Malware Analysis Report

2025-01-19 06:25

Sample ID 231219-xdfykahea9
Target 7a9aaa68b0f19e596f11b38ee685c042
SHA256 1fd376f981d2cf1d1fe9d85b46807e147c6f78d61861fc1a57780966a0db5699
Tags
pdf link irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

1fd376f981d2cf1d1fe9d85b46807e147c6f78d61861fc1a57780966a0db5699

Threat Level: Known bad

The file 7a9aaa68b0f19e596f11b38ee685c042 was found to be: Known bad.

Malicious Activity Summary

pdf link irata

Irata family

Irata payload

Acquires the wake lock

Requests dangerous framework permissions

HTTP links in PDF interactive object

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-19 18:44

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A

HTTP links in PDF interactive object

pdf link
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral6

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:54

Platform

android-x64-arm64-20231215-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.10:443 udp
GB 142.250.178.14:443 udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:57

Platform

android-x86-arm-20231215-en

Max time kernel

2237437s

Max time network

137s

Command Line

com.myapp.exs

Signatures

N/A

Processes

com.myapp.exs

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
FR 216.58.201.110:443 tcp
FR 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:54

Platform

android-x86-arm-20231215-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:55

Platform

android-x64-arm64-20231215-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 udp
GB 172.217.169.78:443 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:56

Platform

android-x86-arm-20231215-en

Max time kernel

2237499s

Max time network

130s

Command Line

com.appmaker.appmaker

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Processes

com.appmaker.appmaker

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp

Files

/data/data/com.appmaker.appmaker/no_backup/com.google.InstanceId.properties

MD5 4146cd0abd53cfb4bb4a157e65d41d8d
SHA1 ce4948f1242ab27afbd920945f0d52179486d61a
SHA256 96b0b45e1977bf5b37b6c8390e9c465034cd2139f083a658bf8690c089ddf9c2
SHA512 b834b3f11d526c234d5afc489ee3c5f9bb4c87cb4f984897b46e76b6120120c11b188d5985336a993af4899af2bce4e6b126b26a6f01e3b016c6b1a34693c660

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 fceea78c1d0c0c2e4b0e1f478d4b471e
SHA1 bf22462c7315c4e1a8ec9c666704043a0e852f92
SHA256 acafed95479f7eb328401f5ac313a3c858bd91d8b78a0abdbcc2dae05792b543
SHA512 567b02059a89dd37483b01fa68561531becfaf42d0caefcdcf8e135de3962fe9f856eed2bf2a823549088651b709d5572586874dccedbd510df4cb53759a44d4

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 4f268b3bb302d022cc4887436af6ef9f
SHA1 19e760334ea9fa665d2707a65ce1e5751a4cb95b
SHA256 c57b091756f01f95ec3fa9be6f8652c41cebb4ccaf0cfe9e05d2e9f949cc276e
SHA512 bc01511181a4fbd9b35f855ca0cd8600a6f99ed79ac47a02c17588e61296948c92bab0e994a6ae388954efda4faff339d07844e11e5eb51a0e6f0651d79106c0

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-wal

MD5 d268068d63bb0d25df1e6033f847c2a9
SHA1 35f5c5e6525c88604c1ffee2b6a1a94e630534ce
SHA256 38b9056b6afb9998bc464e29528c1ea70f493655e8afa530e90af889a9024926
SHA512 90f6e2d44f144541580a72b9d8c78305fc8f45805ee8abed43ce4bbf1b81bdba64d5e66b6e01a328c795f5a3d7d034a14b578abb7f5b91ae0783884bce3a9bd6

/data/data/com.appmaker.appmaker/files/apps.db

MD5 c2a1f88133779c380ff4af26d8fc3487
SHA1 4473bf8ac5691a8444f6044b89e38c106262e895
SHA256 b1664dca893df407378fedd3ce41f0f72a353d0080b5b0e37c1a7b69708a5d2e
SHA512 32ed897c268115a8632ef8c8da7328b2ee0b14ab065ecfe61192dc65f5a64ce375aa8ae3eb2ea5ced07b588ffa0d505d2c6cd1c68d14306b9a826553a58cb2fd

/data/data/com.appmaker.appmaker/files/apps.db-journal

MD5 c1819c5cdc6f9d04719e35ddf7cdf832
SHA1 6bd28b1858b4a1061c38373e5266caa9d11a3b38
SHA256 8b2ba539081c0b40bf9d6b1051586244a94a408598c3fcaa05f728992694cce1
SHA512 15496e6401e917b73ce7e1234610da8a0e1c62ed3fd15bae1ddb2b33a6f63cbe543e197d5442cc4b67ccfbedb9550084fffb5572f977d48f810555fe39340128

/data/data/com.appmaker.appmaker/files/apps.db

MD5 62a4d9612947a6efb4dbc5d05a0c0feb
SHA1 67514e7ddc9b4b638c6bfb011973f96b6f3ae914
SHA256 51d4ce3345eabb9f2ae966d6e1c1ee9934e37e3840d77ff02bd724dd7a940258
SHA512 d2cf9c2339c855d4a6caf5e620d27f0cfa661a70d0f7dc2e6c4839479858da44cbd06148f0683806817d02108a968dc8433ccb471946cc5f7a740ba8008b1df3

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-wal

MD5 5022d0adbe319e972300a2aef88c827a
SHA1 2d8040d2b9f31dbd231dcd4fdbfeabd2840173de
SHA256 0e58862e31b6d2d0cc1dceed8f552ebb37adc6f5b61b2c64dd72746d3d2e7b40
SHA512 724a70af392338a4ed5b6c2bc623ab6b5e049c17ec8c8317639b1bc0dcdba33e08171b2dde3799b4037d03065c0cb1469e4c452c12a19aa5f1f0aab0bd5e97fe

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 b7bb86f842d1bf9393506d2af8c47e64
SHA1 dfe4a36e1904fe0288cf3b756bd1a280236b05f8
SHA256 93cc3a517cb70a4eeee6293ec2c29277219d01c2e48edc64c7bebd732c75ca47
SHA512 d16ee1787fc945b301a74858c1a63a21b37da7609c97e35dd77e8766eeeda6ab7dac13202f1c189fe9da4b3927c2d1985ab6e8fc13feb8786f260db8ea96031b

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-wal

MD5 fbafc8e78a89205488fc21871fc9b2e8
SHA1 dd2f02c3df9fe68ed042e1e1dd6c8480cf517a8a
SHA256 a09a4f7eff6eeeb86df9e7411b634b6b0241bb35e76bbe4b90fb10daae2fb07a
SHA512 d896b898edaac354949ad8d165def11de291a36ec7e985b7f4842b850a9180fd43f84da4ab6d53bfe059dd460df573b8f31c75fcdbb9a56eaf569e0bde3d6293

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 b0d089ecfbc31e85ea4fc86132529e57
SHA1 ff28da066b8bb0be57f4ffda9a1a8c9282125421
SHA256 f7c8f5b3fd154bf28571a012f13270f27936804d3bada6cf547cd51006207360
SHA512 eba8545ed2e05346e4690b10e2c225a503b89be355d377cffb8e40a5ad01e42cdae9ef5ac2655054a22f9dd6866e080479bb6f39a5ed86866a974ad9c509e727

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-wal

MD5 35146366fe5450da623f711d3cdc5342
SHA1 bec673b3f5b6f7f7ff90ef88f8c471749ce7f977
SHA256 b2fd59e94fbfc2424d90ebd497d0858536b5acc65a131147c568c455edcde8fb
SHA512 77d8648c9d3cf8b9c64390d99d84a2ecb087d82a65f365db254477e04797c18f7222df38759e852b25aefb6fc818da7c59620be1cd645be08b9accec534ccbb7

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:56

Platform

android-x64-arm64-20231215-en

Max time kernel

2237506s

Max time network

138s

Command Line

com.appmaker.appmaker

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Processes

com.appmaker.appmaker

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 udp
FR 216.58.201.106:443 tcp
FR 216.58.201.106:443 tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 142.250.178.14:443 tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

/data/user/0/com.appmaker.appmaker/no_backup/com.google.InstanceId.properties

MD5 68e5a7982eb0b80f282f823771b12a56
SHA1 684cbffe1a5e1196492d8831b8170b1e73116bf1
SHA256 68223d6a9cd3613052e30f4bbac4e1e3800a77bb1626b43b365eacaa4b2f0844
SHA512 e7a0c8993ecd5a1717c2589d7f5da42ff29d9b721dd0c12862bf228697a4908a1fe605538751ea3515158a767e1e354ca017ed5ffb146bd6213b038918899901

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 455479555cb4cbfaa9a1823134c448e5
SHA1 5f7f3ba4ea4927ef7f237dfca2d6f34109f1a280
SHA256 24205517ba2c73993a4b3591e409aae54bec34f302d53113e31990f80f1b9518
SHA512 eea0e9d46ea8107cbab7eaff478592c274a61b9e91893aa41d4bb8f135cb4e1eeaec58ca238e4a76af11b9341c71ddb52001e7cd482dc7c33738b3b9b94e50b0

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 128e6517af8a35a7299d9b818a971b6e
SHA1 532a02b229aa304df6e7fbf60c1d0d66a58fa1ad
SHA256 dbe090afc97a0d17c6052d1eebade8cd3e10f92dbf87098d469124916da17094
SHA512 3ee066271f4b37f1e8bd4dc5e44c94ece100086aa779e9cf86d8079c4fe81f35bee5bcf4151f477b3a2c36221254a22af6c9ca6b893e82989ad7f79ab3823537

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 abac039a5183216a384966f195e3919e
SHA1 fd507868da34df6624f16a2e768758e70dc3e0e7
SHA256 caf1b25d42f8fb90f4e31023e8bc9764dee483546d41104317f5a7649c3a3335
SHA512 cd2b5043b19659a6b14046d784cac909eab972cf97db2a29f7b80da47c6215d3141c6f69fde2288b447249a7dddeffef31324c0c3a20fa32c19a769d98d77f2e

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 48856f77ffd6dc11cd8b7250405d4801
SHA1 d69f0ea9e9c3004f012c4ecc7b146e847b31b533
SHA256 de78b62433e2b5358604a99572766c2597112a7c7f36997602da2e1cb43258ed
SHA512 7de1dae11910510a8b19dfd4c903a8b941f2b647041f27e17e679d94056a311e210be33b7fd51a55878f674d2cdceda255de78afe8325f729f4392bc8a9664fe

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 ffca7674c6ec544cde7c1a07d85c3cb5
SHA1 7c4fee1bbe577fa400c5baecbc4299388de0913d
SHA256 6b21087f30c969fabbdde54b3a6ea8d2ddbc883d29bb3e349f4c41ddf263e6d9
SHA512 7596df1c4bfbb741800fc9baf35f2226abb85586039b73be71bd23970aece1925f2c682b7899cfe72f0455e15ff33ee4b857c9c15fcaac0809ccfab8f91677b0

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 f94a10b5379c68b8aa3823f208ed8d7c
SHA1 e41dcd07f8db3feaa5612d77d54ca4ee1405fb8f
SHA256 1203c84a2c86dad77ad7d1711f6a0eed6ed21d09f6e63f0519c3f517fdd81d51
SHA512 a5b474bc273ff56fe2a734c273e6020a50882b1df832e0227c89335036665c484ec21481ba05199b1aadef9fbc632a65f2068fbb30c00bec1959680d4f3f3e1d

/data/user/0/com.appmaker.appmaker/files/apps.db

MD5 c2a1f88133779c380ff4af26d8fc3487
SHA1 4473bf8ac5691a8444f6044b89e38c106262e895
SHA256 b1664dca893df407378fedd3ce41f0f72a353d0080b5b0e37c1a7b69708a5d2e
SHA512 32ed897c268115a8632ef8c8da7328b2ee0b14ab065ecfe61192dc65f5a64ce375aa8ae3eb2ea5ced07b588ffa0d505d2c6cd1c68d14306b9a826553a58cb2fd

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 c9e354e4b3bc8027e5dc56273ac98c25
SHA1 70d0030debdce12de823358b0f8a044572caf3f1
SHA256 4b010d58d9830e8425b940d82c4c84bc210f3519e45b3586669b2ff5c0436b83
SHA512 c4abce21023443efb52bdb872333cc6782848a1010247282e702f2ac72789c59dbf718195ad8f57a339183034bd4a1028628c1d1047c11e29368a645554dc669

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 99cbff6d0fe3d83689154dcb6f91d0ac
SHA1 e6dfd6f5e6d67c40ccf925cb0758c21f4179c805
SHA256 988125e8f65af66dea43cf7f8c0af728e23f53d8915f4ebef563a9e59d1ea396
SHA512 c10b2f3fde09cbe02bd1d99a3ced2534c0da84fbb1f6359d6ff22e05360596034f58fb28f52764c3e0523d5cb089e34d740321ebb4f57651299fb875747afa50

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 dd1390ec9278913eb822752b25c6c251
SHA1 be1a91c82331641790e8939463d9a275be6195a7
SHA256 f2251f196d9f69fdcad32d4aed89341a9df5104022908aaa7a4c0b3f23bc9fb1
SHA512 fe647e6cc280dc35c39a55248d66ad6ad909ff049a49bf45d4a07b9d3215b0cdec6730604d076b228b87f026ae8261948afdc13afd205d627c4174ecb37f6a73

/data/user/0/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 9d527d884cf3f41cdf7020fdf3c5e15a
SHA1 29b5c2b7ecb02e15ac6781ad06e3dced91135c41
SHA256 bf1ea458e3518406fba7859d99abeab03a3ee0e44cd32cfb87e09c1b33403e37
SHA512 5bd1b11c0ec3d85551fe24910cc26343f67a67a779d7afc7d364f8841a9817ec571d20b1e4853b255cfac32fb0e9373281958bfa77d540d68fda3ec7bdf3930a

Analysis: behavioral4

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:54

Platform

android-x86-arm-20231215-en

Max time network

3s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:57

Platform

android-x64-arm64-20231215-en

Max time kernel

2237450s

Max time network

139s

Command Line

com.myapp.exs

Signatures

N/A

Processes

com.myapp.exs

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.14:443 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:55

Platform

android-x64-20231215-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:59

Platform

android-x64-20231215-en

Max time kernel

2237601s

Max time network

163s

Command Line

com.appmaker.testappsx

Signatures

N/A

Processes

com.appmaker.testappsx

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:80 www.google.com tcp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 apis.google.com udp
GB 142.250.180.14:443 apis.google.com tcp
FR 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
FR 216.58.201.110:443 android.apis.google.com tcp
GB 172.217.169.36:443 tcp
GB 172.217.169.36:443 tcp
FR 216.58.201.98:443 tcp
GB 142.250.179.238:443 tcp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:59

Platform

android-x86-arm-20231215-en

Max time kernel

2237575s

Max time network

136s

Command Line

com.appmaker.testappsx

Signatures

N/A

Processes

com.appmaker.testappsx

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 www.google.com udp
FR 216.58.204.68:80 www.google.com tcp
FR 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 ssl.gstatic.com udp
GB 172.217.16.227:443 ssl.gstatic.com tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.180.14:443 clients1.google.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:59

Platform

android-x64-arm64-20231215-en

Max time kernel

2237601s

Max time network

132s

Command Line

com.appmaker.testappsx

Signatures

N/A

Processes

com.appmaker.testappsx

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.10:443 udp
GB 142.250.200.46:443 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:80 www.google.com tcp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 apis.google.com udp
GB 142.250.180.14:443 apis.google.com tcp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp
GB 142.250.200.4:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:56

Platform

android-x64-20231215-en

Max time kernel

2237504s

Max time network

152s

Command Line

com.appmaker.appmaker

Signatures

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Processes

com.appmaker.appmaker

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.200:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 172.217.169.10:443 tcp
GB 216.58.213.4:443 tcp
GB 216.58.213.4:443 tcp
GB 172.217.169.46:443 tcp
GB 172.217.16.226:443 tcp

Files

/data/data/com.appmaker.appmaker/no_backup/com.google.InstanceId.properties

MD5 4ba6083d7c6e0d13ee325bbe4b3e68e8
SHA1 56b9b4bc429b76422735ec5c409caa504921f890
SHA256 5e068726e2dbba7c9155bc3ea8ec100cc7aec29eb807250687aa492e5d7ccdd7
SHA512 f418938c06fbadb5ba4d718be63d9937a7caa606439db766709e4dc8233eef8014af19c25919397ac72967a63c146af8e4927d40c36f9dd8230fc4c30e160f88

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 ddf84c542e8718cae05ff4cfdcd1c63a
SHA1 584e77d7b70bb4c5bee631764d6ddf442dd7091c
SHA256 15d53e0c964613c28e0b7ef1282f9fa552bf089d2adf0792290ce653a1a5fc00
SHA512 023ac589066ee2870f7d5dbae2e3c331f9b800248d63c31503b110cda1efd9a2905d058612db79c11cf64fdc4939b68fcb5233e46d8274104578ab12c8591080

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 9e09217331327bd36210b2bc73674468
SHA1 0e56ebd7258335e4feca5bef8c4c1fda3e0e54eb
SHA256 3bcb40935656f6fa27648d4b720b53f140c72db542950b88f2990a8f9fff6d04
SHA512 7cd23df2a5becd5ccbaae07003df44ac99beb93b269ca3eda5db76a7e3aeeaa0344c7e902c0aa8f6898461f1fcb1cf6aaba290c9c54a5e92f6fb5d2f5585795b

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 5211f52f30d5e22871b316ec0500086e
SHA1 fec2e9528d9f07926f4a3c8b33abc53693b13c99
SHA256 ced2a0a89c29fa61de0143ee78bf82092f6b512ea2d32650af6303c41b8aa0cf
SHA512 9fe9dc24d3bc53e831731e8ef8930bca325671f6341fa6f1acc4369bd95663b451a46c49aa5da495bb6569e57ad20faf4fc54763f6dab8d1d2f7ecf1bfd332f9

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 d7a9e874752ee7d2f7eb7e4adf9ae6cf
SHA1 069892b38de8280193e13c5db00e493a4a9bb7aa
SHA256 d8e5a8a500c2d107e3a72655e8d0bf8aff22baafe4c274448778568cb6708e8e
SHA512 1ee622a83fafb2fd74947252d3ec06c5ac708c269293c343f5f440d678c31eefe71aa418d9ce4c25c44ecc62e3d1b7fd24b2a59538e879903a11a2a913f4da07

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 89954200bbededfb3a387ecf1799fafb
SHA1 fca25c5498b7a03387b87cd1ba03ea67f5dc03bf
SHA256 a1e2c4852176dfa7311a838772cb82e6295c4c7ffee5f02c8e2492d38ffb3dff
SHA512 005c7f431bb549738eba3d1474791e6ab20f17cb15f12c21760c050461106ec59aca53bbc64b39d54e071c91e716a97acac26323732092f13f468e96b69873ad

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 02f18e12ca19b5ac2be25999585f52f1
SHA1 5709014ff9258bea22dfe144e3f3c4386ceec001
SHA256 e10ce420a914f300eaf54b963318e3720bdc565dfe321124b4d9ae2df5b318b4
SHA512 7ed8412187330df6607230128db50ecc4e6630e8673f621374a6f73470e620844f346bbb0b3ecf9172b6c14470ab013dd9a0247e66af9fa6bc0a059f6ae7d6a6

/data/data/com.appmaker.appmaker/files/apps.db

MD5 c2a1f88133779c380ff4af26d8fc3487
SHA1 4473bf8ac5691a8444f6044b89e38c106262e895
SHA256 b1664dca893df407378fedd3ce41f0f72a353d0080b5b0e37c1a7b69708a5d2e
SHA512 32ed897c268115a8632ef8c8da7328b2ee0b14ab065ecfe61192dc65f5a64ce375aa8ae3eb2ea5ced07b588ffa0d505d2c6cd1c68d14306b9a826553a58cb2fd

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db-journal

MD5 ff25ccc76cc4bc8a4eeb71f8dac9555a
SHA1 eaaaf5a70988fc8f2e4e82080826c101991d1968
SHA256 7836c6d417adcc9b6f3d9f2c0b04d92a7301b38a8f7ff915f9e9e8195bd11363
SHA512 00237013d5f417eb355396fd8c02029d8ab4694c0b1be16315e033c8bc19c410592ba0e50f1ab0c174630ca293ada65618f1d27ff39a79b4e1a72ddeaef51556

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 9af32e6e45cad9c22a0beff7e5a3b5a1
SHA1 5a29f2bc3632484e3b47e1c6f08bf5f9de1cc49d
SHA256 b9ec7ef3639b78ce794fd930256c63a5971d6c591a575b72c2565e88b226f0f8
SHA512 eccbc029247794c094a0ee62de06ac5017ef3c8097d132efb40af9487224eababd73ed51be4e681cefa2d9bb8b1041bd51fb26ddaa2f0b15368b1114ce5d1837

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 7b952807a8c24568ac7363383984c7e4
SHA1 29e101b8870ac65ee8de962cfdb79d8844456eb3
SHA256 617cd0706f5f118d709067e696dcf23cf69a45949509c06897c00803b2b995e4
SHA512 eebd764dbbae47f8150f921afb5efcdb4c734e8f8810689d4c6906de62e592c3ed3875a69182238d60e44dfaab3c02b1e3bacb630cb0ef5b854c13901cad209c

/data/data/com.appmaker.appmaker/databases/google_app_measurement_local.db

MD5 ae0f8a8f4ca9dc3f3cb54b416091d5f5
SHA1 ae131904811f3eae7e4c16269fb1eee2100cdeb2
SHA256 254b326937d1b9c40a588027902b4ac33e54f25214d44589506814be148a67fd
SHA512 8b1ff90ed6004fac7680504572331311f8a2c39999104157b0dbe611e84c5d0bd3dd492278c253a803b6a845a5e8fbafc8445a4563e1d8bdef07c25606150ea1

Analysis: behavioral5

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:54

Platform

android-x64-20231215-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:57

Platform

android-x64-20231215-en

Max time kernel

2237441s

Max time network

154s

Command Line

com.myapp.exs

Signatures

N/A

Processes

com.myapp.exs

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
FR 216.58.204.78:443 android.apis.google.com tcp
GB 172.217.169.42:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp
GB 142.250.187.206:443 tcp
FR 216.58.201.98:443 tcp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:57

Platform

android-x86-arm-20231215-en

Max time kernel

2237503s

Max time network

130s

Command Line

com.appmaker.testpdf

Signatures

N/A

Processes

com.appmaker.testpdf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
FR 216.58.204.78:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:58

Platform

android-x64-20231215-en

Max time kernel

2237551s

Max time network

154s

Command Line

com.appmaker.testpdf

Signatures

N/A

Processes

com.appmaker.testpdf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
GB 216.58.212.228:443 tcp
GB 216.58.212.228:443 tcp
GB 172.217.16.238:443 tcp
GB 172.217.169.66:443 tcp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2023-12-19 18:44

Reported

2023-12-20 03:58

Platform

android-x64-arm64-20231215-en

Max time kernel

2237573s

Max time network

149s

Command Line

com.appmaker.testpdf

Signatures

N/A

Processes

com.appmaker.testpdf

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.169.10:443 udp
GB 142.250.178.14:443 udp
FR 216.58.204.74:443 tcp
FR 216.58.204.74:443 tcp
GB 172.217.169.14:443 tcp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.169.46:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp
GB 142.250.180.4:443 tcp

Files

N/A