Malware Analysis Report

2024-10-19 13:14

Sample ID 220821-y8d8wsebek
Target سکس چت تصویری.apk
SHA256 dfd29c61f2ee309f42f856edcf3940373ccc7067c8e675651f08381dfe00c241
Tags
brata
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

dfd29c61f2ee309f42f856edcf3940373ccc7067c8e675651f08381dfe00c241

Threat Level: Shows suspicious behavior

The file سکس چت تصویری.apk was found to be: Shows suspicious behavior.

Malicious Activity Summary

brata

Brata family

Brata payload

Acquires the wake lock.

Requests dangerous framework permissions

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-08-21 20:27

Signatures

Brata family

brata

Brata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to send SMS messages. android.permission.SEND_SMS N/A N/A
Allows an application to receive SMS messages. android.permission.RECEIVE_SMS N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-08-21 20:27

Reported

2022-08-21 20:30

Platform

android-x64-20220621-en

Max time network

134s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
NL 172.217.168.202:443 tcp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
N/A 224.0.0.251:5353 udp
NL 172.217.168.202:443 tcp
NL 142.250.179.206:443 tcp
NL 216.58.208.98:443 tcp
NL 172.217.168.234:443 tcp
NL 142.251.39.110:443 tcp
NL 172.217.168.202:443 tcp
NL 142.250.179.195:443 tcp
NL 216.58.208.110:443 tcp
NL 172.217.168.202:443 tcp
US 1.1.1.1:853 tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2022-08-21 20:27

Reported

2022-08-21 20:29

Platform

android-x64-arm64-20220621-en

Max time kernel

3256412s

Max time network

161s

Command Line

ir.shz.shzkisi

Signatures

Acquires the wake lock.

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Processes

ir.shz.shzkisi

ping -c 2 -W 10 -v google.com

Network

Country Destination Domain Proto
NL 142.250.179.195:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp
NL 216.58.214.2:443 tcp
NL 142.250.179.134:443 tcp
NL 142.251.39.104:443 tcp
NL 172.217.168.194:443 tcp
NL 172.217.168.206:443 udp
IE 20.238.64.240:443 uklivemy.cf tcp
IE 20.238.64.240:443 uklivemy.cf tcp
IE 20.238.64.240:443 tcp
IE 20.238.64.240:443 tcp
IE 20.238.64.240:443 tcp
IE 20.238.64.240:443 tcp
IE 20.238.64.240:443 tcp
IE 20.238.64.240:443 tcp
NL 172.217.168.232:443 tcp
NL 216.58.214.14:443 tcp
NL 142.250.179.170:443 tcp
US 1.1.1.1:853 tcp
NL 142.251.36.4:443 udp
NL 216.58.208.106:443 tcp

Files

/data/user/0/ir.shz.shzkisi/no_backup/com.google.android.gms.appid-no-backup

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

MD5 22bc23510587ba75ee905db12e5898e4
SHA1 4a73b87156a2ac11dedb1c1a1be33df34d0adbdf
SHA256 655887a0377b3442597bf57eba414661b64a8ae93b443f007dd53d37ca056844
SHA512 04d66d235963f2ecd8653f0a827c6c253748e5336004f123352b0731d803a034a3df2b46cb6d25b6170f00a803caf5da61eef9562b90057f31a2885ea2d21cd1

/data/user/0/ir.shz.shzkisi/files/generatefid.lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/files/PersistedInstallation3965345417231010705tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

MD5 6ae83d90144941d505e7c709b8fbdd63
SHA1 5de3bba7da52f82b3d54af2922a9e56d1006df50
SHA256 9e0753dbc948c3a10af16eba3ddc00d241b879889ef13a4afe3f6e89cb2fff42
SHA512 87a0415ae11b41e89f2f7972bdfe6ec022774bde3fb0b54381b6ee38f3413479775d182dd88a1d0b8d4cafaadc8bdd1364f6d33c10e3d377fbccff019ead2bbb

/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

MD5 7e4da88fb37c594ee20d52b46c460e9d
SHA1 23eedf89994c8d07bf1c03b23e4686d42f2a92c8
SHA256 62db69e75ac61656c65ead018ad5240f8b390300efc055bcd6bd6ee3d9a14d5d
SHA512 20c129d00bab2eed3f6a5314a611e9df02d7e41d933eb175959f47e217e911607866ab5398995f9e0eecb30e863f4ab1d30b2d327a7ae28af16c60b6fb2c070d

/data/user/0/ir.shz.shzkisi/files/PersistedInstallation3491374932870776294tmp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/shared_prefs/FirebaseAppHeartBeat.xml

MD5 622ee699c3c24c3ae31676e05a6d64c0
SHA1 e4970a824ff209d467c3b54f6d20f8f5cb71be01
SHA256 df2b3abef6e9cff9b278b28d0b5c8f2a65cec31173818fe0923a89cfa3159726
SHA512 02900a6968691d078a0f3d8c8be682211e0a4e49951aee6f7e2ca3d30467dc0d403b162de856cb854704858e2a17f5069d4d234efb12f83cc48be059cebb2220

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 250b4caeba60ddf53228405750ba66ca
SHA1 422ab714feb34e9f3b4f1cbe669887bcd581ddb1
SHA256 2478c97a377db9ce6a44977b4864a40af8b4f5e5c8f81892c424a608ddec911e
SHA512 373750c29942fef90281109b6025c398d0f4ac62b58a984a3651d09f8c016440bc40f6bd84fb6d40acf8e48a553d4c1d22e01a95c40a41567c079ba9a338afdb

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 59c07bf78c7922bea0dd16959bc3fe20
SHA1 f3da38adbc24fa6a387c2f1a980837c9db0997bf
SHA256 8970ea3267c5de96bb4086eabe100be09f3c727843d00b5165f59ff294b6f542
SHA512 63ba97ccfc42cee8d512eecd58d953a58130808bd1531f0ff9a4c044df36082ad8755b850601c1113b4a2bd6ed9b244179bf305a0827330f9c68156342871f86

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 039413866f9a10a1cb488b30096359e9
SHA1 35d333557deb12ee593f506aab5b6729e31da039
SHA256 fbecaf50c7951c7dbad3be5943a447fc8d30d79664e63b1b6f24db5efe65b8a9
SHA512 0526861f885c26c9d5e705c2f8e0ab52df056c208df476a1c29d10dcaf180c8c5bbfba54a324dc81206092afc53074a5c3ae472801156c9e9f1737331382fd4a

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 90b32835141a655e856ec33d67765c83
SHA1 ec023c04a5fd9f22139eef1bb691301248517cbf
SHA256 e6c386b1f78bcf417b00a0a282f7199bf08f06a8e52429733dd8dbdc330e8c30
SHA512 38d334917f557b1572e83fd4179169052e42567b76bfb58c08a3a548e5a95ea6f2dee630c3eaca006930a1f896faa0500a8fc7e30ba633a20b7906240f42742b

/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db

MD5 8dfcfdcef5a9793fb83bda404ec3f42b
SHA1 dd02caf5757e9fdaf184ab299c45e4c92ab3ae4b
SHA256 a59674cc863d7e977b030c7047072dc4c6d5ada1257917574fe184d886042cd2
SHA512 e04d1892c052fc3766881d3f21e26961714e575766cb316bcada34cce49cf6e17eb26c3fbdee0038ed2c75da0a9cab99e0e3e78374be20ce2790cc0d0d9cd807

/data/user/0/ir.shz.shzkisi/databases/google_app_measurement_local.db-journal

MD5 f353c6569617399b05c1998c1c89d2e3
SHA1 d358537ab4c06976b0b03ac340ec0da4dc2aa7c8
SHA256 5a5899eedc480e6511821b92d2b4133a3d02cbfe36263b814caf052ce62904c1
SHA512 1d4868b8c5de6c67053b309ac41fd0c8d492a19bc3eeeb5126a035481fb33c704c186560208f2f1e31b1319670467499446e8c9b3ff702705396c442c9b49437

/data/user/0/ir.shz.shzkisi/cache/~test.test

MD5 098f6bcd4621d373cade4e832627b4f6
SHA1 a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
SHA256 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SHA512 ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

MD5 4ed70f46add99bdefa6d68ae027cfd33
SHA1 b6279c2ca7e4fb450d3eeb31ad96670e1dc2c4df
SHA256 50698340bcffa36e8e94c41d913a88e3ea0a9e84ee7825a11b2a757519486637
SHA512 9c8be3a7897475327cafa3b6f6923c886d7d36e1b1c9cd8d6505c9fc7dca706e5945e82d1835541ae27b54a7e333bb34faf14d684c6f14e6ef94e6b0d17d28c6

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

MD5 1507b54285c38fd1ff3c0e049fd226ee
SHA1 f024cf16de7396df16cd49dca5b81066e4274acf
SHA256 8dafea203950e91f1a0d4206f96ad155ade1088b7def88ba4ce71921c9661f0c
SHA512 7cc686b1ce32f7742c2b9bcd884dc5eafc18b44801dc092a7500dbc87c12a643377d2bd0e8b15040d547fca0d884932535c76a1e2b3c400c56880ddf9249e028

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 b31df7e24900225080c8dc8b5aae493f
SHA1 081943db5c0c7b2c8a8bb715b1043a8256f550d6
SHA256 d21e754633775518355ed3153231432c032bfe0e53e3faccdf8f433c80e299a4
SHA512 1e2372ef14d1ae4ff3d8220089853c75d8793d45c131889bc7a2cdba0b1da82851f08074577f70f017e9c1c440fe14287b8870d06a577324a1a973f2a9b212fd

/data/user/0/ir.shz.shzkisi/cache/1

MD5 8bfd3a5ad8221852d021cb7160a3e515
SHA1 532b211f8f9dd60d2a506801bb793fb9f01d60aa
SHA256 11b7a9428714dcd3411a23f7867bc655cb1ff6ecb57c00a2243eda6b723b1fd0
SHA512 323f079fc67822247ff573325bc98f24e61bb64caeda5bcf5fb179808b38759faa6d2924d6940a2416a25356b33168c8195a6cadd7326976242586a4ecbe3abd

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 a1cdefd792522c3dbc479b1804f3d022
SHA1 98223bcbb0853a03432a1cef90977a8aee750b51
SHA256 eaff2587ef162c7142633f9e7f4098d5fa5856152b21c95177f6c3061813b771
SHA512 c422ac0bb89027a3fa1a99654c26d7d123e6f5fd71ad167891d8f8b1f09e0239408fbbad284dea27a697520b108d55e81e63a1640a6d878dffa6bac33da28333

/data/user/0/ir.shz.shzkisi/app_webview/variations_seed_new

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/app_webview/variations_stamp

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/shared_prefs/WebViewChromiumPrefs.xml

MD5 97ccd9a2b2063143df56b6937f961ca4
SHA1 5e78a91ae5df289ce83443cb7d5589dd3504fb5d
SHA256 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd
SHA512 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b

/data/user/0/ir.shz.shzkisi/app_webview/webview_data.lock

MD5 aa1a6b5eb5a08260eb924d35d087127e
SHA1 5cc034cda8043273657fbc2f52beca5ae1228572
SHA256 69cecd1d75b5abd7f23f252a3dbac18879f6fd46b0dc8739f86344fe303dc1a4
SHA512 129be78c24c89b1fa0c428cd010795391832f12c55d748aa3974561f53938d472edd67a7558181db2a6eb43836e20729e5cddec43985cde2e5f921124b5bf502

/data/user/0/ir.shz.shzkisi/app_webview/Default/Web Data

MD5 a48cd9324b1f8754b07f00d863b840f3
SHA1 11c6614775b35a58f440971dfc87c8aaac6d6173
SHA256 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420
SHA512 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1

/data/user/0/ir.shz.shzkisi/app_webview/Default/Web Data-journal

MD5 9741f60339fe5e0c6c36250db7d11a13
SHA1 aa9441ca1c1d59ee2be16e5e2ec60bef37cba46b
SHA256 b5c9efe72465503d51645ae41b6ec08cc6e9f93e459f73f96200f649bd50d807
SHA512 5539728e38abaf86b1cc54d901f5e6e092542764ef7e301b641c01f124de317f9ae13f354a7f99943594764ba92679478ebe51ef4b6343bbc571ba199e2c244c

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/Code Cache/js/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/ir.shz.shzkisi/app_webview/Default/GPUCache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/ir.shz.shzkisi/app_webview/Default/Cookies

MD5 dfb2098ca7b3bf16d6f5f1e7d3839af5
SHA1 ebb7a8bc886062d77a4092bd306b77a0ce7a3e9d
SHA256 e4119d32577d7fc63b267cc23eb7a9bbfb12d238f23e08918c38838fe0181224
SHA512 fccec45399258eb98220b7f01b492a72b8b3d1254dec6e196e344d89a0376c6ee24534a31a6675c866d4a17256d3ac6823657eaf04e1d386757d0cbfc6597e50

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index

MD5 68dd64fe4db394a487c5910b9f71dfab
SHA1 33d7a2d7ca8b66b8c4c04d8c49a892e110bc4388
SHA256 3d42645ab491b6c298927cf0fc5edd6cd261334deb0a64926bd55db1ea05545e
SHA512 7417d0defd2db8845a9b8117172c68f17b7bf2695a1abc12135cc94e143f128b6968c5b61ab2075e5749866f7df997fd3c57fa3b4bfc4d087cbc2ee926e6d683

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index

MD5 6d028b5b567d8ad9a2f7684a7f5cb54f
SHA1 e6f2123cc256f7187bfc6e6d6935e382d9fbe23f
SHA256 b2ce2fc936e5ad6076617d865539516efba8444919e4000f5118882d6c5c4344
SHA512 56daafd81b6860a4cb44c3bb36c4d85a2ebb064326f7290a2098796ee349841e101f76586ee14118264dea111ae8046dd3af019ad57d81b3a022c25fc88ddfd9

/data/user/0/ir.shz.shzkisi/app_webview/Default/GPUCache/index-dir/temp-index

MD5 551621ad2635f24efa65fb8fbdfe0610
SHA1 6a427a9fd1bc9706a4e3e8078b7bfd4c55bbabc9
SHA256 9f6a58b746ebd65e1f245f7cc05c0bf18f8bfbc18d89f5a2d078e94952016695
SHA512 09203649fbdda31cce4021e8b25cba6c8c04705dcac1a4c39323a11ee1896c60ec68b6cebf5ec5ad7b3f9e97b6a7f2dc42318f8e5fed895219fc24d4bf795a75

/data/user/0/ir.shz.shzkisi/app_webview/Default/Cookies-journal

MD5 40abbbd28803378322997742f3bfcbc4
SHA1 2658e6b508237fe2e404f17498e0ece9d6e1d042
SHA256 a3a8e690f109b67d5d1abb467780f06ea081f99b5c11697f9f2e7c1a35878068
SHA512 f00f8eae24c07816b6999f622cc3daf7deb120a9ebeca78359cf12a6535b20a054fcee522a05f8745109de3edb8860f3706e7f8dd0e1b645601ecedead39b3a6

/data/user/0/ir.shz.shzkisi/cache/2

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/index

MD5 6d7d499960179766cd4261d12dacc411
SHA1 e6f8553b0015e12b23cc551afe98763f3b1c9bed
SHA256 c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182
SHA512 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/0dd69d8f1f212b53_0

MD5 70dc1f4db323e58092d6dca0c2b863f8
SHA1 c98822be8b8ddafc4eb0c56c8d37f7b5909a3c75
SHA256 e755962c5b4d0a6cd1f1f3464928a34cfd170d9ac72d8d57685ef0c906495d47
SHA512 edb287f229474b8aa977f8bd728240afa0c2d917c18090b720f22e74aba505348591354ddf335bb0b9e5804536db4d399855accfad709c2a1faf5f1d1d1a2f07

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 ae434ec19dfdfd7869d5d92387b0309b
SHA1 c3f472eda857ede803637ea4b26e32480b742a0c
SHA256 4e3151de3f4f236ae45ebceb3e7c2ae41538f06a4deb729c2c20e97ba025ae01
SHA512 13db9522f0e9bae4fd1a04278e28bec5c18f093eccc3794152aba11fab466a0c15a02aebbccbfd2a079fc03178d6ddbe2f9ddbca3b61978b6c60a9fd6e009926

/data/user/0/ir.shz.shzkisi/cache/WebView/Crashpad/settings.dat

MD5 bc9b6c4b03e05e2e2f8531cca34b2f20
SHA1 26e7ec07c941606c6886a9dc55ce50f0b0f7bf44
SHA256 e129ed9d711587255bcd236110632ed9f9cfa9d9fa847154d1411e3e837190fe
SHA512 628916da5c11a9909baba1eba751f3802194110443ad4d41b4449df346f14addba9e858d35c6f814cac141b961231cdbbcf032d34713701baccfd473e264cba8

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/e4c1a20ef8f46f28_0

MD5 d438f0e9f1df27c5e988a7efa02e9e5d
SHA1 1e63a0127a584b243886d584b89db7232ad818dc
SHA256 2fe5c14361aa5d53a470b433976551766f15f438f81d1ce7668aefe22daf1750
SHA512 6831085f8271930685616b50b2224974151fc6b43d5c8972c7a6ffc41f947f6e41cff9cb9a45ec44f1ebbb6edb66ab0de1f4ac5ed150272911ed97eb003387d7

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/2acb32e3e2460349_0

MD5 a2f20e848ead79bfba1f69d4f70133e7
SHA1 34ecefedbdbf48e0aa41d82febc14b2753660ec8
SHA256 8f8d885645cdca8b563f4487575e225f24014ec25c10afd838a39388f0131e6e
SHA512 0655f381a3c2a603231d566180aff7e27e35fc506191da63a9c1553c8c9c02166bc438695d2a090f59cdf4c3148ed081495a4f18903ade425137ad672aca8cba

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/6a71f3c63193f7e7_0

MD5 5030324b6538d027c7d42490fc0d8d40
SHA1 fd14819fdfefa6e021a1d71df344f87448c6a40f
SHA256 40bae7cbca5f44553e20db8b8a47f2b53ca2f6e0c7789007347eb75af5e27ff9
SHA512 882f1200726ee58f66b16b2f1063ed167f4315c4abdc767ff3a62ef2908d7085033d8ad54dd89ae39f40c77b8d307cb8b540d1eec4c02d68c0d4ac40a975551b

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/666f91ab5cebb5e0_0

MD5 2e15535f490afaf6c485e285da200e81
SHA1 7947d8eaef764dc69971af5be66dfd22ca90e6d0
SHA256 ca29a863ac0dd4630398f8341a7f39337185adad69cd661773e4ddeacf3de331
SHA512 13c8945ca152ea52130d7496394ef54726323b4a207317bdf8ba0f20d5b3b5ec4daf97ccbd0970679ba2a65bda09ce116ffe98f308ce62d33b0af98f07567e1c

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/8fd33f13c189ce7f_0

MD5 1158a48b1c364a2a340e623521eea5fd
SHA1 9ab59eaacad33ff7df0ef367e17f33061330baaf
SHA256 9f1d5765449ee9c977e5ab217a8e67913f8acb259f5a480b3ef6bf53bff51c19
SHA512 395487bf9b23b86814c68008d84207dba3a7d2d10f4b10a042462264fec5b5e6a1a59a85c0ff95034451dc9d6364bbc39367925812bd7db87acb42dc91489888

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/127a3db2bf749781_0

MD5 481067784ceabf5f623f36f609a3867f
SHA1 fd27db14a839e7833d8a76b43db67357fad573d5
SHA256 5a23b40e30bd42950a5a417c6476021a9323ea69d33d7f3a68720dfe5cc67d92
SHA512 09e09a1415c05203cf49bb51215f0f34a96b4d6df646f079fc082f6ea330e107d4e767fb8abeaf2a34ae071970898f85ba7421dcc2c5ff5cb24c9eb116623354

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/2327a81bd4048dfd_0

MD5 774710a34835faf32f5d6ee7c3a783e2
SHA1 94a960a512d640e625fd837de5e14b2b5274272b
SHA256 90ce713978f7bb6d0f87ccd6e32df0613d448df1fbe679fb6d78d2f79851b822
SHA512 2f658e69d433326b47b43281081781a1c7944b4ffae89be778d005e9a8106db580726ce9cdf82b1664cb5bea648b8fbf76360bcf5308c91e34b1121fb61936eb

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/45237f1ad7cc7e58_0

MD5 7b178ce0e059e33423596c9881e5202f
SHA1 7429e6cf16552fdc3415066daf7cf40ab766d4ca
SHA256 0d3a144032fd28294b26bd09fc45ec48c6fd755284d850aed702b19cb012b70a
SHA512 071206790105fb1e0e2768ffe29e29df67ed4595b9312c71452cd94a36e90aaa1adf0d063306868c27da2c834ddddeb1823f7dae889b44cdb048b6b08248bccc

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/dea877dc726c5b11_0

MD5 380a52d2d68ac0dcceb28620eb766980
SHA1 35aee6bbccf1bf0003ad087983aa2c575b73cd99
SHA256 fa66ab90acf83907d60a8a1ecae46c05bd035b5508263674c76044627e4242e2
SHA512 1bca84109b0bc145d97d9e73271a6cf990781be2ceb42af57a2063f7c19f458c5c390522692f5aae0bd0598eac5adcbe75c098fc1f5d24bf31b6c577d32a73be

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/0307adacfa21612d_0

MD5 05efe99c896690692bdd1d79680238c1
SHA1 601aec81ae278846b9aa4103bf4e62fefad4cf7d
SHA256 00afffbcaefeb5ecd989417e9c89f31df321c9a4737e7e418307fdd29c469d0d
SHA512 1776b1df6027d25fcf9e5c97f354c631b90b9a5bd5792055edea3c7ac9f99110d44b29d152a7f94d528dc6aa0d511f37f6547351337a07ab7d0636f3eb4261eb

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/32d2f3fb05864e40_0

MD5 aaaa04b690cb64e9af804f05ad8905e9
SHA1 1b06cd06e3e77c7682fc26c8701d7fb97084ded2
SHA256 c8efbe2ca13e53056927988ad935239340382a4c6b9bbcd264d1d28ec3fd3e47
SHA512 bc83c986a23d17b62e91e31cd1ab50f0cfb8db0bd4485308b7b1d254162d5b5fcaa5fe76b3e3b366d9ad000f2786d4309591f537896d558b7df0ecac2c3fb4d6

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/666f91ab5cebb5e0_0

MD5 e8825060030272581acb54a6c0350341
SHA1 290295349ff0e3714a15c520e07aaf617c9a52a9
SHA256 457c32fe2b08cf354bf9ab07a45eb7fd95f00cd845df10a2383b52e27c874ccf
SHA512 5054ee4af0728beebff763351be7fa00f83f3e8ac7dda3ce3fefafc06e2a68724e0180ef2bd9a795faa1c6c0d7260e093b804884f629081988aaaa491f91cad4

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/b06c7210bd0d7db3_0

MD5 cd46cd8cf1a8b7e944d6717c00aa18c4
SHA1 2e03f74891b76446566a71d4ac354f2471cb563e
SHA256 8497081faea4165fc8e344b0cdc80358a3875239c0df57fa115e802dd22ba952
SHA512 f840647595432135e2aada1602a321701a0359bf49aeb4fb63b61c06d27362596fde1095ce48eb647367dba0f46a55d1394346f16c8b935753fe168dce6b9a76

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/40172443107c651c_0

MD5 6ce5ca58fb1b1134c1f7936c26114a94
SHA1 78a8f89fb4a6700eb7362a8c1345025bc005c41c
SHA256 c131650e4e3507c08bbcc7f486b5c2c6e9a3b6837ab62ce1eb3c11c86a753440
SHA512 732b9a1e11ed26237b5ab1298bace000a394cfc86ba0802abaef2def78cf6181937921b705b8ec527911ad8fe16901159b9aba9a4312d07c5109d50efd51e4c0

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.appid.xml

MD5 76c0441787ddaf1f77705bca4882adec
SHA1 04516b3910f1120b07e8d54a26c6b80e055dc0b7
SHA256 5374eff34b1af972c6dc8dda2c8b75588b18bd412b78e44a449a840452d5ad66
SHA512 0ca5b59ae4ddbfb286a419e40c6b4a38a4d492337ca3c172054d4dce4575b8fa2c72e49ceac42106138ed9e79847d05ac0b70e2bf2bdafc3326b71f4cb0b802a

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/4d66fe03162a5b5d_0

MD5 624e00660f6ac1ea331b022663b026d0
SHA1 c7563603265c17cff0a0a15e64f5261734586c73
SHA256 7e408674e346d5417aa1c3ba4fda64fe4a50105a82f6cfe440050b6205727f77
SHA512 d11b4ef88ea3a893a0c9ef31da5fa2e3c74206a4a1c2d777bdf2eb0c3649c6efe155bed2f777ea37a37edc610d7a832637d82f7ac1ec2f4e08bbc77f7d3d0d2d

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/8fd33f13c189ce7f_0

MD5 48a317ad8b01aaa8e28ce391f2aea1c8
SHA1 129dc3ad0255fe8e5a9d4ffdc25eabd505b42662
SHA256 b1c32ce82f4cfc02a5cb4802d9dcabf9dc5c22d776c8f3e46b39b2806f2e3b73
SHA512 3f002977d81fd25791c30fc91d06b246a7c29768744a1b769335352322b3b9c0658e194dd2496faaad02b5efafb62c30b865f42009cd1069aed001bf7ada92b2

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/5c4a689f7101eff5_0

MD5 ab33690406a391493227f36ca3a91b7f
SHA1 8c1e0025fa4fc50958983a2279d3d93f9ee9e7f0
SHA256 477d9f350476a2840baf5e1636f2f67b9b85bde38f04c073530bd0914d0cc807
SHA512 0833282034fafb96d66765b2bd8dcf746920cd20998a1e05b8329eb09970ac2b1c3ef2fe1a412720bd5d873f828a91c076da1776a8f0faad82280cfc783be847

/data/user/0/ir.shz.shzkisi/cache/WebView/font_unique_name_table.pb

MD5 f080fa2a56ab5479d58063e5ea871447
SHA1 4b3fd57a98916fa5784305b76ba30af26b5253d9
SHA256 0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815
SHA512 8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/deda4e79fb912bf0_0

MD5 f8e06921b78a4afb695ef37bc0a1f23c
SHA1 b558fe6d5f830877fbe6b4eed545bd44e34cc5b7
SHA256 bd5330688ab6332e8bb455569f8d84458a2a05fef9015d3eb8686477eb7fa199
SHA512 2d5aa8353e2032330075c059b1458f1b8ffd622fa63d797d2ed22e468d6404729d2396c4b43c8c62bfb9a0cb28a5574d5db59cdeec0ed83e1d37112acc2f9cad

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 cb8b11b54e40d7f8476a2d91a8c5422c
SHA1 d9499656732e58ccf8122012708e98d750ef80ff
SHA256 852f25f5b7da3bddb7f45b55d850734621e88f7f4e264d26e5414bb47861ce56
SHA512 d4ecd7aaf2e76bd44607026a49880869f3c498143b2d9c11ce1220f48b83454e2aefa4ee495cee8c69c0f3fda6ef21326aceef17385dae245d70cfffa1324e02

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/513701daa9e4476f_0

MD5 130cf002a3604f756c681312f9b156af
SHA1 88ae0eefa97a5f0bbe300810b267fd74ecf0c81f
SHA256 197359fca18339433de011498cad8965d2e727872562a0c7feb419a205282b2e
SHA512 8d17d4607237402f1eada33debc559abb5059787699c781039e1f3137c72e2f8a44b060478b111a1d80dc339db4d1732f14f6657ab0b54ee7137b2d3247eae57

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 69fc83ff10202ad6b54325b4bc610e57
SHA1 e8f591e8c44d7a99a12b8f252f8dc6a32220fc4b
SHA256 5ec166e2ad10fe5617dc28958ef8144597409fa4b6b8990324184f191a838d37
SHA512 0929c7f6222d56dbb6353414a1b7479ab260e2872a1ae9458e347b4f6351feb0c4c92b088876345c5526f4665ace261dfe891ef2bb105552bedb09a4a138b836

/data/user/0/ir.shz.shzkisi/shared_prefs/com.google.android.gms.measurement.prefs.xml

MD5 bc7c92cdc0a2f0d35c12f8f58ba9c75f
SHA1 c19164c377e155b89ee4c58aa057cce474a6b2d6
SHA256 32fe772765ac925993daeb0c00e5696a7d5b117246569fb0271f5abad1830ac7
SHA512 5e18ce396267c3677db716cd369f19b0afb53c2340e7c5c917c8ee77c892db97f13bd41adb0c41a36d8a7dfebf436a0b7f7cd9d1cae354b2b60cbbcdbbc8cf7d

/data/user/0/ir.shz.shzkisi/app_webview/.com.google.Chrome.rdN8me

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/data/user/0/ir.shz.shzkisi/cache/WebView/Default/HTTP Cache/index-dir/temp-index

MD5 d137cec0080aa893494ef5590993a25d
SHA1 6f9840686804870a36a787f337ba2368a1be0068
SHA256 252b08821e9da8aa9a27b6d45985b35e8558446169598dcdf7ab7b3ef32eff54
SHA512 1c2a5c443b3b4b544df324925deb864ab6a068df9ab8c7173cc326143cc194da73f3120082523b04e4a031b5a75711fbcb4d2631bf77d37082f6114385e5e3df

Analysis: behavioral1

Detonation Overview

Submitted

2022-08-21 20:27

Reported

2022-08-21 20:30

Platform

android-x86-arm-20220621-en

Max time network

157s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
NL 142.250.179.131:443 tcp
NL 172.217.168.202:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
NL 216.58.214.2:443 tcp
US 1.1.1.1:853 tcp
US 1.1.1.1:853 tcp

Files

N/A