Analysis Overview
SHA256
4d1e061ef07161343f193eaf08d29d36a6fa55166f881d6bf8c24aa77fce703a
Threat Level: Known bad
The file 4d1e061ef07161343f193eaf08d29d36a6fa55166f881d6bf8c24aa77fce703a was found to be: Known bad.
Malicious Activity Summary
Irata family
Irata payload
Requests dangerous framework permissions
Reads information about phone network operator.
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-23 16:39
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-23 16:39
Reported
2023-12-23 22:17
Platform
android-x86-arm-20231215-en
Max time kernel
2562742s
Max time network
137s
Command Line
Signatures
Reads information about phone network operator.
Processes
amozash.parvaresh.gharch
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| FR | 216.58.201.110:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 216.58.213.14:443 | android.apis.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 87b27d46cabef3ef12c457d4dace4a55 |
| SHA1 | 22198981b6d27a95d9742a978422149b374afa77 |
| SHA256 | 5333f4476aabc15764daa901a3e8eb6046197181c1f8fdb11878b1c654aa8606 |
| SHA512 | 33d4d501146f51c916af475ed1f57fc24471dfad50b61f500cd532a26e7fd2172a2e4283674309157c9d2cb4c6fa313863121ecc0c371428acf4b81ae4a653b8 |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-wal
| MD5 | 72567283de8c3c24c292369575bc3e0e |
| SHA1 | b68e567c8fea7951952c28dd8e2d263820a923a5 |
| SHA256 | 8f75a1dda2280b63a11c80ab0bc9a921bf62f25eeb27c61c77130cc13e10d923 |
| SHA512 | 574497dfaaf931f822abc538653a92027b2fb82ffaf246f67da0aec586fafbc8132cbe770df8f35cc4009c3ee9390cb5541062dedf9dde0b6d7f84731080b579 |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/540a6766-ac5d-4ba8-8644-a035db3e3521.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/998b9763-71ed-4481-bc50-cba5e9ee4a34.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | 472cefafa2f54b7081b2ee81c83caa22 |
| SHA1 | 12193804d1ee67f5471601c340e2b089710b3070 |
| SHA256 | 2c9faeb6b275952116cf4f6f12513f3bd984cb25f4fdad68e9dd825d84d6743c |
| SHA512 | 0504648a7d60651b2a9c43c6960247b81f009d9656f88ee51536053bf97f4313eaad4b31c3f74a0577281534d16f31706dca59e57e188911f471f5470d7ebea0 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-wal
| MD5 | 4c057d58bf68dc9fce8692f0a33761ba |
| SHA1 | 0dc57efecd4ee54e0fe33ab6346f0fb963723d98 |
| SHA256 | 8df6696830058d4e549f6e347ae5f3a8012548c87554c4507d3487ad5c53373a |
| SHA512 | 02ea0b52e07ddee713af1d8937b835e874b67470a479e3e4ced34da4471f7f65d41f71d70525631eb93d9ab562062da5d744b2681cf8406df470ef234adb5e82 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-wal
| MD5 | 60bf79e08c0491e4865238756f5c58db |
| SHA1 | d522631d166f9d318c444a854f241c0e256443cb |
| SHA256 | 9520c25af0d3d4a4c6977cd9a56dba3ad24c5bb046719b151f770ada3528e261 |
| SHA512 | 1106fc7ebc00ae7e085dc425b2f644e943d8dc14aa4bce452900e793d6d164548c8f596faddf9aebf5535699f5c10533dc26a548dec72b50fe6ea1e295e83c1e |
/data/data/amozash.parvaresh.gharch/databases/cheshdb
| MD5 | 20cfc7e679439d2ff4d7c108bfb01132 |
| SHA1 | 5a68df27a0a0269922123d2ff6f6ed5c6c126cd9 |
| SHA256 | 07ad86c5d5b6101745afdbe61dcfdf97e54374cce5d1f1537a94919eff062759 |
| SHA512 | 5d0e3cf457e35e2a0d850acbf0a01aefefaf43ad8099425c3f7aad6d1adb0affd15b2d746daa56e5a6cde31b15a39d42c68bc1adc024518791be8644c62cef56 |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/5b2c600a-d388-4dac-b7d4-614dad5360a9.jobs
| MD5 | f9782703dd7a37f6c888fed6920e0343 |
| SHA1 | 64e97ed51efcf7bfb5200a9bf2fd587588fa659d |
| SHA256 | 041117c0947689040e45f27c88e337331f424ef77358b40210da46bc098cc7ae |
| SHA512 | 6f9a4dcd17863286f7a98f2c930f9956e6b6e8e0ff815e6df7c967e1f1be7916b77c256494fb5e8532d99f78611532ae3dd76e7185ec199fac5f1df8ca93eaea |
/data/data/amozash.parvaresh.gharch/files/fav.txt
| MD5 | a5ea0ad9260b1550a14cc58d2c39b03d |
| SHA1 | f0aedf295071ed34ab8c6a7692223d22b6a19841 |
| SHA256 | f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04 |
| SHA512 | 7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74 |
/data/data/amozash.parvaresh.gharch/files/seting.db
| MD5 | ec3e26c859373af93bfb35ad7124deaf |
| SHA1 | f3deec3fa82bd72054091e9e07c2ee96e63a32e3 |
| SHA256 | a7cb5508bed65398db8d7119cae233f0815888f021ec13042363ae6670bb5efc |
| SHA512 | 64e4642c341dc07896023d964db9ef03ca7491a8ece764edba48d81b2471c01dfbd104fb577d822662da5062dba68f5d90524d459ca563dbd8b170a23a2adffb |
/data/data/amozash.parvaresh.gharch/files/seting.db-journal
| MD5 | e57d0d4f0444146f812c55b20017dc38 |
| SHA1 | aae0b4b913dd50fe44d68864c8ce7225d34b4552 |
| SHA256 | 9f6ca2b6868a48064cd8eac539a7032ecd9f49cd788a10611675675b855c25f5 |
| SHA512 | e883da7bfa397d7843fa47dfc49378212c2f1e9dd717e5bf6a76f8cc03ac5727f0264fba46572c681cbff578cfc61475865b9c22d156b82148371cf34927b9d1 |
/data/data/amozash.parvaresh.gharch/files/seting.db
| MD5 | 9e496001e3583d3e97786c6edab32e21 |
| SHA1 | c8f3180a27ee69b0f6e1b610350fc497f78e7d70 |
| SHA256 | 44f8ffc7965998fdad119328307c8cee29435df4a5ba6dbeb97c9e6abcd1d803 |
| SHA512 | 68d85acc107813cdefb233e9491f547697c19aec9958d24009c4ce94ef31673f7a0a6839222012ec84c0ff1fdfe24cbaeafbb2e4b685e8f8c72018f85914d895 |
/data/data/amozash.parvaresh.gharch/files/seting.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-23 16:39
Reported
2023-12-23 18:46
Platform
android-x64-20231215-en
Max time kernel
2550064s
Max time network
131s
Command Line
Signatures
Reads information about phone network operator.
Processes
amozash.parvaresh.gharch
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 172.217.169.46:443 | tcp | |
| GB | 142.250.200.2:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| FR | 216.58.201.100:443 | tcp | |
| FR | 216.58.201.100:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | de2f460cd75ee18435b6d9bc884dcead |
| SHA1 | f17ff8ac6687f314211443e9d81a9a89da60d222 |
| SHA256 | 3e95fc85db3c0a9388ce95ed6974ca4c40256a60b9aafd836851ed12d4e62d7c |
| SHA512 | a4eda58303441772e2bcb14b6c64115977763637f0d1fc13d1cea49ba5c3fecc3bca9da3005c3014853c33d90c63e9209cc7831694f5cb97015f3d57d22f5e9e |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager
| MD5 | eda4e5f53129dca7344c7e3f3e6d9513 |
| SHA1 | ed01e856ac998b6c3de46ac8a2a155f09d6db185 |
| SHA256 | 7c4bbb192102dd3dfc3d30cd5542d9a115cbc6c52369f1630eeb9e5ea81c8e5b |
| SHA512 | cf733d69c95b4db67de951dbd2b4f3c9b31008dd0b7f8a1d42bb14820def6b34a5bfa178d1e8cee0dafdf64531751674e7f6398743e915ef469bb97662c063a1 |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 85c6d904910aed00e1f19ac9e10e638e |
| SHA1 | 12043cc0d908d4f086442e33537985a8018f4144 |
| SHA256 | 55fca786ff79fa9abc06f92fba33b20868102b9f11d312dfed1e7e8e4da33a45 |
| SHA512 | a371a4f8ec1aecfeb406c4b660d5e0c9b15d24b7a7f90977b30f206ba38c880dd52086ef62e386a2846fecbb276de5e66cdcf67b61e5f3acba8af4951cfe223f |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | c3ae61543c9912949fa7d246e01bdb01 |
| SHA1 | 323f3d10228bf448097329ff7e8ef4848335a4d6 |
| SHA256 | 3f400874a750d85c38e5e89cd4c56e05559c5bdf104fdba6bb121d2c0986057e |
| SHA512 | 7881c81da64e31635de8b420faba8b25b94a045fcca5709a66d13efbedf04cd23d9336b3396766a2ebb0cbb397d566de75da42a3ab25f39a5c83d7353ec76625 |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/9c5bcb91-6442-48eb-b30d-8fb0c1617003.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | c6cf69f51540096b576a4d853c8cc805 |
| SHA1 | b5c7520ec20982d404123a335b3eb954d0022ab3 |
| SHA256 | 282880426ca22d62f832ec86168e3073e2de785b5b7d9929ba1190ee751c2c89 |
| SHA512 | 9d87e56d6d8483b9a0016e965af96f43a7bbff1acd1ceb2e02d1221ef721ded3b2a30814a8624b79de82f4e00f63e585ff281d04409a99a16de5320d6e4d6ca2 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | 6d01a3d121f188c32e112a05cd7d083c |
| SHA1 | 4fee6b1a9610d9646053e930148757148085a9d1 |
| SHA256 | cfdd7c53a62a57eab57c6f1c451596011ed1b07ab70f055ba306dd970ae1453a |
| SHA512 | 4a3f591a0cdc73dbe870336d1559929e496a7ebd670c43d7a5745185f4ec43e9dd68d51c3282b88cb38032e13147d903cc8a6cce50587164be9439ba33d57b81 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb
| MD5 | 259a1e4e7ebc4b0d0341ffcf0c3bc2ea |
| SHA1 | 9b8da5a0b24833a3e84567d9d8ee0d2f54d7b48c |
| SHA256 | 4f4987ac3d84abad3490459fa7a32b7bfadaae5f329e15dcff36e07d34faaeb1 |
| SHA512 | dc1296e2b0b18dd83a3782acb700e155ea9a60ef193bfa8c98999e7cc3c5b73a97c20a974cc956ab438aeeba812ec2d2f401fb2e714bb9bb5fb421fa4b7a2313 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | fb4b155c73e71b7a356701e6244e0e98 |
| SHA1 | 70909ba6219c4e08a3a5e676b1f57993ad6240c4 |
| SHA256 | 385e393e1401dc4fed7615d9e4101885d8116f03977bcf7428a14797d3e20fbe |
| SHA512 | ccb2dd7a01f4dd4b81d5100974f596e4a0b43cb0767dfa8971fdfc8d20c3f58966550205849fc17ecbc6319c8b71e776b8dd039a65be55ae680f46d624836c7b |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | e5068dbf3da3b3a1af4a81967fcddb07 |
| SHA1 | 8e7012b252cf5f984092ccbc48b1e822476920e5 |
| SHA256 | b9a61a84ca67c890326dffd5d61bb266a5079e0c4768e826ab534f7dd3b8cdf9 |
| SHA512 | 234a533413f0495487615de2e0525a4f651d63999b85badb55382d6fb7deec5e38ca153d9306432e260e785d647e8c727bc153aba12ab427d475c6b68a055b00 |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/a161468a-f219-4c6f-8b88-9b9a2a41db78.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | e59b203a516cb37c1de1d53bc345a9d4 |
| SHA1 | 3bdd1541988c10810db117599f858ba0305ac781 |
| SHA256 | f5d7948b0838d6e5a8f9e794df6f29f8827aabe721eac7d12e42ce80e06fc854 |
| SHA512 | dd8136588b5897faaab0ba31992d7a9bdbbcc44655c44a92ecc2d300b0a5a4004d6dc738129d4b0a6cc4a4fbc04b0a375c344441b5b397ece9dde23313bb8526 |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 0ec0c87a9124ae3c27d8fe27f2c0ee15 |
| SHA1 | 07ea57acd43f1d5c8090cf0772141ee348d331ae |
| SHA256 | 11a0bce3f656bd10b3d38ee5562681d34b80a056e5ce696cebf1c0417c1118b7 |
| SHA512 | f7b41c674b9c79b5cfc3faf673b2e3e663dcb408f49e06348704a69afbfaf3a5fcf620985739feeceac9bbbbbb87966b58e64f270c10e72777d0fc3cc6d38ff2 |
/data/data/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 9d2651ccf1dc805e3718c451c15cd84c |
| SHA1 | 69cdf3b4d8bafac563fce2c0ef66d9ed4c6f73d7 |
| SHA256 | 564d4cdbc9a5a957a186690d1f9f38f50b07b15e81fb374bc2bacb6cfcc87f43 |
| SHA512 | fcd8013fab9db533c17b3aafa6f876a9846d3eb6834e371ffd96c6c5dd29c4b259060d6902b99a64590a36c30aba36a4d52c8dd23d2d1760951651ad5f30472b |
/data/data/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | 81fa1437d01b932bd5610a40c9064e44 |
| SHA1 | 28dc62baae97972a2c49ad40c7326534d3be8c05 |
| SHA256 | e1b5e911fe18a232c0dd9725a93446da2513824481d7feda12c9221cf527ce11 |
| SHA512 | 984a221dbf9e3060d815051bf5fad57956b8abf589c24f0bfc8313dac6fa00aefeb204de808c95e82ca417cd31da79202b41dcce8abaaf9f77fb2e9efaf73d89 |
/data/data/amozash.parvaresh.gharch/databases/cheshdb
| MD5 | dc2a435d4b7a2e812d42479e4a9b3c69 |
| SHA1 | a6cd2ee9c77746115c699c6b05ee39e2438c9f3e |
| SHA256 | 5a9dfa8e5efb2aa8b9a35851204a48393e19f286ced22dbd15379610bf64ad99 |
| SHA512 | f13037e1d7b01f416d4a652782159b007a87fe4b4455bc2238c93eb681c180473f0ea71f6f2770dc063a93a6e5e827b1dc5c5532371860259decbcab5bb8edd0 |
/data/data/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/e7e68dc9-5645-4297-8892-7dc92ad2dca7.jobs
| MD5 | cfaa03a9431661178fff6b4b264e87bc |
| SHA1 | 45c3f22fbb47826771b0531d26b18bc164701b6a |
| SHA256 | f811d15f255351767ca8fbb7ca1ee4498a64e8c80629d2a8db3711468850e759 |
| SHA512 | 29b1c25a3e7c14ce49b0d837c7a22208d995911f7165d94ad79f9ee22562cd5a8c902a53c8541feea54f4f5500416f6dfe8d308a4b74698cec0a208354076090 |
/data/data/amozash.parvaresh.gharch/files/fav.txt
| MD5 | a5ea0ad9260b1550a14cc58d2c39b03d |
| SHA1 | f0aedf295071ed34ab8c6a7692223d22b6a19841 |
| SHA256 | f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04 |
| SHA512 | 7c735c613ece191801114785c1ee26a0485cbf1e8ee2c3b85ba1ad290ef75eec9fede5e1a5dc26d504701f3542e6b6457818f4c1d62448d0db40d5f35c357d74 |
/data/data/amozash.parvaresh.gharch/files/seting.db
| MD5 | ec3e26c859373af93bfb35ad7124deaf |
| SHA1 | f3deec3fa82bd72054091e9e07c2ee96e63a32e3 |
| SHA256 | a7cb5508bed65398db8d7119cae233f0815888f021ec13042363ae6670bb5efc |
| SHA512 | 64e4642c341dc07896023d964db9ef03ca7491a8ece764edba48d81b2471c01dfbd104fb577d822662da5062dba68f5d90524d459ca563dbd8b170a23a2adffb |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-23 16:39
Reported
2023-12-23 18:48
Platform
android-x64-arm64-20231215-en
Max time kernel
2550224s
Max time network
132s
Command Line
Signatures
Reads information about phone network operator.
Processes
amozash.parvaresh.gharch
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.14:443 | tcp | |
| GB | 216.58.213.14:443 | tcp | |
| GB | 216.58.213.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.234:443 | udp | |
| GB | 142.250.187.238:443 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| FR | 216.58.201.100:443 | tcp | |
| FR | 216.58.201.100:443 | tcp | |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
Files
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 6fe4a9b2049f37e96af71422581b180c |
| SHA1 | 73f4da0b63ba87e51a97fabb09774e0c8118fbe4 |
| SHA256 | 73440c4a33d03103a6ccabb38c0633ff0b2b0935b1d67e087fb54c2baa5faadc |
| SHA512 | 7061b8fc456949eb4a0ae5efb22e3015da0affaf0df7f35ccf91d829453b1a6cdf39f76db15172e7795d7606a548ff4f67b61452cc8172d264396372b6ed4f43 |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager
| MD5 | 7f87e1efdc36046766088ce43d93acf5 |
| SHA1 | 1d0fc8d6264e55a629858e9aba9b4999ebe276ca |
| SHA256 | 4be160118ca1f55f282af3ed6badb7c40bcbe4c7f64e69381411041b571b26f2 |
| SHA512 | dcd83d4abaf7095b3c9e8c6d667a9c97b8bc1435a6cb8d57ce2299ffbf6d5653a9ae438a3e17327700d6cba42a7b5c34abba10351f44673c9f6f8661bd191499 |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 1cc72fb16b964004fe9d2926df392f1b |
| SHA1 | 99329de838e0c90eb16399a57e56b33832d3cf16 |
| SHA256 | da6f061f25fb4ef543a0ddeb3097234f44bd66fccec52f446cceb75c7d6fce1a |
| SHA512 | 976d6382f8afb63c662049dced6e386b4ac1719a4d90a65fd0e0a0a4316867cddae821b89992d6a6fb922de34af9714bc2bc72a6a781b26a82e23eff470ca754 |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 033fc1b0482408f89fc123cbf6c4652b |
| SHA1 | 3ec6bb229250f716a724e3755da5ec98ae7a334e |
| SHA256 | 92882e82e8fd68f3aa87ac58f4eabb0746d91f75919036ea590cbb2c8f026b5a |
| SHA512 | 0f194a1d477942f6ab3e885fc1b8cf65fd65ba88ccce8333137be87da080ebe94ebb087ee9f9078190b5fd58c774c746e16e2571945021d3c98169e7672d9dfc |
/data/user/0/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/f8257e00-7b84-4c18-8d37-d858c3663d94.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 19da51d8f2a9b935294d14e5e84561bc |
| SHA1 | 074e054738f983bede43514a8e42e1eccee49a98 |
| SHA256 | 1fe1121d2be9099205d157666d6346da40a3d9d0e18ddc5688131be0ce79740c |
| SHA512 | 99c966d9a469b94b01e9e92cb3dbe4ed35d578dbfad30222db867b283c4ae79b4891408f6b6943ab9f7cd6159bab81a3800dcf0ea3c2f8a795ab2f0b172a4c99 |
/data/user/0/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/72dd1aec-02bd-4c6d-a12b-ab5958a5793c.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | ae144fdfaab0add9f1bd6202bb03fc93 |
| SHA1 | 059be18b399b70b16599c0d62b904e9fa2988951 |
| SHA256 | c3cd99a5cee29548ef3f5a09bf235f9d2df4134f188d39bbc22c5abdca523e28 |
| SHA512 | da97980d4cb4d53bff1c1afafddc6d8cb67330e72d4cc2360d44b4d9e07ed06a194f4c5a3ff2950baa53ab54e33ab279d89c910f07bacf02db97d578269dae65 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | 9fe9c76440128f55cffbeabcc48c85d4 |
| SHA1 | 274b945411952c92ba0522133ecfaf7b31b647bd |
| SHA256 | 76edb581fb64ba53a1319298cee571ed0d80363f36ab4d728f24415da121dcc8 |
| SHA512 | 1822ff5cc0b4088f0f9c879f0cce56220ac809e4351d584730a37db8f80228c3dcae7de4852a3746b8e1a09ab913d725a1fefe943f94f81e804baad707d300c8 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb
| MD5 | 0660d3ef5f0245096a9fa0f61d6a8666 |
| SHA1 | 282222362a5a05e3153b7f6b49ef35c667b19542 |
| SHA256 | 1091580378b83e0ab3222d05659ab9aef1d2c65d766d5e04735b628d7a760ba2 |
| SHA512 | 18bbe88051278314b76611bd68156ce60a9c3af3818d39991fa58d28bd9bcb8476eb00ef52ad8ae7d16c1d7ffcd9f2e8a858e2fd806ae59b5d85a8c3a9ca12a7 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | a2365e4da258fb7438d888ca08e7fae0 |
| SHA1 | d7439b3a851ce324220f712f7b790c47aac997d2 |
| SHA256 | dc00b7064a155856ffcc9454c6e4e8bfc7c67acf08954fb60ca164e67d084c94 |
| SHA512 | 5a07cd665b07d6db516f1d24cfe878f98ad3463028174d81761a51b35e1eb673392c9733323ae1346153931db9f9c1edd6c983a00bb861132bde24c38a7891c2 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | 4fbf2eacd3c28794157e094efae3974a |
| SHA1 | c69796ae07ee42100ab87e228a31038c4ecd73da |
| SHA256 | f9b25ec58967ae5e37a66f73209cfb297179438719e8614b1d854e487f466b07 |
| SHA512 | 75c7f0fffda636b9560b797eff525f7f929afc2d88dd67b7833c5db85c9f7c3eaf83fdb9fb96655cb20bf66bb2e0fe1788de5d68e759401ed171abc40fe0a6b6 |
/data/user/0/amozash.parvaresh.gharch/databases/db_default_job_manager-journal
| MD5 | 297b6737e2deb123e524e61e16eb7319 |
| SHA1 | b848461ca908329214365f77bf8c778ab56fa3b3 |
| SHA256 | 809cbc4479e603bb31a27834060b705c40052a15170663f94b595ac9bcd7801f |
| SHA512 | fc4b4b3195711e85ed83aa484b88750faafefcbf98bd1b53130ef3fbcb35d9e41aa37902a57ce59f790fdb6f4f9af3671fd48bc95d3884b6cd070ae4dd9f1761 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | fd53e260c3ec1bdff12532b691194fc0 |
| SHA1 | bb641adb49ff2e1ab279e4c19d9778584c61404e |
| SHA256 | 51b91b408a9ab6f54f36fa1908dd2f2f8ca78b476c811a4394a51fadb81f6f42 |
| SHA512 | 76b4c544d866348cd2cf698a4a7342dd3929297a74e318fcf887e7771f321410bc457ad7bf86704176493c24393349c427fe29712588ce060fe8be9e113f8d56 |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb-journal
| MD5 | ca4c6529b7bf6843610d29ae94c54458 |
| SHA1 | 60c9b53e6659361cbeec4218589e42edf6f8c26a |
| SHA256 | dc4abf839adfe984e0b5874588f1665e2d37e4fd88fa1c023f0c765675ef810e |
| SHA512 | a9360e86e930948635d6cebeb5a56ff776621c6de3145dd85381e2bd99bf0c5edc81da0395866c3cff3d5f08742db45a8f2f38f931a0b612f4b51a978889c98f |
/data/user/0/amozash.parvaresh.gharch/databases/cheshdb
| MD5 | eb6e9c2c6a1957ae19cad341055d4052 |
| SHA1 | 82c12827a90b25f0d11f7c42ecd5ebe8772aa736 |
| SHA256 | 5704a89b4d99e57b77b5fccd2b4b73dd9837ee8cd9365e95603f932986d1a0ae |
| SHA512 | ccc13e323c3e7d571f94d669e35a8e0cc7b103209b815d13235b0797767071956171f68b3e6a4580b76763309b716af0cf337c1736c5566b3f92d7eba6359400 |
/data/user/0/amozash.parvaresh.gharch/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/7b4b1347-2a08-4e55-88bc-93c01fa27e44.jobs
| MD5 | c0af7894a362f56d0c1f183227eb56f4 |
| SHA1 | 634b3ae13f6f583f2b76521c2ce27b115369145e |
| SHA256 | 5fbf8b6531f420918da8282f47ecea1ad783a8fd777f8a6c8c2ee871f3f2a94b |
| SHA512 | 1749bd59c8cc6418445dd4cdef40987a8c16c44f281acca52dd4b83d870fce10b5affb15b9f611f57eb24c44da2af1801f115d0047f1674bf40f848c019d6e96 |