edward.org/app_webview/Default/GPUCache/index-dir/temp-index

MD5 9f1f6a26c69ffbc01aed01a28adfb84e
SHA1 3ac92e8dba7d61c54cd0272f5dc3124060ead9b9
SHA256 b52cc4f18c2f13e4faab0a1092aaebd98fe2984ee5bfb3b4431c427a46d1f6e1
SHA512 1aabeb7ed4f4a0eeff50f700cbbe0f51965a2bc5818ea11d76679f06e79ae768b6e9a12d4f57dc4cf8f43b1feaa995ab21f6b5fb8d8ac5d24eb6f5a9e0318c29

/data/user/0/edward.org/app_webview/Default/Cookies

MD5 dfb2098ca7b3bf16d6f5f1e7d3839af5
SHA1 ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d
SHA256 e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224
SHA512 fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 d37c1d87fdcaf576269ffa852d4c96be
SHA1 fd0963c5c5c02acee39baab549f032f5d22b33e5
SHA256 b085b3a73258bd287d3cc026d59c13869637aed0e1bbb329577eef15d582b1b1
SHA512 9b4473056f70f8ef66de86ea7fb3c79d7a791a6b77d19961a029c9ad6eed03fcf5b006e30290aa2ea4d5db1cb83be866fd1783863c3c4e3ff3a4d0381b1b2e89

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

MD5 f0d4f89c94b37451cb77089ca50ce0bd
SHA1 2de219d4feccc413b460cca63bfc283e0d356e9a
SHA256 f24f3e6e0ee36110da03f9c1bcafd20561162694f8ad64c3b75ef8ca6dd0a3b5
SHA512 0a9eaa8eebfb643469601ae746591964f447f02f3239d3b7ba5dc2d0a477faaa15114fb9951578b5ef839ff515a6f4a453053d05c0b6094715aa3f04a06fd724

/data/user/0/edward.org/app_webview/Default/Cookies-journal

MD5 e9e3f70ccb9b1e8f5e6af1d12830b916
SHA1 c02709fd7372c4aeb23fac753d52c85e825442b6
SHA256 c1a1f335b59d1d1b3ef146eb0dfa8f84bff002c1e4568ec56418601a2748ca5d
SHA512 d8b96e1dce6fd44ee9458601239ef392d435e6bf4db21fef2bd13aec7f53414a05f6bded639e90dffebe8ac6c1e5b633bc0acb3b4970e62fe9645864e5e05453

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 12e74d655b652b2a65eca7514b6b39d7
SHA1 970cfc58f83e771ee27a0ddb80db09c1da825039
SHA256 bb08924b04e7227d01be0cb5105c2664da701d364b30f99c449f38cc064ca8ac
SHA512 e5b19958a4d841e121bd83daa25d22201d8fb547c1f46a7d21717edccaff5a3231d8595a809fbfe0ce9fbdeb451fc40d76f8bf610bdd69cbdb1117cb86734d76

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/52cb34486bde504c_0

MD5 58807231827e9d3625b535a0f75c9e92
SHA1 7e9ddb8a7661eda03e9241f92634b7c63b153cfc
SHA256 b4cd459399cf344dddbf450cee0fc1ce0082d0a3847ccf30f81e6a54902c835c
SHA512 c333bc16b71d35316961bee8fa96fa2eddfbf9e0f2594b8160156b89eded8b4eb81a5d014cb53a8244146949d3ffc327dfc9e96bb68e098d197ac0f58a10c118

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 67da7a91b9ba831c79dc2db3fb522a1d
SHA1 6c731d7d99ca8d73412bf44869e1dbf5b4b90aa0
SHA256 1974b9be74d98e4b6f99d3f92829d20a2e7a23a5b2011a9178bae0118fb2c32a
SHA512 47ac2f248ba29f313d537e8fcf5c4e55897c604b191df411c9e685d1ca90a305af02ce6b38375fe19ee85d7e44cef66f2067a5b92382c0a9e73eb8c1d331db91

/data/user/0/edward.org/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 162a633a142d241f49b723bac11d001b
SHA1 334825c29e45f1861bfe34909abfe80843594a25
SHA256 bb70c77918a23dc82b394bef6d8d7d094a4ddf52aeafba69bcd9ce5b031c0f01
SHA512 4ce9cb8b07d971f48bef84d0f79f6da541f81962470deec18cfa70b7b8cfe4f16e22eeb9c31aff3b1945995abe30c87565d1df0f0410d116f98d4394a6e51cf8

/data/user/0/edward.org/cache/WebView/Crashpad/settings.dat

MD5 afe5a5d3e7b4db33691402131f982c18
SHA1 8f9c64c8135f5c20682d1e7a8423bdfc1f2b794e
SHA256 4f7956e11224c515430c1debafe81c38506b8c57c892bf86ea1f9d67d06f3f44
SHA512 f698082e73c7edd28aa6d61a458bdcc1c57f78cd244cd141b82a753f2bead1c522e434f149a8e88e39a74ac6370b345ea7b7c03ea39fd3178f8e4e2d020dbe67

/data/user/0/edward.org/cache/WebView/font_unique_name_table.pb

MD5 f080fa2a56ab5479d58063e5ea871447
SHA1 4b3fd57a98916fa5784305b76ba30af26b5253d9
SHA256 0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815
SHA512 8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

/data/user/0/edward.org/databases/google_app_measurement_local.db

MD5 8dfcfdcef5a9793fb83bda404ec3f42b
SHA1 dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b
SHA256 a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2
SHA512 e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 9d22d40ba2041fc84d1f854254fb6879
SHA1 164f3899eceda0d36149e453f20fa4d0afdf7cbb
SHA256 b8ec25fdd4f3de76f416e240624c60a3e68d7ffc5ddb40e3eb630fd5526b31d9
SHA512 9cd3beee15c74d1bf80c1cb9e988c17ccc2660942554cc1e9b55cbfed52792dcfefdec0391d88c467995c902f7775596bbde356c7a6270f1862f3bca19a65de1

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 38ba09bfd483c823a1312f9f038242eb
SHA1 72fbea3470f385fc23512364ddf01a33d19732de
SHA256 dc55603e46f006ffb0b44cae57d4f3228b60d82a251a0845fdcbaff86512501d
SHA512 36dbea46b5d5c0049235d0e52f1e36675bfffcd8405de7c936a13801c62ad76fcf98037d9ff22d7e6865cca89cc759785ff2c0408c4ca8d6e9874a84983b3e6f

/data/user/0/edward.org/databases/google_app_measurement_local.db-journal

MD5 0b9c5ad1598f2c2061195a0d8853fa4a
SHA1 dc65e11cfebb99566d4a106cf7dece96666dc462
SHA256 ca65cb1b94447910142e04cec2c777aeddcc6980c293b1fa736091704d20f5d7
SHA512 b1b8bc162e30068ea8ed243bbfc8e00bb9c16a5306736cc97361e672e153262eb49179bc89afaf1dd9547bdae029dc00ce5250807c4ec854f9673557c8ee9efc

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 54297aa118802db70c2ab8f2a7a43989
SHA1 7de3d0dc226970943bdae38418926b0919ddefcd
SHA256 98f6c7a5d70c68c5ea6cd02aee7632dc48bee4d4cd6e92aa3464ca9634e518d2
SHA512 6520c858898c2cf107c4b77efa1d1f8bf61a79a49921119b0cd583d92bc76e32a324a91afba569271a8a3237f0ac9cda6dbc437b87d15278682a6c55f1f66a14

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 5669fa756e7f6e9a536811473609c8d9
SHA1 5931a347c1654b42d480045c2b1ed2fd43f7e642
SHA256 31616e8ab9aef697f38f643cead086f2aea7380a144d6c606faaa1146a715b5a
SHA512 a0bfc3193a1b5510516a8da3fa5217470ab0f63b96de650dae571c77e3b1013ffc5bcd324f9fabc4eae91f70e831abc6cc1639f47a931ac05fdf6f94ab6e2dc8

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 77d4c01ab8c76b553cc87f32b355a812
SHA1 92b66c3b311c256781a0c2635ff453dec10ddf35
SHA256 698121247942171863f7c225fbb86f9c14c8f6c7e1093d70803dd2bb0489e1af
SHA512 e58c5f530e50e4b939da8d12cbf97fa341e524c95e348c0b657f29f046f3f29c7e0ef226c9cf77840d03658972405106c2cfcb3d9e4b867d0c0f1a43a92d74e8

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 c91432f4c2b95e19cb713ec2b6931a89
SHA1 8881237dab940f02f84999069d740c96521b2e43
SHA256 2ac2d96c7c67a6cbb7c1e69c415877627d0785df6636d5e860ce7c360730248f
SHA512 cb9f52f1ab1c2ef715879e2771d1e7d94d8d7a3c217da8571b5f14eb1f25f4e07546deeab23025e7a93bc0378812dc825e737bc2f6db1c161f2da4aafcd78ef1

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 cf2e4334de0755ea9539c39f21d04706
SHA1 bb47a54ee0f1a983ab3e88cb60d6839995877b71
SHA256 b6b31b92fbb412a567282383082b8382ecae8b8b46f8be76a502725b8c6ddef4
SHA512 f540551aa0343fe8220e2724558d5fc0f9fb2316bec0aab58d3aba266be00331c1c70dd6a181de94d234a07dc5d87751ff2f1ea56c26bbf19e045b2435c4a6d1

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 38ef4cc1b838c14e2646f53da11ce999
SHA1 9d5405fae14c980a2a9605c8389b996c0349bf74
SHA256 bf7ddf081582e2f321ef6aa7ac9c11bbbf49bb31ac957c8374ac1f12ed0d0b99
SHA512 0aa98c3fdef1195c4c9e4ecfa2051039e6e22d9d504d8417f2c2248d089b2069b4c9fa454b6baac86858fe0771ec221fef07fae72b13aa0afe8ca211252a66d7

/data/user/0/edward.org/app_webview/.com.google.Chrome.iDw8Uo

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 f11fbfd780343bf24c23204b8b622196
SHA1 a4cc446e2c1f933761c2d9af73b8a5801cb74ea7
SHA256 f82ecefaea96abf08a0178f67bf6642b705bf70ee8a29b7498bd76c2d4e2a469
SHA512 6892b7ad60cde8767e79c65eea12d070f81ba84b471c09c0e5d9e0fd705f71ecd83c5c65ddbb2516cb9600b0c35b9dc2f5f80fcb0d2e25ea44a6db615f547270

Analysis: behavioral1

Detonation Overview

Submitted

2022-08-20 21:48

Reported

2022-08-20 21:50

Platform

android-x86-arm-20220621-en

Max time kernel

3174838s

Max time network

144s

Command Line

edward.org

Signatures

Acquires the wake lock.

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Removes a system notification.

evasion
Description Indicator Process Target
Framework service call android.app.INotificationManager.cancelNotificationWithTag N/A N/A

Processes

edward.org

ping -c 2 -W 10 -v google.com

Network

Country Destination Domain Proto
NL 172.217.168.202:443 tcp
NL 172.217.168.202:443 tcp
NL 142.250.179.195:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
US 1.1.1.1:53 google.com udp
US 1.1.1.1:53 14.178.250.142.in-addr.arpa udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 shahkarefarda.tk udp
US 1.1.1.1:53 android.apis.google.com udp
DE 142.250.185.78:443 android.apis.google.com tcp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp

Files

/data/user/0/edward.org/no_backup/com.google.android.gms.appid-no-backup

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/files/generatefid.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/files/PersistedInstallation7765162383389860233tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 3bba8d3aa750344edeaf2fd77da2720e
SHA1 152c76d501d870164f1a9890efe6a347072ba6de
SHA256 7bc56490196f45d9a40f7a942c2f25db07626d2926a915d08d5d8e37f0eadb13
SHA512 275a731c88467a877852c01c41926b8ef95008945ae7508202b239d4134fc252566e5387f74df99360e5513d7cb4fd4c3ec50b77e736fc4102f65643f5cf2ea7

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 75766265319fdbdfbab6c2260b1adacb
SHA1 8376bb682dd2ecfc9eb435abb3ccc88c70020b80
SHA256 f742b5bd1b467b52d033920b8ebf3131a4d479208c8b75de87dcff6581aede91
SHA512 65e03028b40d5ecca86f50d70c60a9aa1af2638b5ad5e721e8527168101cece0c26be11e02f659896712fb9d8715c4c1070de613ca504baada8999681bf18e52

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 250b4caeba60ddf53228405750ba66ca
SHA1 422ab714feb34e9f3b4f1cbe669887bcd581ddb1
SHA256 2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e
SHA512 373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

/data/user/0/edward.org/files/PersistedInstallation6647920081516344294tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/FirebaseAppHeartBeat.xml

MD5 6b0d4301bcd718e8c73811806052aba4
SHA1 07e60b492691b6de47081c95c5310ed08c622b58
SHA256 9773a7a93bbf234f871bf7c526b945f3d1445b5102bac341dcb15a73207ddaa6
SHA512 e86d4b00cc84ba8e078bf945822318123637a0942e9f75c0e084eadc01f9feceb2a7746c380475f03e313d3fd29aedd3833d9dd2dc0a87baf92498e3a3e8b54f

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 171d94eb5f421167721397cbb438a418
SHA1 1566ca109930028dee73542f86cbaa6e934f0dbb
SHA256 63e63d599b97dc5a4f6c0429f3509c712304c982e144457ed7e33c07b76eb347
SHA512 b7362401e81c9084384119cfc5a1518d8d4e701da9674b5ddd3ba473b18a240cffb61ff58782395c4bfdf01e43b554e8c503c890546d1ab31c7fa58bad10749f

/data/user/0/edward.org/databases/google_app_measurement_local.db

MD5 89cd606d433241b0e400ec6e41988cef
SHA1 89b9c657f7f3fb4ccfb91cc80fc96e8856c48ed3
SHA256 fcba6384af560e501a3fae9ffa613d5f9d08484ae6c759bf54ae4178d4c2d253
SHA512 f79809217f10226f1a915adad15ff5d89aae50835c718a7ca3a9a25fa570f005c8b0ae0eaea767b68bb666d8128426be51b3fbad8e3b024a7f0f0302b14179a1

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 e73ca1ab2bdc39ec3c1cea2ed3360aa0
SHA1 dae18bb98573d41a982e9735fa257f891051983e
SHA256 5dbd3b961eccaa5d3831c3033da713a0f32db8e3c24c5fa8160a983bff34d620
SHA512 349a674191580edcbcf9e574caa30821507bc1fcfc01185b6e9150948ddf611a3f789274d2a3a1c41a9a15eafa1356e4489c1a221707db8df470e06708d1457d

/data/user/0/edward.org/databases/google_app_measurement_local.db-journal

MD5 37a51e39c82f07295ab2628610af2005
SHA1 933eccd13f2f5ebe2acaa4ce4b3d360e54042641
SHA256 de36a70ce469445c646f7f3bc8180864aae25e35331c5b6cdda3c3aa80d09c03
SHA512 a82a2697680e99a9f0ecd771a56bce85eb9e330b0ae90b6744d82ac76c3720756b08620aa13537d5add19519d06eb7fc9f15142ef49015632fb4ecb2944eb7ff

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 18cbd82a73c232466a8fcd6fad5ddf98
SHA1 862d78155fa236956f048702625ff0dd89d613ff
SHA256 b1de27398a401190c3c121ea72eaf26ffde1c6021aeb4fc636ccec0523f450d8
SHA512 c2a5088f5e5c471d98819a066ddab2c3e884ccaf8aef83c10e15c87b36f689a5ee60f2aeae0d6409b16b3481ae1512a4f35f5c50398a087049b52a0d1a50d94e

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 3b57558ca44d57fbe7331a33b19bbbae
SHA1 b9462353d43cdac5d6a6f790a7db6d5647f0c19a
SHA256 24b221d473effd92600e9dd2fe9e2196610419450249807b1343fa479a9d60cd
SHA512 b0ef8c38a17fa037d4415c7f6e18d5a73a896931d4fda61b082a84070b24fdb96241d292f0d379e846fd3f5b6af7c08685fb481e3b71d75e20b15c7fe490f7cc

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 441fab2c488f6234b2324ac2efe85270
SHA1 fe26994800c96fec42d0c60f4e73705b4ac39586
SHA256 acd62132d6b838ca87491e9d52436f53689cc03be58d2b467d260294f40967cd
SHA512 5b6d2833a806526994c4bb90517467b02c58772466ae35f1c28c4c43b4d6a0da4d077986f52b96f5cca7b6bf2647da24793441136595201043eb8c5f54228378

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 04b2eaa799475f95515314fb0cd1b361
SHA1 10172737c3652462715d42200630dc8012f96112
SHA256 112d925b21a731a380a783378fa43b1442c4fb0035f95275171fef04d79e656d
SHA512 7d9352c1186f1fc02a663e63832231f81ce95d4774d55923811e9b8441df4ed1aee03c149c5dbd45d2c943ddce730de84436b7762bc629d3c982fe15c010d654

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 8b48d919a294d0d901b8ec9190a957a7
SHA1 4c2df60d505e68f4f9e0bc891848bec6649e140f
SHA256 adb939da0ac9cc8dd239dd929b76dcc15edc14cf62af50b6230892c8c33aa513
SHA512 8f1aaea5a8df85c78f163e9fe4884c050dca17eea1e0b2d5a517219cb7954da4e1e72c07e132e231e87f6a1fce0c7b2c049c22e041e67dca74ca8ce092ada0b1

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 5b0a45606e93800da5ccfd312c15fa20
SHA1 d2da0916c2b82071d7833f46a3797ed52a043562
SHA256 e4e6e1a89d40d584c9f3e8e1294a6c7dd2c5044ad7e44ecfe9a39012fc52591c
SHA512 3635967a159a850c9e8b3c5fc47cd70e84ca18b7128fa6dad48351213aa184d0896550965c0377ce6a68b593b92fb97e1631791a444d79bd27a80ae47bb478b2

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 c13029921e265d900aad961c11ac587d
SHA1 586e1963d7bf86d854f42c445aaddaef6fdf69f9
SHA256 fd83aefe1080a506bd5996ef1258e8e198f5264877474c23ed26d93c27f0566a
SHA512 094fdc5cce3ef036b6aa3f69770d80fb54cda3519c1f2f1fb96b64d59bca75fe9fbf9d5e202ecb9538eb8bc796a27ba9d83b9ef268e5021f94d28f8aecec2948

/data/user/0/edward.org/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/shared_prefs/WebViewChromiumPrefs.xml

MD5 21223e9184445fe043476484cd8cb1f9
SHA1 2b4813f849121d60ba35eb0889080668bb62c778
SHA256 bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af
SHA512 be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

/data/user/0/edward.org/app_webview/webview_data.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/app_webview/Web Data

MD5 dc79f9ce5f3ab5270b33e61119dfc959
SHA1 1844bf222a5144b513dcf2fb50a18c011701c647
SHA256 47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65
SHA512 18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

/data/user/0/edward.org/app_webview/metrics_guid

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/app_webview/metrics_guid

MD5 ea1e8d0c0b03746dd3a24edaf5f413f1
SHA1 15ba78a78a0c8e12c61197d55bab4c373a4bc57c
SHA256 e3c76d0f2eb89fb5a0617cbb19cddd3f49836cd9e306840be91f3610231c996f
SHA512 f65da33e3945e5993bab6e06135beb6e664afca44706ce534645df6a98774dc25753b2d5638d67c51e4fd36faf3980933c47ed75032800882bf57b4876c9f3c0

/data/user/0/edward.org/app_webview/Web Data-journal

MD5 647f18e8719281cc9462ed77e479a331
SHA1 1703ee55ba58946d5a80bdd5fd7319d3b635d87d
SHA256 a06fad957f88c08bb1d9c87a3741150fa24d69172274744f440c86e4bd7267af
SHA512 0c482a1cd25e6c927e9c265e9f1d0817564f175723695fb7639d26fe8ce0cd65b41830c43fe6526e85602920f1d3925eca0b2976f9e0f56aa4e1a2f533789680

/data/user/0/edward.org/app_webview/GPUCache/index

MD5 93027d42b314432c4216e6cfca48b384
SHA1 43448dd8102979c3926828182579691945eedd4e
SHA256 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c
SHA512 a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

/data/user/0/edward.org/app_webview/GPUCache/index-dir/temp-index

MD5 a854770f185f035d91cc416a67f96308
SHA1 24b313ef011626cc82e5be0e371ada42b4632351
SHA256 52cc46306eb921c638f8909ec6370fc8f9d4bd41e7477bb10f862762eec31e48
SHA512 65ea4943cf47267b5d838ccf1dcc5137c50ab00729034d2ceb34e759aab7c0aa12e2751d5b1ed36359f13bd991e9a7f154bb22936aa5c8646add42362d7e3568

/data/user/0/edward.org/app_webview/Cookies

MD5 cb7543c4df600f2af58097cce0e334ba
SHA1 83cc92f38c27fdb4fa519b1ce2f37912f24af1f0
SHA256 64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233
SHA512 ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

/data/user/0/edward.org/app_webview/Cookies-journal

MD5 b24b185d3ef2ea857112e35c8b9b0642
SHA1 27aeb44d090715df1292c1c6b3e81c015ada1923
SHA256 2cefe0d5d7a6adf49ee440727ab74d178d368937907657112966ebb259f78485
SHA512 323d5a1686c9574d1025befee0836ab8bba16404909ba804655b9d869206110425954f9ac9787528cdc535658580cf7897c4282a29a5f068b9b44f235ceb6ce5

/data/user/0/edward.org/cache/org.chromium.android_webview/index

MD5 93027d42b314432c4216e6cfca48b384
SHA1 43448dd8102979c3926828182579691945eedd4e
SHA256 3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c
SHA512 a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

/data/user/0/edward.org/cache/org.chromium.android_webview/52cb34486bde504c_0

MD5 d60e4242405f1d03b4a77640320c2cb2
SHA1 01899ccd15227ae0148309a87d3953113ff912bf
SHA256 c148ecde85da7aa2689647e15112654f15dc0cabf8e687a8feec2a7fa239f208
SHA512 c6cd9ff48553d9044cd9d471b799a1c1bf8d1a49f73f669642713d7215b6b2657cc3e45f396ab533feb7ef8b1cb1d304930a303ead4e62bac2f09060066a360d

/data/user/0/edward.org/cache/org.chromium.android_webview/index-dir/temp-index

MD5 0607518e84357abff977d67fdd4c3c6a
SHA1 12852e3ca6dda42a98067a6f3df81dd8d2d8dbc9
SHA256 c30e12fb8ae8e62909dba9d18420dcef2b6897e7c52a666562df138e4837e48d
SHA512 5ad0d8b245d11e6d1e088da11879f224f51ffad3a61a762fc04256613923a0e5c4ed8d27bc2f02070aa4cf1b963c8d389973c2e55177a5f0a303b9718b77b114

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 162a633a142d241f49b723bac11d001b
SHA1 334825c29e45f1861bfe34909abfe80843594a25
SHA256 bb70c77918a23dc82b394bef6d8d7d094a4ddf52aeafba69bcd9ce5b031c0f01
SHA512 4ce9cb8b07d971f48bef84d0f79f6da541f81962470deec18cfa70b7b8cfe4f16e22eeb9c31aff3b1945995abe30c87565d1df0f0410d116f98d4394a6e51cf8

/data/user/0/edward.org/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 2c362025b7add88daf7d41e40590695b
SHA1 b1e21233add9164f2179ba94f4b4f25d5c5ceb2d
SHA256 1869cb2e7a155efebcbe89e8f840fe2417865af73ed806ef854ef328444fbdac
SHA512 5c6e6d2487de2d99d26de81998e75e3f676afcd3d74a24d3cfd86400e5625579c8e81688e3c952fe2a14402370a0d88d19b73656568a3864b52730bc5f282bf7

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 8472ca9db9a712971512ed9875ea840b
SHA1 3fb4fa2f00ac81174fd20b1733f6ffe10d3ce73e
SHA256 c32bc92fd25f266c3e6943a7e01a6bb998babb4da4f05084d0eef9745a64d5e1
SHA512 56a0aa2afa8d597736fc64ecbbf421d07c9badbff26b5c670197087a6a134aebfdb251485b2db8e16c115a11676b707b3ce162a8f819d2b877dceac56e7dad17

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 918bacb3c83f0de98082802204e1524f
SHA1 f33929d0dc16c17d30592854b644bc198b0db817
SHA256 7567c42b1bf929305c1df177e608411280fc490e7fddb96ba21596ad404d353a
SHA512 56c4fc4f807ab91ae6eb442d0ef727f9f12ef99b49c215a40900c29668d10b050ef1d2f490250aa8c174623d48a96da6d91c049c6d8251436b7a704f66feb0bd

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 b75b853a9bb676422de804f1a0f6a3de
SHA1 ec672d6bf551a21c80aae4136f6820632aa9e0fa
SHA256 a442818a7f66d821b52c65cf4045e746facfffff32ed3228efea60e20afdc343
SHA512 b709c42bb153a32c8225efe5984af8a90209d832da34898277b97a3d27c4b8db004f93b73b0181b029c3c25632e349c9b2e41517d1a5ef6901f4815473c25361

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.appid.xml

MD5 a846dab94b997a292c0fac3d70ada226
SHA1 9df88bd1c1fcca300f7817954d50f189901340aa
SHA256 2a703395f0e95d474288253e383be373afdb892b6a65d70814d4b7eefe78216d
SHA512 126765a899bb5f49d8f7ce1709ab553b967b41c48e61f21c5aee2fd538709e7c5c52fe3871140da743a35dd3e22d3a4b8295482be072c914247893a0fdd4998a

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 0fc70c135fbbbc7a3dafbe8c8a165ce3
SHA1 c79f5fa789e026558de45897597011a53c1bec74
SHA256 857d13cb0e00f69e1f587e32f906e618eb04ba75ae0a2246082604e22f69607d
SHA512 349a68d297e0fd6486092973f97dbc3a3e962dd4ebf010601aae77b2eb5e7a86dc6aacc82654092ed9e5a5723f6a4274a9f12c0d93627bd9fc98ea77218cfac9

/data/user/0/edward.org/databases/google_app_measurement_local.db-wal

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/edward.org/databases/google_app_measurement_local.db-shm

MD5 7dea362b3fac8e00956a4952a3d4f474
SHA1 05fe405753166f125559e7c9ac558654f107c7e9
SHA256 af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc
SHA512 1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

/data/user/0/edward.org/cache/org.chromium.android_webview/index-dir/temp-index

MD5 b438a7db759b4495fb0d15fc24f4505b
SHA1 ff002bf2ebaccf9144eac650e20bf79f64168570
SHA256 b03aa0776e01d0159ec46db5d2a7677682cde23d4a5b4702130dd80b9e2e4d1c
SHA512 4ab1a4f22543181d35c30277cac1be50636295aa845b130f77820f2b8b9f0788d15cfa3893e1dab2ca23b2db210a0d15011568c063f0f1856a774a650f199185

Analysis: behavioral2

Detonation Overview

Submitted

2022-08-20 21:48

Reported

2022-08-20 21:51

Platform

android-x64-20220621-en

Max time network

159s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
NL 142.250.179.168:443 tcp
NL 216.58.214.14:443 tcp
NL 142.250.179.131:443 tcp
NL 142.251.36.42:443 tcp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
NL 216.58.208.106:443 tcp

Files

N/A