Analysis Overview
SHA256
6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301
Threat Level: Known bad
The file 6cc1445b5ac38d3089d71166b9de373013ba8aec1da9977b779535cd1846d301 was found to be: Known bad.
Malicious Activity Summary
Irata payload
Irata family
Requests dangerous framework permissions
Reads information about phone network operator.
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-23 18:48
Signatures
Irata family
Irata payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-23 18:48
Reported
2023-12-24 22:48
Platform
android-x86-arm-20231215-en
Max time kernel
2650900s
Max time network
130s
Command Line
Signatures
Reads information about phone network operator.
Processes
ir.iut.moraba
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | semanticlocation-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| BE | 74.125.206.188:5228 | tcp | |
| US | 1.1.1.1:53 | www.google.com | udp |
| FR | 216.58.201.100:443 | tcp | |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| GB | 142.250.200.14:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | slukwlmt | udp |
| US | 1.1.1.1:53 | bmeyypijsjeqjg | udp |
| US | 1.1.1.1:53 | jqksamprb | udp |
Files
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-journal
| MD5 | b8f4e17f19df27bfc7a62fd744a5739a |
| SHA1 | b7e405f585d6ec80a45a6ba2587c2f9dddafd665 |
| SHA256 | d167393f9f75de51e0cc1c21b0d542467156a0098a7816ebcc827adec508b7a9 |
| SHA512 | e719ac1941e4e3ce570a4814d6960ebce7b7bba34b7fda5ed259de3d2556fb9be89d7aea519cc0218bb29375b21425fc2d30089d2d4c9aa02279262e9933e996 |
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/ir.iut.moraba/databases/__pushe_base_lib_db-wal
| MD5 | 958c8ab97a3643606538b193e2544747 |
| SHA1 | dd784fa7da439b1f524e36c36ffd1baa80255605 |
| SHA256 | 6587f6f5e3a6b658076625f0bf108904e06b562767bd31581bca764689f50fdf |
| SHA512 | 31ce99c2280cf863f224b9bbdb3e1a4fa8c84936eaed11fc4b636e95d8a2296b8d28bba5f70da5f329b560a253e427318342a5ae87a8d1f18cf96ed6ea0b6e46 |
/data/data/ir.iut.moraba/files/db.db
| MD5 | f81ac1486079e47d6690d9ba9ae56f95 |
| SHA1 | 31f20b027a77bb751d29382de19c68aa497356f8 |
| SHA256 | 65a3e8d4142077b80aa203ef5028ed78c6d3ea10a25076f4f2376c62918422cd |
| SHA512 | 16c9086e9f0901f15987ce1257a81847cfb1172109aa4b488c8fd62959e2e44dd96eb9431bd1e7aee7c785c75467283f3a0d700c8ecd02b5a040373638084425 |
/data/data/ir.iut.moraba/files/db.db-journal
| MD5 | dc0e63f12e6b05ab7c21662de8e12491 |
| SHA1 | cec1cc2cc47e0b1ac9e83519558edf42e3abbc26 |
| SHA256 | 5904872856a4e54620cd176b0042d1e5e4fd2ef361037b45439c6a0f68a8c306 |
| SHA512 | 86585ffeaf35cacab3ed04c493f7c6748d31cff7289edf7a8e529b77cec27f7322ba3eb76ed55bc8f95ba9a8fb6a47ea33e77700b4b38a3ecfa8fd9f7de8114e |
/data/data/ir.iut.moraba/files/db.db
| MD5 | 9bcdde6a06eb20885424874bea9f9a54 |
| SHA1 | 41691d5b62a2a567bf71f734b6241a386a551d02 |
| SHA256 | 40fccdbd1a66e073a36173ad2d48077ac3574017e76426caf1f6b5ac1cf3c103 |
| SHA512 | 25e84a0d661dc51de551b153c40abd620d513535af7f3a8e954490a96e60201e93e289f4bb4497a37a472f183fdef164357438e3eac72c6b1f4fbc69b0de774b |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | 045617603fc417ca3dc9c2d15aab564a |
| SHA1 | a3c88cb112c6a2d6f511306707c4ed952e55f188 |
| SHA256 | 84913bf5e15c0fec6fdd7e3a7bf8c71d542169ec8c361a2cd700e486849a9923 |
| SHA512 | 77a2073384f681b4f31769721ac09276e616a1318b92c41e618e93cf163ec54bb7b5bc1a8357010add710bacf1a42e3f51513652fae49191acd0d13d4126ff65 |
/data/data/ir.iut.moraba/databases/db_default_job_manager-wal
| MD5 | ced03b8028375e62a12a71936dec95be |
| SHA1 | b3f968cd980f04c7f54e4f0c5f690acb4b6cdae8 |
| SHA256 | f002e59a33c779ec01763642f7ebff038ee96e52bc605f80d20a57184503aa48 |
| SHA512 | 156bc0793a14a017e00200aed772d9d2097765d0958d8a341599937e945b5d8c5c08bd1ef60e7e6244e1ad603905093c1121f595419990278c9407b4e9534646 |
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/0a8ea4d1-d167-4726-8a78-d03564356a41.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/9545aa22-40ca-46f6-8d65-3771b40b4118.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | f8311a277672fbfecd5f7b5ed16181fe |
| SHA1 | 9f89754e3476eabf32ffc61af2beca8c6cda7278 |
| SHA256 | 86bec7bcc3f9086bc18ddb78201d2f77f8c354317b0c788878be98656636fc4f |
| SHA512 | c06b86ae579b1d89737aa917d45632713bf136c86dacbefb8aa99272df8e0ea0e9298f5e807e05e174d96ef9795add5946488f3b066cc72f1e15cea28c38237c |
/data/data/ir.iut.moraba/databases/cheshdb-wal
| MD5 | b3c01bb0e2274478da24901e139f836e |
| SHA1 | 29f117b3f57441c3caeaad6db6e2454c6ee13d8f |
| SHA256 | 846b4aa03d5a10a8af3db08d9eafb558d4cbd6e0fdb72994393b68adef770908 |
| SHA512 | 3a666494e6079824a88f2645488f13ec37d005b7fc49c129731f9877b484bf759a4687888deb3b415cfb85aee058d6b1d2c13f572f500a5f27540a842b894968 |
/data/data/ir.iut.moraba/databases/cheshdb-wal
| MD5 | 6be48fca39569545a4768f6e1e901fee |
| SHA1 | 0bbc8ea99984877d6cf64c2296e8c03685fe4676 |
| SHA256 | aa3e5f5b1ee66a6c4f80622e686ee4a811e90aa40a41d9f34e7f6b03868ab7ca |
| SHA512 | 42af65dcca101f59de8ef7bda20bafc3cace29b2eca2c8fc63bb892cac65c421fc69b36a2f33c21e9660d0887644015faa575b51969874ea075eab8bce3c27f0 |
/data/data/ir.iut.moraba/databases/cheshdb
| MD5 | a297d26228853d0a3897c2775de51084 |
| SHA1 | 2964f35b8509106478923a021b952273776f2360 |
| SHA256 | b1022fec129b5ae58b2dc5323a0455460e92dea891f2cef57142c408c925a878 |
| SHA512 | d19fb069c7efb7c59bd3e7f90355f91f21e473193b0ec1fe0d2d339bc389638f3788d9d13b9229acd9dbddd7924102f3e7b0382048e9702f3708dbb29d926565 |
/data/data/ir.iut.moraba/databases/evernote_jobs.db-journal
| MD5 | 2cccd94763f26ae11363e42660b3211c |
| SHA1 | a5b339adf8bb1117160acd8839749ab8e5a9f1f7 |
| SHA256 | 64367b4968fc681964cd876f31dc76ad576136d740f39fd82f8ae15d90491309 |
| SHA512 | 8d24304e48436297c7f86f3858d9bb30c241fab15155cb0574df4a02044fe5fac44d4525ea2c8e04600258282e02b54de2de4f6e2db2c4fb18d33cd9d2590bff |
/data/data/ir.iut.moraba/databases/evernote_jobs.db-wal
| MD5 | 1456ef8dd1a305806c5054868d1d3e82 |
| SHA1 | 7904dacb988822f54c0d13557d9b484c0c02297a |
| SHA256 | 5835e645306af7f19f65eecdd5485bd52f8ffd2a23437ba7c3f8b2b7a1425023 |
| SHA512 | 5f41cced688c2083f5b5feebf01e3ee9b3f0e8f2463345e2ce41388bfcdfc0e6f846788bd13b591d4d6966b4fc39534d0d2ebf707f2204a5f4f0689c963e46c7 |
/data/data/ir.iut.moraba/databases/cheshdb-wal
| MD5 | f21666883bfbd02b5da7f0fc97796c60 |
| SHA1 | 1d8c69b6ba663d1d7ab3ec97e045e29684456523 |
| SHA256 | 89cb9444975cbc8cf0a6342db95311223670cd914cff3312c09a9339df0821f5 |
| SHA512 | 3e067d52d8e7c3a109f7bed9463ab2d7165ada517d316d3ec24650e52de6d65437a2f789095b2baad7c1334d3e5184da177c70b5c48bf319f26e54f9a250b86d |
/data/data/ir.iut.moraba/databases/cheshdb
| MD5 | 893fdbfc8f14558121d48c583da06b27 |
| SHA1 | e7afc5f83b165b42e10c7c56628da6771e4b4c7b |
| SHA256 | 1f70ec2d1d400d28e5ee30c58095b30d6edf5609e754d2fb073ca028c1865f8d |
| SHA512 | 8a0c11993fe126e086f844a9090b9fb985d2e8b9ad1942054478502484bcce93ceee7883327609e5769e0add2daf204f775229dbc52e782161537bda27077ed3 |
/data/data/ir.iut.moraba/databases/cheshdb-wal
| MD5 | 94af70a6970055efa61fa38c4914782c |
| SHA1 | 7092f6bc5a548ffe79b11f583f32fb2e9c91f482 |
| SHA256 | 998bb8809c1866aba5939edab8b83e2b60a4d7ac8cc55e50bf66bbe5f16cb1a9 |
| SHA512 | 78b6e6874c2dfd40de59aaadc54f2af17e7ffc06d07937625a408a730b51155808a759509796c5c4477cc39381867018d4c7bbe237e0927559b9cf5c989c0e1c |
/data/data/ir.iut.moraba/databases/cheshdb
| MD5 | 48cd9d56d0cb169ffc78c9f3301819df |
| SHA1 | bed016c3e9693f4f6cc86104388b409a19d2a747 |
| SHA256 | ea476fb20daa405e272be7cb9cf7bbd7efa9d6f98d044563481515bbd4634c4c |
| SHA512 | 80ec89f9c644649bd8718fe99602668e3045cd07445a2a57adfe81b9e9a7bc1ada30982ef61008a9e0feb44186ed90c200ae7a172f1d8ecd8f3a905244738c78 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-23 18:48
Reported
2023-12-24 07:30
Platform
android-x64-20231215-en
Max time kernel
2595839s
Max time network
131s
Command Line
Signatures
Reads information about phone network operator.
Processes
ir.iut.moraba
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.8:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.187.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 172.217.16.238:443 | android.apis.google.com | tcp |
| GB | 216.58.213.4:443 | tcp | |
| GB | 216.58.213.4:443 | tcp |
Files
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | 295b30ff92e8eaab73f5c271bd7f52c5 |
| SHA1 | 64562d9ec6dd719c2a5232e04fd5859022d33d6a |
| SHA256 | 1e1b903df4271d508a7ff395392dda3ffaea46107c6503101ffb70b9a2c9e3a2 |
| SHA512 | d0573cda26aa37f9e75066832e7a02556e6780d932604303282b6b05bf4c877ec11c01b5775fabe66a3b4ef790fcfe9bac7a0e47592be8fd511e55e33cbc9a82 |
/data/data/ir.iut.moraba/databases/db_default_job_manager
| MD5 | eb24f36f83f8c664b777901d37bbbdef |
| SHA1 | c6f950ead4536b22416893b78b21da4afc6f88d8 |
| SHA256 | c6bf0ddd3bd085d82b62d66d28d60f0216fbae61f589333e1c84b3ff87993c7e |
| SHA512 | 4b21277ee9c2faaf318041a2bb2c1dbf5570a63718e4b254cb4897922348b53501edcb99f1615b6d1b06933d5ecfd964d5e55dc08f96a6020ff0edf73b0b5d60 |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | cb1b46cda7ba67c947ced045c6ca83ca |
| SHA1 | d7466858d34e3d8397f6cf0ae8b94ea13c922b5c |
| SHA256 | 76575d4bc6098d3a549a4ca98cf02d5d714643ce6fd7dbf9e2fe1408bd52b8c5 |
| SHA512 | a7ce14ce11df15360b365771c72c47fc5e7337b9e8f2ddf17c7a4acbb6dd43e873eb97b1fe52cd5e60d3e0a429a2d78aa0ed4875997c81da857ff9c44aada002 |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | fdc34517e386d052cfce0a14596a86d5 |
| SHA1 | ebdb375c1008fae6c094fbb736e860da7b0313f4 |
| SHA256 | e534c18a65a90a27d804346dc525466abd8dfc56d8bd4bad774eeca1767c9b95 |
| SHA512 | a6ea562b812d65736f3585abd46130fc51eb79fbc3703a0d8082b497b63a2f52a5271f7a0a5d6c0fa3d223a7ed73deeede4000a62f7fd384f00c3d0194d7330a |
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/93d20fb7-1395-4d3c-a000-4f2927720c21.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | d99bb688654b1a9f3eb5dbe8c3c79bbf |
| SHA1 | 2aa7a9c9a91e5b21d301bac6889dcd8f83105e05 |
| SHA256 | dcf05508c6457c14d3c0cd5b4000bc0750480791ccbefb097ec5f915187ced45 |
| SHA512 | 482a3e5dd2b1e0829cb6545af77130c450cd353198ee955114b96f0cfd4ac4a66b6470b17f5492b2be95781ec11b23291ed3f85372d4c4ec5dbccfb5cfd12ca2 |
/data/data/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/0a4c9669-011f-457c-9360-7c0119b00230.jobs
| MD5 | ac58f99a1b179d71e8621412ad31c6a1 |
| SHA1 | b51fdad95876f5615735c2ab411031ff67d5e946 |
| SHA256 | 9537553772c29c4303e606e458fd9598c14f1eee3cadfb446e241638bee3ccdb |
| SHA512 | faf45d5eb4b890216e6ad33825ffc02cbc57914628e625164f9cbdacd5962ce8ca8f473ded2f56eb4d4006fc7cafa9cff8c9f76655f17f83f38d3e89b8d7e67b |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | c825fdd5af766aaf7730aa4355064ed2 |
| SHA1 | 7be3a0977c34ce46fff69ccefee092b3b47dd45d |
| SHA256 | 246ad4f29b3196f7efa8a320964332c7086206c00b7b55bce9e7f72b32aa64c7 |
| SHA512 | ac67c12fd4368937b6efb5693fb9d9ad42e5005de8f0ae6db633aa19cb25dc6e2c6d55b07c4b0d353d3aadeb40482ca8f4ca90503b3860c34661696b45b27fcc |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | 121a6ca8a26357b3a7f75065761ca7c3 |
| SHA1 | 8ed8dead91fe48030fc927184c19f6f8de2124fa |
| SHA256 | 3a42ed9b88cbc5567d99f3b95ae61609461214e04eea485bb9f6be9a698bc5ac |
| SHA512 | 7df4d2bf4f71f838f745419ac7d73d756e436cd84a0228ee8c353f550d947ee871e37108c59530a07b534ad2b6143b9826b40c4ce6015100be6c9a09644b2ea4 |
/data/data/ir.iut.moraba/databases/cheshdb
| MD5 | 4e4aa949c28abf1e3ff617bc46ecdc47 |
| SHA1 | 9174880f91c420fa3b61b967cd49ca02871275d4 |
| SHA256 | 4705858c03fca78d18fbf593261d2134176cd338883e9abd223b353255ebeb1d |
| SHA512 | 8749fa75d3ed4e1fdd0ba91538c94bb57d712ca7bf292f41c303b111fb18b22042c4ec88bdb6da80f4a6f4316c6cacb646679f48e5bc80823ef3d1a971e365fe |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | 56b6f5b4b81c7a29865cbf809bd4d442 |
| SHA1 | c03f2f9a360d3f1db12d95ab0d4da42ee9ccbdb4 |
| SHA256 | 244c45d6f59ca44b9a050155339a69333eecb7c55d3d4311dc260f7f737e0632 |
| SHA512 | 5a054e547192838fce1d6f5ed069fa1d04dc4003911a0867078404d8eb49c8ccd9480b6e85aa7949f661ff09d58abc239f8e3a8ba2977adcf7ec883ebc6a3bb7 |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | 9488a01e58426ccd06c71d3e0490f1b5 |
| SHA1 | 6289a987cb2323c19fe7e56b76bbd59c351b4372 |
| SHA256 | 1a8b99f6ba5ae636ed98b2431566d366aad81f9a0161f90425f7cdbd7092c7df |
| SHA512 | e0225884fc517e56d4a9af0e08da5bcb3e241a633949e298a0a1e67cb98a0464cdf4b4615ff372b1ff137e6049f916ef70bb89d0a282753d36458553755d6f9a |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | 9f775091917b0b4a1a5030fc14f03287 |
| SHA1 | e7711050205a8c91f44b1c0f6d5712197011365c |
| SHA256 | c1791c5bfa02f38ef1e6ac8e8e16170290b6a59664a9cff9cde5c3597bb732c9 |
| SHA512 | 962288a7b9551c566403d1384fce6ea8d19f3cae763b8d3e6c407c38a0955a1627c79af4c8324dcf1eabaeecdc0263ce20112265cc4f19c467781cbf0187a4f3 |
/data/data/ir.iut.moraba/databases/db_default_job_manager-journal
| MD5 | 3c4ea129ac1a150dcff3fad7dcf13fda |
| SHA1 | 4c30b7940f2060357e77bbd9e4bd05948fb22357 |
| SHA256 | 43ceffd3c1cc20213fb9bb0d555a5d6227150e52163e7222c97ab941b28a5b37 |
| SHA512 | f3d001085729cce49eb2472d19e8f5944d704309dff487f870e52b1b3d4a19a117e8af8692fc97aa10638add0cd328f9b4b77bfda9c60e65aede3f633aa7e008 |
/data/data/ir.iut.moraba/databases/cheshdb-journal
| MD5 | aa5b463d70a9cf9ceec0dd0008bcbaac |
| SHA1 | 6261a5fe2ee494badef03298322cb3c12fec10c5 |
| SHA256 | 1bcbf57ae988c979b681c14bbecdd1be54e92ece7c4dc8d8fe080612de933787 |
| SHA512 | 17ef13082aaff367d8877a1812c4125ca06b07ce13054031fb72f4d28be6150b0ad32d38b12a18a34f4d00710542a9abd55a7fbbee3a1efde3f0895ebb946ab9 |
Analysis: behavioral3
Detonation Overview
Submitted
2023-12-23 18:48
Reported
2023-12-24 07:30
Platform
android-x64-arm64-20231215-en
Max time kernel
2595849s
Max time network
159s
Command Line
Signatures
Processes
ir.iut.moraba
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.200.42:443 | udp | |
| GB | 172.217.169.78:443 | udp | |
| GB | 172.217.16.238:443 | tcp | |
| GB | 172.217.16.238:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.200.40:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | sdk.cheshmak.me | udp |
| US | 199.59.243.225:443 | sdk.cheshmak.me | tcp |
| GB | 142.250.179.228:443 | tcp | |
| GB | 142.250.179.228:443 | tcp |
Files
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal
| MD5 | 6ba2cc2237d1738967be554841956420 |
| SHA1 | d7efc15d1fa02418639fb109f9785e737c930ac4 |
| SHA256 | 7d10797f81c9c653de9843b7e4174c6f3be782704b3cf3d3626666962ef96870 |
| SHA512 | f5414d42c0cb98d501cacafede2d61442977812b116df6e2a6170846c3549c89884b31a42343a529711df1022b4bd0f24ed301971a36b5c62e14176ee6c1e157 |
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db
| MD5 | f41f531c07d4141546a531ff9caffdcd |
| SHA1 | 9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5 |
| SHA256 | bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646 |
| SHA512 | e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4 |
/data/user/0/ir.iut.moraba/databases/__pushe_base_lib_db-journal
| MD5 | 2debdb4d21fba74ce71bed502fdbc89b |
| SHA1 | 3ce469c2f2d0ea697659d76db1accc1f07fc9e41 |
| SHA256 | 18c6b4c8a1e0b48c18baae2e68f7d2b254444b0fbde00dbffe3b2a439925c8b6 |
| SHA512 | 771bf46305a317b6767eef0a65c007ae2a6774cd93ff9df8b7843643c0195ccf35067ab8845353e835b6649f7da69d6bedd24bac1ea3036ed0fec5f67be29505 |
/data/user/0/ir.iut.moraba/databases/cheshdb-journal
| MD5 | d5a91a3c482b98e8aea43adf6dfb25fb |
| SHA1 | 67770c8bf60a3b67dd31901a0af5b0126e00926c |
| SHA256 | 4869f7ab7f65ec46ddc04750784330764c10f64b13d5bbc6579fbcf57e614090 |
| SHA512 | f6a8191bef87cefaae1d8553dc35fd55ac5f3e12be53cf5fd72f153009e24c40e95fde289bb952a778e4851658e2882d3bd3b606cb56b8b485ff627d2e3356a4 |
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/b1f6bac5-f518-4409-a8eb-619ae2a437ed.jobs
| MD5 | 3be9523daf3a87c5046ffc1a9645e1f9 |
| SHA1 | ebad5ddab510a67087961254ee5e038fdaa1da12 |
| SHA256 | ec13ede392ec3beb457444a95a35f5ba8ff217cc678ac5293d8a3cbd5d4cca7c |
| SHA512 | 0f1ba488ea0ae7ef39dee462a98681cd6828160c44a77df30b773125b4bf660b286a26a2516131ae9de482c5ebef24136e183d40adb3a461fcac823f19e0c510 |
/data/user/0/ir.iut.moraba/databases/cheshdb
| MD5 | d2794beed8bcb6361ed96b5eca6e1877 |
| SHA1 | 1a7ebeb91cb303bef530bdb839eb40bad3a422e3 |
| SHA256 | 4e9bc441621c8c017c2162facfaea34114115069d71010ac6bb28620daecd1a6 |
| SHA512 | cd2788bb5d56ec134d185b324d2e56518d2e115f4d402417c136ff71896619941fb41fe8db88e4a4eeffeaeac81bb3a82be1e75bcf74df71ace53e6a6ba4f91b |
/data/user/0/ir.iut.moraba/app_com_birbit_jobqueue_jobs/files_jobs_default_job_manager/98cb4460-dcf5-4177-98fb-41bd399509c1.jobs
| MD5 | f56f328eea1d5c96a1b96dbbf59488df |
| SHA1 | 440c784cacff61932e2f61580b7cfdc3a4943c95 |
| SHA256 | 90949c83a3d90fc0128f0d5df662aef3699971ce9e63ab067382f970cbab8918 |
| SHA512 | 36e370cf16dac8b173fa182960789974d4087a7b607042000118ce518db8f1eaf93cf4f3be42c1c26ab53e87ff54da33b4c57a3a15e5cd47f2c2b66efe8b3edb |
/data/user/0/ir.iut.moraba/databases/cheshdb-journal
| MD5 | 33554ea7651ca01d8aaaff6b8b0acd26 |
| SHA1 | 1b67e260e7684391527205484ad14b1229cc9a0b |
| SHA256 | 7fe0fe40ee23fd3fb0a5aac5b138b10ae5944dfc50edbc854fd705f2d1fd939e |
| SHA512 | a7ad1c9445371c5bb229eb5bcd3c06629e4946264dc1ac2699fbbe9ef0c0988db0e95647e01bbf235b018a65447763dbeb5d1363072ebc7b484be8edb731d0ed |
/data/user/0/ir.iut.moraba/databases/cheshdb
| MD5 | f24b9571a4e250cea44a8ab3662728be |
| SHA1 | e454274367059bf367eb0d7a3f6bdfeeac8a431e |
| SHA256 | fae99a2c1a676aa3d1e8cdd7377cc2c16441bdb0edf284e07969755883e13b42 |
| SHA512 | 227b21dcac3a0ec7fe8f78a248eb7fa8835005bb1f27087a314054d9776b2b2cafc3310661402e039e85554816c264b2fdbac7d663349310f31468ae4b2e611e |
/data/user/0/ir.iut.moraba/databases/evernote_jobs.db-journal
| MD5 | 94d05750fbcd20ff4be8699afa7ffda0 |
| SHA1 | 2b2548229159726f5a00404198c0ad82361ce5cd |
| SHA256 | 12a40f03ab8015825906ddcf888badb295a25f8dfb798d3e71a8bbca17b12ab1 |
| SHA512 | d2db839cd31e311dfc323e2fdfe326a004b8a9115f58f1128f44c56e80f11ea5a6568f2aa92af4c54538e76463b781bf96fb98c497e7b86669b322c211074abd |
/data/user/0/ir.iut.moraba/databases/evernote_jobs.db
| MD5 | 171aedf968e17a2744d2585715606cb9 |
| SHA1 | bbeddeb3b89fcf809619c35b4a318a80e7d5b029 |
| SHA256 | d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e |
| SHA512 | 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b |
/data/user/0/ir.iut.moraba/databases/evernote_jobs.db-journal
| MD5 | bb13a743f4480a62d3fe55b2f07f1775 |
| SHA1 | f6cdfc2f8aadbe1c1c6d3f6f0298a41ecc3b1b66 |
| SHA256 | f9496611bbe8e43ecf2fab03aa7c0f38cc49ffe55ebeefc696c3b931b56b6e9d |
| SHA512 | 1640355ed22ad490f17b0ffa3b0a54afc6e9b913719b2d0cfcf242355d65a5ccbfb14d56c824f4c0eac17dd811104073dabdad5c1a4f9bfbe82286e31be18757 |
/data/user/0/ir.iut.moraba/databases/evernote_jobs.db-journal
| MD5 | d4ef5b84906396ce2ca1390ff4a93ed6 |
| SHA1 | 583a2d94bbef3b290cdab97f8b8f0806df6e42f2 |
| SHA256 | 5a9fa158a72718ce789511eaa98be25aba900f953a2e8d2e19a5fe4e4ec68646 |
| SHA512 | ee61978362f8e42f11cce7c0c7676e0d4ba870c7b5a848989c10678ae2550949980cd74d2f98562dd26f1f324f55e22dfe231f9783637d980a109e4ec83cea38 |
/data/user/0/ir.iut.moraba/databases/cheshdb
| MD5 | c8e0579b4a0e5735de637cc8264053f6 |
| SHA1 | 0998c3e0a48865735380ceefcac4a8b2cb04af77 |
| SHA256 | 5abf5ced2bc3b348560fa37296dfbfe4edcbd04d26ad52b4f17c222f7275440b |
| SHA512 | 7e496826d631b897ce428ce948038d31272d6ed7afc953c0132deb8ab94b6651aad9813ca07e900666721b127ae6f9434fbcf80708d9f8fd995415267608534f |