Analysis Overview
SHA256
a24cf4785dfaa3500f54a63126165e74f5cd20f3a3fb1b6dfc3bbb677b8584ce
Threat Level: Known bad
The file oSiNT_1.3 signed.apk was found to be: Known bad.
Malicious Activity Summary
Spynote family
Makes use of the framework's Accessibility service.
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
Acquires the wake lock.
Loads dropped Dex/Jar
Requests enabling of the accessibility settings.
Requests dangerous framework permissions
Requests disabling of battery optimizations (often used to enable hiding in the background).
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-06-06 17:15
Signatures
Spynote family
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to record audio. | android.permission.RECORD_AUDIO | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call. | android.permission.CALL_PHONE | N/A | N/A |
| Allows an application to see the number being dialed during an outgoing call with the option to redirect the call to a different number or abort the call altogether. | android.permission.PROCESS_OUTGOING_CALLS | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to send SMS messages. | android.permission.SEND_SMS | N/A | N/A |
Analysis: behavioral12
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
9s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | growth-pa.googleapis.com | udp |
| NL | 142.250.179.202:443 | growth-pa.googleapis.com | tcp |
| NL | 142.251.36.10:443 | growth-pa.googleapis.com | tcp |
| NL | 172.217.168.202:443 | growth-pa.googleapis.com | tcp |
| NL | 172.217.168.234:443 | growth-pa.googleapis.com | tcp |
| DE | 172.217.23.202:443 | growth-pa.googleapis.com | tcp |
| NL | 142.250.179.138:443 | growth-pa.googleapis.com | tcp |
| NL | 142.251.39.106:443 | growth-pa.googleapis.com | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
14s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | growth-pa.googleapis.com | udp |
| GB | 216.58.208.110:443 | tcp | |
| GB | 216.58.208.110:443 | tcp | |
| GB | 216.58.208.110:443 | tcp | |
| GB | 216.58.208.110:443 | tcp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
13s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| NL | 142.251.39.110:443 | android.apis.google.com | tcp |
| NL | 142.250.179.170:80 | play.googleapis.com | tcp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
14s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| NL | 142.251.36.10:443 | tcp | |
| NL | 142.251.36.10:443 | udp | |
| NL | 142.251.36.10:443 | tcp | |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
14s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | growth-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | growth-pa.googleapis.com | tcp |
| NL | 142.250.179.202:443 | growth-pa.googleapis.com | tcp |
| NL | 142.251.36.10:443 | growth-pa.googleapis.com | tcp |
| NL | 172.217.168.202:443 | growth-pa.googleapis.com | tcp |
| NL | 172.217.168.234:443 | growth-pa.googleapis.com | tcp |
| DE | 172.217.23.202:443 | growth-pa.googleapis.com | tcp |
| NL | 142.251.39.106:443 | growth-pa.googleapis.com | tcp |
Files
Analysis: behavioral9
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
11s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | growth-pa.googleapis.com | udp |
| GB | 216.58.208.110:443 | tcp | |
| GB | 216.58.208.110:443 | tcp | |
| GB | 216.58.208.110:443 | tcp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:21
Platform
android-x64-arm64-20220823-en
Max time kernel
2444909s
Max time network
328s
Command Line
Signatures
Makes use of the framework's Accessibility service.
| Description | Indicator | Process | Target |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfoByAccessibilityId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByViewId | N/A | N/A |
| Framework service call | android.accessibilityservice.IAccessibilityServiceConnection.findAccessibilityNodeInfosByText | N/A | N/A |
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
| Description | Indicator | Process | Target |
| Framework service call | android.content.pm.IPackageManager.getInstalledApplications | N/A | N/A |
Acquires the wake lock.
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /storage/emulated/0/sysdata/sysinfo0 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo0 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo1 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo2 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo3 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo3 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo4 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo4 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo5 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo6 | N/A | N/A |
| N/A | /storage/emulated/0/sysdata/sysinfo7 | N/A | N/A |
Requests enabling of the accessibility settings.
| Description | Indicator | Process | Target |
| Intent action | android.settings.ACCESSIBILITY_SETTINGS | N/A | N/A |
Requests disabling of battery optimizations (often used to enable hiding in the background).
| Description | Indicator | Process | Target |
| Intent action | android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS | N/A | N/A |
Processes
com.oSiNT.Dev
ping -c 1 -W 15 soon-lp.at.ply.gg
ping -c 1 -W 15 soon-lp.at.ply.gg
ls
ping -c 1 -W 15 soon-lp.at.ply.gg
ping -c 1 -W 15 soon-lp.at.ply.gg
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | soon-lp.at.ply.gg | udp |
| US | 209.25.141.181:17209 | soon-lp.at.ply.gg | tcp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | infinitedata-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | 181.141.25.209.in-addr.arpa | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 209.25.141.181:17209 | soon-lp.at.ply.gg | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 209.25.141.181:17209 | soon-lp.at.ply.gg | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| NL | 142.251.36.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | infinitedata-pa.googleapis.com | udp |
Files
/data/user/0/com.oSiNT.Dev/shared_prefs/com.oSiNT.Dev.xml
| MD5 | e0ae18ee51f8080061f538d00a4a2b1f |
| SHA1 | b39e93a0da5a827e9154142070e5eb93eb2a6314 |
| SHA256 | cb60eb5f68387d91f47eecbf64f465400f1d0dfd29dca34c2f7835a381f2c1ee |
| SHA512 | 646b099795a1e9232a3548f78cd3e0025695f2cfd002cb9eae73c0ce14c64dc253ad3ceb7dd53e6289b38b5f556ed511c103e99c197c0685f80361aa0d97c96e |
/data/user/0/com.oSiNT.Dev/app_webview/variations_seed_new
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.oSiNT.Dev/app_webview/variations_stamp
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.oSiNT.Dev/shared_prefs/WebViewChromiumPrefs.xml
| MD5 | 97ccd9a2b2063143df56b6937f961ca4 |
| SHA1 | 5e78a91ae5df289ce83443cb7d5589dd3504fb5d |
| SHA256 | 248ff7928128015b1cfe3e6517c8f9b8c9511bfb8c8baf44fc1370640eac61fd |
| SHA512 | 86c05a5bb3d7eedea390664796966e9e5a5bf846c85808da54407788a76b3ee25b91428242a1e76d8765bfe51e1ba3636617fbab6e7dbb39fcc433e07c3fcd3b |
/data/user/0/com.oSiNT.Dev/app_webview/webview_data.lock
| MD5 | 81f31da889868a1e9d6f0090d3ded195 |
| SHA1 | 6836e53aee8ff707023d04d2572a1454119604e9 |
| SHA256 | 398c1c24d9b314d62849caade245ccfe11ca4750dc9794c21c1d27f4a31ef2d0 |
| SHA512 | 028bfde31ae21ca637c5a86bcdc4ab3598e5086c5111f430dc0738f3aa01e5b673101a6d58a35991748cb83fe01e266af8f37d78cd5612927727a9874a30a698 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Web Data
| MD5 | a48cd9324b1f8754b07f00d863b840f3 |
| SHA1 | 11c6614775b35a58f440971dfc87c8aaac6d6173 |
| SHA256 | 8859a216183793485d4699bf69d7ed96904679834188d07b9a70424d47eb1420 |
| SHA512 | 35fa712f0af4a5eeed7e00e4e59ed5027dc6609d268462fe79d92043be9ae0c5961ce9e1d2f64b1a196c9b6aa6242b8b83817b3ee4c1058596c58a99c45478b1 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Web Data-journal
| MD5 | d813cabec33b5f9066b5fc68f3820db3 |
| SHA1 | 522d0b09528afb43ed731671e7f13d3c2e84bd79 |
| SHA256 | c72e0eb4a43f8f222634fa8ffeed8eba7455665c1c886f8dd545522a65ea6014 |
| SHA512 | fe5efafc00f4f03a9a19bc3c5be161b0e14485ffa88d3cbc985fc3f7855648dcd22a48f6d674feb4c01532cceb2fb7730f5ca59c4dae27214f85b23eedb29fe0 |
/data/user/0/com.oSiNT.Dev/cache/WebView/Default/HTTP Cache/Code Cache/js/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.oSiNT.Dev/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/GPUCache/index
| MD5 | 6d7d499960179766cd4261d12dacc411 |
| SHA1 | e6f8553b0015e12b23cc551afe98763f3b1c9bed |
| SHA256 | c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182 |
| SHA512 | 6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/GPUCache/index-dir/temp-index
| MD5 | 8b7ba61cb5d4d0dbf9c113efbe10eef7 |
| SHA1 | fd5e3d38e3e46ed3c99edfc88a0e3167163eb319 |
| SHA256 | 0814dd3ca66f37a82b7d77e18b04477812c8736c023568ed7f114d1d11203c14 |
| SHA512 | 4bc2a7c0c41ccdf802485312cf335de300b465ecaba7451b3bb21f8dd74c341215d3f1b42a784ca7a22fac39f7c906c965cdec3407746578e02c07a3d59ead87 |
/data/user/0/com.oSiNT.Dev/cache/WebView/Default/HTTP Cache/Code Cache/wasm/index-dir/temp-index
| MD5 | a7fc465e8ab5aad2bc0d6de42bc17502 |
| SHA1 | 81980b9cedc0089a539c62ff7dc03cbf1822303f |
| SHA256 | c970e4a8f94dc58089488fbaf0f2d4a76a4a5cb20990ebc11dca8942098bf45b |
| SHA512 | 5abffd364a4118656bb8ee8e167e86206861a15c5a5d3a680e28632be1cd26ebaf9fddbfe1d4bf5a85c85c9ae684ade1aea546171e829a4d74779c65c516b525 |
/data/user/0/com.oSiNT.Dev/cache/WebView/Default/HTTP Cache/Code Cache/js/index-dir/temp-index
| MD5 | 1dd5fa7f1fe2385887ec2c66fdb5d9ab |
| SHA1 | 17801f887275080df6217c294f1a03e387fec362 |
| SHA256 | bec0614b01dbd30e30fe6a2223756aa5418d5cd8698c1b2802202728b24e9e08 |
| SHA512 | 2e15baa4c094fbb52bc54f9cb972ef7ceaec99c5f95ecc57093040e512c260d4d0451869860bc9492962a9490bb6b25dd56ce688daa249c07d2fb9e966ac7161 |
/data/user/0/com.oSiNT.Dev/cache/WebView/font_unique_name_table.pb
| MD5 | f080fa2a56ab5479d58063e5ea871447 |
| SHA1 | 4b3fd57a98916fa5784305b76ba30af26b5253d9 |
| SHA256 | 0aa374bc456330fd1b5daf18d25b4bb8e2df1998dfa85466f2c31843ff56e815 |
| SHA512 | 8aee3186a95b389d39882620b7c4199a29aa50580aa98a381b2931a934de6406943c89d4d00ebeabff21e2b03b4a4adcc01e37e32a2335c4838be24bdbf61936 |
/storage/emulated/0/sysdata/sysinfo0
| MD5 | effbc10b41f027e5c2130835d524c99d |
| SHA1 | affb65361d7a36d00e402ad869696578b5ac3259 |
| SHA256 | 566fb91b6bf186c05c4ec051aa2e2802961cbb158df24a8fecaa0678febece84 |
| SHA512 | b2ddd0142a80663097e9b71d8d654d88382ef8f765c92f0c8fbf600f1174cb1b1e9e61088f954e609e6d2402fd4750b88945af7c1080018b991f2e6e6d9ad52a |
/storage/emulated/0/sysdata/sysinfo0
| MD5 | effbc10b41f027e5c2130835d524c99d |
| SHA1 | affb65361d7a36d00e402ad869696578b5ac3259 |
| SHA256 | 566fb91b6bf186c05c4ec051aa2e2802961cbb158df24a8fecaa0678febece84 |
| SHA512 | b2ddd0142a80663097e9b71d8d654d88382ef8f765c92f0c8fbf600f1174cb1b1e9e61088f954e609e6d2402fd4750b88945af7c1080018b991f2e6e6d9ad52a |
/storage/emulated/0/sysdata/sysinfo0
| MD5 | effbc10b41f027e5c2130835d524c99d |
| SHA1 | affb65361d7a36d00e402ad869696578b5ac3259 |
| SHA256 | 566fb91b6bf186c05c4ec051aa2e2802961cbb158df24a8fecaa0678febece84 |
| SHA512 | b2ddd0142a80663097e9b71d8d654d88382ef8f765c92f0c8fbf600f1174cb1b1e9e61088f954e609e6d2402fd4750b88945af7c1080018b991f2e6e6d9ad52a |
/data/user/0/com.oSiNT.Dev/cache/WebView/Crashpad/settings.dat
| MD5 | 67438519f4314e0d16082f010ae65c8a |
| SHA1 | fb0d38e87ae6b18c0f81ae65d0a4395fe01d9de7 |
| SHA256 | 83c520c23fb705ba6083598ee80a184175b6d485bdd0ff55045e749c69782d95 |
| SHA512 | d9d7b8d361e4691738fd2e916acc0e623a07334fdc8c62c20d828710106d3b8ed945e7a28bc4232a0ececead3c968228a7c45d1d5a95da8243989d71e4447155 |
/storage/emulated/0/sysdata/sysinfo1
| MD5 | a6fcd52b6b66cecf6862b4f36341bc04 |
| SHA1 | 8b21ceb4d264f40cf7da42ce630c991a0eea4090 |
| SHA256 | 47bb8e56ea3c98e4a3a8b1e557e8b8d7683683e6657df223907b7c1ef085018f |
| SHA512 | 90ed714810ad62ef12e861506814f595db1c407aa5d2ee659e0bf5fb67cc1d8bcfc5bd776c82ea7fc0e6cdb21e25e4fc0399e90bfdf666a2296769bdfb0efce9 |
/storage/emulated/0/sysdata/sysinfo1
| MD5 | 6b2bac966edac0048bac4336dd7ffdab |
| SHA1 | 4fa290b1ae3d09a70f29e05ac33701a937307a29 |
| SHA256 | 9a0285c31c82617f5d5823210791ab57fa29c92ca8107b0fa0e7a7a35be96af8 |
| SHA512 | 758a90200d4f08c263d52c931a2cdc9ce066d87c89f786e04b56cc90bdfce7918001db0349e7a037c5e79a7eeb9d3f6e43c661d37c0cdda43f7bf2853d63f4e2 |
/storage/emulated/0/Config/sys/apps/log/log-2023-06-06.txt
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/storage/emulated/0/sysdata/sysinfo2
| MD5 | 3748dfbaeae0d43d38471f14e4321dcd |
| SHA1 | a5a6dcb2e325479cb25a44cb66216e09a843666c |
| SHA256 | 4830f1d48d41c7725686901a2d4f93a8ea722f6160dfecc6815ac85598e361db |
| SHA512 | bde4b86489abafb3a5aff955ce232367044b6fdf106ea02847c3dbd78e49a02dd7c63bf82c26a3b630962aad16a877ece85af74608909a37a89b0591e012625c |
/storage/emulated/0/sysdata/sysinfo2
| MD5 | 514d884ca8bb12d1b8f440f3e64c3f9f |
| SHA1 | 6242b72c85ce2a287e95fb2522afe1f559b277aa |
| SHA256 | 5a9b87d66daf4ad4791d980d9c3270c7806bc18c89e323472a500fb8ebfefc5e |
| SHA512 | c18018ecb5742753f72dbe369c6f21b391b514a3d0dda2ef404cd53be299c42f3c774c7bec085d7c5713d42cf0fdb2f9e629d6cf5d635d3ca9271147e8420ac2 |
/storage/emulated/0/sysdata/sysinfo3
| MD5 | 9506c5cbfc8e3e59fe9b9d52bea1ddd9 |
| SHA1 | b7ff5d775666cd07120ea14569dc00527cc53d1f |
| SHA256 | 725cce101997a2608c3a1b51de805caa6cfd7f9c8c84420d4b68135227b49edc |
| SHA512 | 44445051d25ab0188ec7233c97680a279c2d717a436966d8cd90153747a7dfafb7d39c5bda72acfafdef9f674e2de500723134c08cde76d885cbeab69bca89e0 |
/storage/emulated/0/sysdata/sysinfo3
| MD5 | 9506c5cbfc8e3e59fe9b9d52bea1ddd9 |
| SHA1 | b7ff5d775666cd07120ea14569dc00527cc53d1f |
| SHA256 | 725cce101997a2608c3a1b51de805caa6cfd7f9c8c84420d4b68135227b49edc |
| SHA512 | 44445051d25ab0188ec7233c97680a279c2d717a436966d8cd90153747a7dfafb7d39c5bda72acfafdef9f674e2de500723134c08cde76d885cbeab69bca89e0 |
/storage/emulated/0/sysdata/sysinfo3
| MD5 | 9506c5cbfc8e3e59fe9b9d52bea1ddd9 |
| SHA1 | b7ff5d775666cd07120ea14569dc00527cc53d1f |
| SHA256 | 725cce101997a2608c3a1b51de805caa6cfd7f9c8c84420d4b68135227b49edc |
| SHA512 | 44445051d25ab0188ec7233c97680a279c2d717a436966d8cd90153747a7dfafb7d39c5bda72acfafdef9f674e2de500723134c08cde76d885cbeab69bca89e0 |
/storage/emulated/0/sysdata/sysinfo4
| MD5 | 9c6503eafa45558f1eb5f125c542bb0f |
| SHA1 | c8b67c7a056b96a7916fc97a597bff934e972fb0 |
| SHA256 | 7406077989fdcda2109ab3e591efc15fabee97109355d94c09dbc0e951a191c4 |
| SHA512 | 8234eab43a65e8714605541b3f970a4fc784b301e3c49a062d5f951a78135c98574d8c09419412187bcc4a5d8091d82889a4df7eb066db482a0fd87cfd36d0dc |
/storage/emulated/0/sysdata/sysinfo4
| MD5 | 9c6503eafa45558f1eb5f125c542bb0f |
| SHA1 | c8b67c7a056b96a7916fc97a597bff934e972fb0 |
| SHA256 | 7406077989fdcda2109ab3e591efc15fabee97109355d94c09dbc0e951a191c4 |
| SHA512 | 8234eab43a65e8714605541b3f970a4fc784b301e3c49a062d5f951a78135c98574d8c09419412187bcc4a5d8091d82889a4df7eb066db482a0fd87cfd36d0dc |
/storage/emulated/0/sysdata/sysinfo4
| MD5 | 9c6503eafa45558f1eb5f125c542bb0f |
| SHA1 | c8b67c7a056b96a7916fc97a597bff934e972fb0 |
| SHA256 | 7406077989fdcda2109ab3e591efc15fabee97109355d94c09dbc0e951a191c4 |
| SHA512 | 8234eab43a65e8714605541b3f970a4fc784b301e3c49a062d5f951a78135c98574d8c09419412187bcc4a5d8091d82889a4df7eb066db482a0fd87cfd36d0dc |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Session Storage/LOG
| MD5 | 7cbba8720258fadefb44652339ddcea0 |
| SHA1 | 0b8624634e7147dd317715508fcd0fee368fa80a |
| SHA256 | fb21d51b7caf0fb4d15f8691802646fd2d424ab18bee42d8b344130befa021f4 |
| SHA512 | 8e60145dd4ca7fdc78a91f35cf039258263e11b75e317a6405218e4c16d80fbb2751302ded5f3a1506ec415ca0d6b94b887834cff57fb1a1be5ba5b6ff3bfc12 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Session Storage/LOCK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Session Storage/MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Session Storage/000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
/data/user/0/com.oSiNT.Dev/app_webview/Default/Session Storage/000003.log
| MD5 | 9f7eadc15e13d0608b4e4d590499ae2e |
| SHA1 | afb27f5c20b117031328e12dd3111a7681ff8db5 |
| SHA256 | 5c3a5b578ab9fe853ead7040bc161929ea4f6902073ba2b8bb84487622b98923 |
| SHA512 | 88455784c705f565c70fa0a549c54e2492976e14643e9dd0a8e58c560d003914313df483f096bd33ec718aeec7667b8de063a73627aa3436ba6e7e562e565b3f |
/data/user/0/com.oSiNT.Dev/app_webview/.com.google.Chrome.SLL0Yf
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/storage/emulated/0/sysdata/sysinfo5
| MD5 | 24187c8d4a921022947272a9803b3f41 |
| SHA1 | 1620aadbdbcd4adebe67316e89e8c65d1f61b8c4 |
| SHA256 | 5468034e8a0355df93f6b070a8025304900219588f6c946f4ad37ba5750a53c0 |
| SHA512 | aa1ecef797d063e091c0e149747f331b90051c007cedaee72407f0c533e25086f2a6bdcc3ea4a6686ca595ab9ef577ef11bcd14c0fc26daa5f8f76ab513a3978 |
/storage/emulated/0/sysdata/sysinfo5
| MD5 | 36d7729b8cc8ace6afcc472b3f1220db |
| SHA1 | 3f1d7cb1dd721cad2cf955303872e3bec883968e |
| SHA256 | 58d71a9c91d09e4a5e3cbf4c543daf97e8f2ce31295efb6547d3eb535bd9a148 |
| SHA512 | e98135aee684654d62bccac9014d8d15b6d1cddcf303aef10c31d9352ed3fde35c922341ce5d7245e38d8d53c022ecb7953a59632873915af211df90784fa621 |
/storage/emulated/0/sysdata/sysinfo6
| MD5 | 42602d32a96f59366c36ca9dac5ce28d |
| SHA1 | 9690c0c6510cb5c7be9182d41dad381a1262065b |
| SHA256 | e15552b3ab0824370ff36e1ee461251d72fef39ab75722a56064259049370b3e |
| SHA512 | ded18e20f4b4353ee5e65f96a0d8297dc1f7f5802a18332de7fa3aaf6f4cb9b81982cb266c6779e9b1c4791aaa4eb8e04e3214b792c0a98b69a41654158684bb |
/storage/emulated/0/sysdata/sysinfo6
| MD5 | b0fb4b4b85453c7413ce34f558dde399 |
| SHA1 | e64d0e87b0baf84cc2c7e4c4dc1cfe8adcf9376f |
| SHA256 | ad712097c583f970a7490dcd56f6c85fb3398dc6a5922b8477617fb741385eb0 |
| SHA512 | a02ddb7cccd7a820f059c9aa0869d1258d6cd4e1772dbda41d50c967f0da934223d304c4d4ec914b2dfc6b3fb0edbc40b45b2bce68915a312dc0140358dfd036 |
/storage/emulated/0/sysdata/sysinfo7
| MD5 | 1a26c5544e9f9f82b3c020c49162764a |
| SHA1 | 3689b5b26e85472785082c3f879da9bcbba22655 |
| SHA256 | d365285ec8822cc96ffa79d9596e03bb0fef3bcff4d2cf9b890340fec6458459 |
| SHA512 | d240e89ce386672b339d8c72b64bc41106b326b4d592ad2dd4aa3ac449a8e5d4930fb705d104f0ee8831ce188e54a644fbde0d3e2da1d788f83781bbb02a5f0f |
/storage/emulated/0/sysdata/sysinfo7
| MD5 | 29b80b15673d46bfda32d7beaf2457b6 |
| SHA1 | cda13c92638243b9116d3ddeb49c792a6b5369bd |
| SHA256 | 2b111730487405bef3ad063f3bad8bcbe409fac4ee00c08ce6122b27c6298254 |
| SHA512 | 1810eeb08a7fc3be4ea0648aae082cea2bca5987972d65f82bd427025fe055c4c1942f2c045a9a95cbfaa60f64d436d6528337f34602c63362ed895c0d92210c |
/data/user/0/com.oSiNT.Dev/shared_prefs/com.oSiNT.Dev.xml
| MD5 | 46888c204e6c26269780e78b1b455af7 |
| SHA1 | 874c2ecadd1225b3724116fc4a4d984f577a30c3 |
| SHA256 | 6bedbdc28529338bb5605fb5edcc55907b363588194b4b9595f2f83f200adff4 |
| SHA512 | b88d9d8bc9fd1108924fcd638c5a7fa97376015bd882a91aefe16874b8debc46a79ec5de7c39da2f62a4c43bb8cc032d1b4ebb287163073cf1b35bcfe1989350 |
/data/user/0/com.oSiNT.Dev/shared_prefs/com.oSiNT.Dev.xml
| MD5 | 40491f750d40e8f82cb69f01df4c9026 |
| SHA1 | f9d30149b6f1a680265d0907d0913f91de56e3ba |
| SHA256 | 0e8f455d051d7eb17e79e7700666cc8cf8ef44b41b01ea4ae3e49a041828c2fb |
| SHA512 | d95ed618c4b9c541c71daac6394bb0a779a776c76cd1a51ed2b98981484a1a5319da7c3a254f9eb6edccceb81755f6b676f8a2b19181f199975cb4c9dc393b26 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
14s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.168.226:443 | tcp | |
| NL | 216.58.214.10:80 | play.googleapis.com | tcp |
| NL | 142.250.179.138:80 | play.googleapis.com | tcp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
9s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| NL | 142.250.179.142:443 | android.apis.google.com | tcp |
| NL | 142.250.179.170:80 | play.googleapis.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 142.250.184.234:443 | udp | |
| DE | 142.250.184.234:443 | tcp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
14s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 142.250.186.174:443 | tcp | |
| DE | 142.250.186.174:443 | tcp | |
| DE | 142.250.186.174:443 | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
15s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
10s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| NL | 142.251.36.46:443 | android.apis.google.com | tcp |
| DE | 172.217.23.206:443 | android.apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.168.226:443 | tcp | |
| NL | 142.251.36.10:80 | play.googleapis.com | tcp |
| NL | 142.250.179.202:80 | play.googleapis.com | tcp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2023-06-06 17:15
Reported
2023-06-06 17:16
Platform
android-x64-arm64-20220823-en
Max time network
10s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 142.250.184.234:443 | udp | |
| DE | 142.250.184.234:443 | udp | |
| NL | 142.250.179.142:443 | tcp | |
| NL | 142.250.179.142:443 | tcp |