Malware Analysis Report

2025-01-19 06:33

Sample ID 231223-zqa9ysbah8
Target 8fd7c3d15717d332fbcfcc655afb89cfcaad2f1e09cbe3d726b1ec47c5278db5
SHA256 8fd7c3d15717d332fbcfcc655afb89cfcaad2f1e09cbe3d726b1ec47c5278db5
Tags
irata
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

8fd7c3d15717d332fbcfcc655afb89cfcaad2f1e09cbe3d726b1ec47c5278db5

Threat Level: Known bad

The file 8fd7c3d15717d332fbcfcc655afb89cfcaad2f1e09cbe3d726b1ec47c5278db5 was found to be: Known bad.

Malicious Activity Summary

irata

Irata family

Irata payload

Requests cell location

Requests cell location

Acquires the wake lock

Reads information about phone network operator.

Requests dangerous framework permissions

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-23 20:54

Signatures

Irata family

irata

Irata payload

Description Indicator Process Target
N/A N/A N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-23 20:54

Reported

2023-12-24 23:20

Platform

android-x64-arm64-20231215-en

Max time kernel

2652877s

Max time network

139s

Command Line

ir.askar.cake

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Processes

ir.askar.cake

Network

Country Destination Domain Proto
FR 216.58.204.74:443 udp
N/A 224.0.0.251:5353 udp
GB 142.250.200.14:443 udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.40:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 srv.magnetadservices.com udp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
US 1.1.1.1:53 server.magnet.ir udp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
BE 66.102.1.188:5228 tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 172.217.169.68:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp

Files

/data/user/0/ir.askar.cake/files/unsent_requests

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/user/0/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 b6737c7c4206751113c0372d5d328c25
SHA1 8dbdeb279a92d912afddd0f97b82d0b90f559be6
SHA256 99109df3979f5d186210666a0e47751b0cea620491aed69acd774b833d57939e
SHA512 57985fc94577dc71ef5a7057d25b82877ead9aefd71ec1854fadef7f21fa8116b0bd970467d66f0ba4ccd7f61273fe410e999787e774d812457b7a74da5f749f

/data/user/0/ir.askar.cake/databases/evernote_jobs.db

MD5 171aedf968e17a2744d2585715606cb9
SHA1 bbeddeb3b89fcf809619c35b4a318a80e7d5b029
SHA256 d2ab452d9360848f46af866b870b5c6fc98230b09c72b89cb1a4b2778586678e
SHA512 78a0f517ee3d21c153dda6dbfec4187ebaee9d520d7b1b63f358bcb125d08aea53f26943907a56fdeba40161d9fc7e4fd63f9ae3154dd2ad887ba0162738285b

/data/user/0/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 107092db72625ebf5e8d57accef3f8a8
SHA1 6d09bedf454a6491c1215900ab68ed9dfa8caca0
SHA256 a39e5c173d7efcca09e2554388237a82437aa31478b0823e5162082ce667489a
SHA512 bfd13556983b3c81cfeedda2f5229ea6a91640a5834d68361463099ca97c7f05a0582a9ba5b5173bab78aa633a55b828c6a8b15f9effc9d9c5e31e74e9b158ce

/data/user/0/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 ceee5ef58861eafae5fe2affb96c5b7b
SHA1 1d5c56171af4936a2f5e2e306821cf32270d9e74
SHA256 3d427656871e5cd0d6f309b0aebda751ef3ebb00c175d56b269484e8cf937cdc
SHA512 2a87a7e3956cb2d3c37b41047090810524b78cc1941e7eefcbd6cd0b6cbc40141a676bc10179c737806580c310644a1b26d52f716ef284a7bd244ba79198680d

/data/user/0/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 650ca50b0abdd617b7040bfa832c173f
SHA1 a71efe25f42b78f82d696823c02bd651c3a45b69
SHA256 8f84b72d2bda4a55405657efa7c1b2b489eaaf3f809b929b235594d94db7ec21
SHA512 44d2ab7b0da034d02afdbd651d22e7c32d3f123e0afd4294419d41e2d12d279a0777feaf4a6d66ebac56e0c7453eb2af010d3a80e8b95df89b20bea4e1b14c75

/data/user/0/ir.askar.cake/databases/evernote_jobs.db

MD5 5d26b6ab509d6c20280782f8ce2c707d
SHA1 ef7bae00a8fd792c7721b2bc0fd2564afc1e935d
SHA256 4a9a2b7a57e04ba957c1ad8721a9ad3e382731cee18544acfe93ae0410fb118d
SHA512 b2a68b44fe131cfb515144f148c56bd31ac80056de8d3141a727940f7c76248951d9e048e66d11f41222806460d05122346124641c26cf3f4cef8c77718db5d8

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 73c224cb54ce96d87e72f4d9e54f91f6
SHA1 ba85800cc842ccc6d7183a350e0971dc0fa209f9
SHA256 e98bda941023d6d82df0ae000b51038eeaf818cac809a54d69f7c65cc9dbb12d
SHA512 12b8f9938432ddbdeb7a88949586351a735ea22177c40fbcceecc15784954fd0888eaa52251973af6e7444352a70f8fd8110dfb1edad444e6c7402ce9eef29da

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db

MD5 f41f531c07d4141546a531ff9caffdcd
SHA1 9dcac5aed06972d0ff6bd4cc1f1cdff85b36d3f5
SHA256 bb8dee5b5c3779f175abbd142722eb0022b98d374783aa80145b34614a4de646
SHA512 e0c8d1a820cb4c098e45776e8b50ea8c83944ef2e3f005cb0acbfc07688974d370f78100ae022f62564fc4c12acfdc43b710c18ca1c30f4f575bc08b9b12d2d4

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 1298db8307bcfc5b985a38b2c45f6efc
SHA1 e97cc9bd5c2c45e85afc85dbb033ccac55428dc8
SHA256 5ee8a524a9a346f4a0452c44c1c5fce972bd9da73ffc241a0cd1e662b77452cf
SHA512 269384664df8598db59f8b77d22e35f8da332a48f73b9391159866665457b9c764cca3d08990955b768ebedc883269f6cd21f2c30b4e6f525226e351646cf13f

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 5a46046b1bdafd05b045e9b85510c242
SHA1 caba791b532a191651224b046cbdc097dabeb7a6
SHA256 554b89f32d731d54c3b2e3166f0f94b48bf157dffad11a0f322ea81553c42f75
SHA512 79f289fde0e4f1c84ed577139f72b29cc6bcb716168e95c6c9b5dcf3c42654defb893039af0316c163767d6262dfb1ef227a64e3a6724dba389c927e25420333

/data/user/0/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 a134b4483fa522a9aac94cc3b2b9201c
SHA1 a43ace91811f6a09992195e2380077bfb5c61b5c
SHA256 46ff98b67745a9107697dc7e9b5f65ff4aa839c61733ab01a417f30f0f667141
SHA512 204a8e9bfa3ae0564af1a3e4bdd4453f423fa84395c047317b5b144bd7e3e2fede86e22c7ae75008a422005bcf41f8b7ebba2ce15f4f3bc3a024302a90583a2a

/data/user/0/ir.askar.cake/databases/evernote_jobs.db

MD5 3914b4eee44c78b7752610c6e2a43372
SHA1 3c9de888200aa3a1ce0e3a722ead4bf0152fae1d
SHA256 3b3d8859ae5e75c163673bdf215e46c674d969948b18588439a4357f7f227d34
SHA512 c1776f1d907a20303253252a8f6a33e5072f34720e71577eb82a842cd1e028de94375c5e3bed2dc3b70a6c3047c169c2cd49ad61733d66b6b2b2a81905f1086d

/data/user/0/ir.askar.cake/databases/evernote_jobs.db

MD5 36db17a4818e374610dc15a4e6348094
SHA1 d3f6b961781651018f0d39a1d5e1842d5b3ff760
SHA256 e64472519cfeb9b0bebb5e4c6c3af311f60c7dc2990c59966bf7fa854f27b6b8
SHA512 80986e4accd539dcf8212ea5ea66894d200408be05d8a7bf3a3d7d34375f117ef34bc835e696a8c8bc2ce773ce8972821854b8c142cde86b705376bd8af586aa

/data/user/0/ir.askar.cake/databases/evernote_jobs.db

MD5 659167c09facc11b0689004ea11520ac
SHA1 f07a042a48979c0619d6c85849fe6856d183a268
SHA256 31f3cf17106f6bfa3a61ab0d20ff3fa8207298d0d387d0b16b66f178929949e3
SHA512 8f99602b641270b3b04965e21d0f455ef314c1aac9c9f7652df5b7caae4d45469868c068f593767d1b18e83b4b8a792b7357e78d4ff836f09e142f09158621e7

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 a769d6547c9a0df235d69d59c75c1973
SHA1 4d870172cdca8b2f07f09ef6fe49a0426b3c6196
SHA256 7b9169d5cbe993bdd46014ed99221d80b1542bfc56a632304ad25342d5b64b7f
SHA512 8b137b27b9c5de45ad2d1bfb455518c5d7cb7e32152b4e312c2afa50c70d50ad2a234bd6c642d119bb3bc38322c2b204697559413cf59615f425261172aa5d9d

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 3573f042ecc7445967ed47a59ade5782
SHA1 d7bca26f49fb92b2b305c3da646fe334dd2bef58
SHA256 a4d48bab2d1f452cd9dbbf50bc6bd31033ede348245d1751d1ca9f28ed66c71a
SHA512 e1fce5b18fcd340e6de5c834ec738f5e87dda54ebc1295ff6a82dd172a2328493d674060d76d53ba5548ee396c3a5d702bbcfc398c4ffc1f40c2980a91f1b094

/data/user/0/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 03cccf9a163a0993fe27490708a99c0c
SHA1 de1ad8bcc2cb1aa1f877e7f07cf4319874ef60fe
SHA256 f4b1b64d07b20f04f260c9395e6ae1f591aa086271c92bc956b1770d9855370a
SHA512 e37a8a0cb15fe76b8aa7e0c4b8c5d18dd72352af024ad0ff65c64e483fb9968a5763334c50fe84f4705eeca29028f93ff2f0f5c9a1cf131edcb157a92915aaed

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-23 20:54

Reported

2023-12-26 08:07

Platform

android-x86-arm-20231215-en

Max time kernel

2770923s

Max time network

157s

Command Line

ir.askar.cake

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Processes

ir.askar.cake

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 142.250.200.42:443 semanticlocation-pa.googleapis.com tcp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 srv.magnetadservices.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 srv.magnetadservices.com udp
US 1.1.1.1:53 srv.magnetadservices.com udp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
US 1.1.1.1:53 server.magnet.ir udp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
US 142.251.168.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 tcp
GB 172.217.169.4:443 www.google.com tcp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
US 1.1.1.1:53 server.magnet.ir udp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
GB 142.250.187.234:443 semanticlocation-pa.googleapis.com tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 1.1.1.1:53 www.google.com udp
US 162.243.147.245:80 ip.pushe.co tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 1.1.1.1:53 ewucbgyzadcaxf udp
US 1.1.1.1:53 khcpcozzsksdlye udp
US 1.1.1.1:53 aazkipcvrcrucia udp
US 162.243.147.245:80 ip.pushe.co tcp

Files

/data/data/ir.askar.cake/files/unsent_requests

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 1e5f47c095954c0f11b22f501d91de32
SHA1 04b4045ae0483d1ee1091128cb39128da6c507a6
SHA256 302212123fbd03270b16965661d733020e0de84732b95f2b56138a8c3f61d1e6
SHA512 1d9015cd689249e3a4f137170d0ef1bc42d23128c2361b992c0724a82cae1d6794b4b2031479db0dbef086b743cfc1b18323b72a700ed2cf934a8bff9c70773a

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 978fdf85b8448e3a7c9015e51477eb49
SHA1 793bb88398dc9457935a4416638d5ed3974baf19
SHA256 8f72919eebbe45ed6d33b7b763d7e45d76a880128aee9aa5c29d28ab79689a92
SHA512 852b2d3e2607c96625e9bcd454c702ccec6a0f07aba3410976d6400ecd2d48ccc92d93c8ce7fcc87a622d04357bd6805a996f11d339ca7fc3eab99c0e991fe38

/data/data/ir.askar.cake/databases/evernote_jobs.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 b096a737ead0e02422d8936184a2e081
SHA1 23fd27c8a8050ba47851f8285239aba1ce42fb1f
SHA256 bcf90bb85e00059d93afc5c967bb5c6d2ac54c7f555cf5ab384d98c8eaddc582
SHA512 5e1569c1527cd370bf6dd9bb90883bee8ff9e01eecd82c3a085c2e327581ef23e1118ee7b45a023b5073e16621092911332ea2098c8aea572a1518eceff7a425

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 f926f3945467b85460cfbffd02ade474
SHA1 3ccc862be6d7a0c7bf781d0c37d12022bb27e7f7
SHA256 de61b4967e14af9b239b6417f6f0a95b1a0f946b271d4459f6fb085670d4ab75
SHA512 56051e0532702a275d0cf8b5cac305198ab71c77b0cd954029d4d16df9289456610c2d7d13202452200a738c18ca542bc560455b362bf6488eeca908a248418f

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 dd80a1e16595f48304807b969b80470b
SHA1 5812ce2bd03b63bc71252a6a0739403a5ae36f3e
SHA256 af9adf38951d882ee9d11195dc94961740adff7d7aae5adc28ab82914653a4f1
SHA512 3ad309c97a5f2e75d035e1416224b3ccaa9f027a803bfec5eb5e70811e1d5c59a655fc4661d6606624aae7da7f3539e3a6a7c8c3e93f587ed72dd667b89a5d71

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 899d6fcee557844d3f2c85822bb4d8c1
SHA1 7e5fffd4169af65206dc8404938f58b6b50d5323
SHA256 33658de0bfb780eeed4bb454c19bb867dd0882968f60cc77b1f2e83ae821c4f1
SHA512 1a8d02224eca65d491f689df1a55b5f7f8b1136a5b68cc5108f5fc75fd373a63b50482dbb36a063a5b68fbfd04453d5119557d0b8344d37051bd78e1a7f99895

/data/data/ir.askar.cake/databases/__pushe_base_lib_db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-wal

MD5 8e1700892dc6a0ad68e31a43a6928551
SHA1 318df2e4f97592f789835366a7dca84b78dd275d
SHA256 146215c74d3316156e2e9a2df810fd361da381685cb23efb12a5067b5bbd19bc
SHA512 0a30082fd5893f05dd5d76269320a9d1b03c4dd8729f9e897567baef0c921b985c4491014b5f705c0f75f9335422fb706d9299964308538b7420da58e6d5db02

/data/data/ir.askar.cake/files/db.db

MD5 348c4ddff34bcbf8ed2194e2c4992747
SHA1 c781f34c23bccbada8c05b4d26d1b30002a45502
SHA256 a72fcbf49135ef4647e79ce7f3a63fe952ddb6d3a94270f411b2a11c2b420afc
SHA512 d5231712bf1938675315c190dea7ebcc133da197608e5869cdc1fc3959485664683ce1e5bbca99ed00ec505a6cca04a84069816276c2419d64bf78669b307291

/data/data/ir.askar.cake/files/db.db-journal

MD5 c445cc9b4c1b9055e19922f69a6f2b60
SHA1 5f27a231bf2b26124467f8ec831bfcf364cb45a8
SHA256 eef134af767f697a36d6d4e60016a54da4968b8b6260b2dbbb501948d4356b67
SHA512 e8a16d91f50ee3a4305ee53c5ea9f9c1923c3f74b721c9a26be455986fdb73f85440a4b84f31e8695e662572cb2970a15b2aeabeefa07ab201c7f32b58ba504b

/data/data/ir.askar.cake/files/db.db

MD5 80b145c9e8bac452b0085a44fae4187c
SHA1 dd9e9a9ac4fc9bc5299d93e24abca8147caa78f4
SHA256 fe1992ddd23bd2f52f4583349b6c2c41a7b575f0ea9f9bcf1a3206c462e35e92
SHA512 cc96e6c924b69ab9bf9a1a9efc24b8613ecd9881add1f3d57f81aad70d4dd7161d58aec885ccfed4b4b82c4b6de0abe72597ebc9ba6bd0685c6de62cd58d2748

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 8c1248e951d1fe3ff194cad42d0bc7a4
SHA1 c352989cdf48774a0fb9ea7c4daa16c05a209ab3
SHA256 7c616ff923d7314e9986af5fd7715fc2a4b40d5f76bb91a40eb7cc0790a7a6ac
SHA512 e7c34538a2398f8091ec96aa141d80341f9754b1dee06f50550fc75ed91f4f2e7ca452458379cfb9fa777463986fb7ae0e569d19614186e4a48e3c3c73dd7bc5

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 ce6937ae1c3f804780f80b3c7703e26c
SHA1 e38765c0d5da43efb14402137833ad4bfd399aac
SHA256 9df0f05bab85f951c61383c3ad5623376434cb3134711b6aa6150a12cefc60ef
SHA512 21f6c71af52aec4d5e9d3f249a820af3b9c4bac4517169c01004d8c77d823595ff35bc99e82a902e9f4671abb5f51954fd12b5a554df79f586b906354e97ae62

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 1786fa604f978f9da16fe54617f2a4ce
SHA1 5bf24e78203b7a5dd9cde7e9a7346f4e8c278f45
SHA256 86ef144f116f495ab96afcde0d74c70fbce7364a2fd493fa2945641aa332c977
SHA512 a59bb7ba43ff5d5102e12f96d55135b39f22332275fafe7aa8eaa93963bb371883fbeda1e682916117d6bf9ac96d1b5436a45b7082faee54814c579f6aa78eb0

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 534247bf009c842c91bd0bfaccc4b12a
SHA1 c7154f0f0ff7b6f403272e8d9a6f9fcd14d2c99a
SHA256 cc6a68638ff5ff25a4e9b5c14433ab78039a084610b0738b222d04af11bf528b
SHA512 233ebf6cc7e410b4e4c13eb5866a829d927e5af53f844382fe4301617ab6ae8d92931a010a22c7b91ab5d0ec6f7f6215819929753328c2747687e53cef3c5577

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 af9b65c2f2337e5ba6131e955d635340
SHA1 0a57f8ffc377e9f6b646b1fb8f8d8213f12d766e
SHA256 e9211f3a3d11bfdcc13231642ad255970062fb012cce965d3df9ea37041c8d68
SHA512 0547c7a1b9631200f2bbb8352431db5806ff61da64881b05b1434e08b1e2af169688dda7ee14c625d8367cc64538ff5e03561be447245ef7d4985e498667e6be

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 a9a020e839251cb760d52109a2d6dd9f
SHA1 86565340eb49443aa9981f7abd7e513accb6736c
SHA256 29a55e03f0e18eaecb1b7e9e14bc4e0b4bb04e309a46fbc868f1eae526a5f12d
SHA512 026fb02d8e8ff26e40d9a2dcbc908935a6d6b867d6e6bde4bad266bcc7db09f7e0ef724d1e9bc2b0e76b07561ff3364abd6e47f7aa7142666f3b1ccc53d51e66

/data/data/ir.askar.cake/databases/evernote_jobs.db-wal

MD5 0f278153b1941c0234a76a97d94e5702
SHA1 47438c07394d9bdd81ddbc8c4ef8e2b0e2f25976
SHA256 ccd8609ee225aaa76ef9eea50b52c60ed7f9a9c2a5eaa0c27c2d4618ec6dfa05
SHA512 cd74f38e9eafdae9e10bbdf4f4e5c0b0af2f5a85af128efd297c0b85eca950687841bdda27cf445594d4d1896feb2bfbe468d870e5b605d1e87f139ca6e96673

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 74ac17778840c49f10e1ea6d7be2e290
SHA1 42c430b3a75a2e061adb83a5c16c6bdce487a645
SHA256 5c5c23e931e6ad54a5ea20790b05877a9fd0d246270ff9069a961094a6cee953
SHA512 5cf281c9b76c67693a01138c1dc7e60a6bed727223c452a1269cce9b968604c770e396f54c3b8dd0dc5f5d0c531c9e0b4befb45bf8dd2edb2c703b3de58e1cf8

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-23 20:54

Reported

2023-12-24 23:20

Platform

android-x64-20231215-en

Max time kernel

2652877s

Max time network

147s

Command Line

ir.askar.cake

Signatures

Requests cell location

Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getAllCellInfo N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getCellLocation N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Reads information about phone network operator.

Processes

ir.askar.cake

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.213.14:443 android.apis.google.com tcp
US 1.1.1.1:53 srv.magnetadservices.com udp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
IR 178.216.250.25:80 srv.magnetadservices.com tcp
US 1.1.1.1:53 server.magnet.ir udp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
IR 178.216.250.25:443 server.magnet.ir tcp
BE 64.233.167.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
FR 216.58.204.68:443 www.google.com tcp
US 1.1.1.1:53 ip.pushe.co udp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
US 162.243.147.245:80 ip.pushe.co tcp
FR 216.58.201.100:443 tcp
FR 216.58.201.100:443 tcp
FR 216.58.204.68:443 www.google.com tcp
GB 172.217.169.46:443 tcp
GB 142.250.200.2:443 tcp

Files

/data/data/ir.askar.cake/files/unsent_requests

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 19111108dc95106b7f6de5bd1689d565
SHA1 b0ed8151f23514713393c6d43570ca9c11c079a0
SHA256 d6b060f1c40a8593bb7fd806f41d19d52e3697af822a5b0b6966208d9bbd04fa
SHA512 15ca2ab6b5ada7876b8ad7ee5744497c285c9c4ca8aa45bfecc7dae243af55d7c0a07df3bf39c830a4b48dedf9ce5984504c9cd6d49e209da9d2968b2e8ee631

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 00e829076f54c72b50b63fd6de296a03
SHA1 fbeb1b8be863931f98a7c29224a03b89f9616ab2
SHA256 c479f839c0bc15e9a9749cb5a5a3eef4e09c0163160073477f72fa78b2e300df
SHA512 1c6b0bfe980050072927f8d407ca86353098d03502f7194f141d43c045a3f35103261811281f023262f4823a4fd70659d6802b76e126e991120dc14cdf74bbcc

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 c6ea224c034b5983f42a72f2e62aa3a0
SHA1 d87b1a4cc21bfe2f3a541fb53551bc8988063ed7
SHA256 51fa632f1e2a17f827fe9d927806d9cc968f7b5326fc7658a37e1e56295b9df8
SHA512 5bd6d782431388b2a24bcc1f38e3e6a5fbb09f95c4cf14eb03ec914ef0ea32905185b8700f460c8aa44789be40c1f8d09942b9ce82617eb0a374905b3283d951

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 3037bae6728fd218a5985fe87b46ceda
SHA1 56871d6e7c5daf9d64c078fcd806cde728942159
SHA256 db7df47688f9bd2fc19d61f9f879863eb15bd55e5e14f415dfcf38b637fdb900
SHA512 bdd9fd9100589b0353f287f7f3316d3fb6e08a3232b59af94eae7836a855bf2ee9394a01315f124835b6262fd806092661840eace1661b37706c7d3846c7d169

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 9137b134da5dc7d3deedcfa71e80d228
SHA1 bd5b22f3af66ec6691b4991b7afc2f5b46003d3c
SHA256 d8fc573a1dc08639458876cb3a35acf49c02c16866dcaa1bbad248e9a9b60938
SHA512 c9d938aa002fe7422585526dee77ebf3f6d098009ad43a5816db1625312884d76335123a993fa118875e541f218a8253a6ffe590f1b5553f1074df5db86e4428

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 8b1713cbf810a704eedb019c70ce498f
SHA1 9e12dc5b6f95db98c91e6784803411c14f90b7d8
SHA256 b1fa586fed0e01c81d8bbd860291b4690cec16a8c152dc3a919452388a4b367e
SHA512 95b504b0caf4c6733db7f2edfdc5a6df13ec228cd3fe7b2aac7be2f4d28c1e7651a7adcdbe0e723a10c43c4b17186c08678953275074ebc5be1b511ac8f82409

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 6b4016253b170ef4392721f9e708d6ba
SHA1 4dc78843fbf5c4cb6a8d2285bdda1c358334446d
SHA256 4c0cd0934c069511e0d4fa09e2c80dc14661038f1349625b8ace281bb3cd3a8e
SHA512 981c03dc62e0bd5426e400e569c65579196ee3963437d850e1bd09dd5c3b8e56c6565e1409501ed25d2608569b5bce9d7e41450f95e564aab8d02bd0cc654efe

/data/data/ir.askar.cake/databases/__pushe_base_lib_db

MD5 163b0e3f017becbc89b9d7f330b78f09
SHA1 1ef9cd8ac8655190468d0ccece0a4738634ab0f9
SHA256 cf01452c3b494692386f6c5faac340eb3eb894bd416391002d56645aa8a9ea36
SHA512 6a85a30d16fa58a4fbbb05d469778ee69ca79deaa74316ccb5be3ee07fdf78dde22e95db3edb1b88b18478e8747047445f85baaf9556b9a1e55d9a02a80baffd

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 d37ce6aefd1deeff6649ded0b46fcfc2
SHA1 f724c5741bdefafeb412ec106067c0e71cace625
SHA256 a90a4288bbeb511c7b7e522277fc4840445e30832448304700c10930370e69f9
SHA512 3a5fc7f1db4483db5202fe2f5bec73c333e9277d455d5ab1604fbb8019474b6ffd3e218c34c898cecf9fa380386f7065f9e64fdfa901110009a56efd3f8b7dbf

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 6d5710050317d5ff7efb6c3e5bb4cd96
SHA1 399040ebbc188ddd3b3fbd3a3fde89a8e0496c29
SHA256 1b4554fb2ef8a7be61962f572ad0a6cef402751743e8fe92c75578bd1fb995a1
SHA512 7764b3a694152818b123e6a799e6aca1e107ae13dbe65302f7a451d54d36718ad016c8dc2ab291eb06be529ce0de906de6266a7dfedb6ad7419d572539be9a67

/data/data/ir.askar.cake/files/db.db

MD5 348c4ddff34bcbf8ed2194e2c4992747
SHA1 c781f34c23bccbada8c05b4d26d1b30002a45502
SHA256 a72fcbf49135ef4647e79ce7f3a63fe952ddb6d3a94270f411b2a11c2b420afc
SHA512 d5231712bf1938675315c190dea7ebcc133da197608e5869cdc1fc3959485664683ce1e5bbca99ed00ec505a6cca04a84069816276c2419d64bf78669b307291

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 bbc79ee0f1358c3e6b48e480e71c90ef
SHA1 9ce3b35949f99be0b9a279dbf2073e0c9413d887
SHA256 26525c098bbcb34462cddc0341bf3fb65bd70bfe6097ab1030b690d78d1b3596
SHA512 fc899b6434a4fb5f408b240389ae772a200189f77c601db9577d1f10cc9d56114cef85ddefed45098b76556bd72ddc1030aa7d886c986ea965b390ea2bd9a3f8

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 5bfad5e1773c7d3acb61c08486dea65d
SHA1 4c95e976fbb8535c73057094a2071549283aae5a
SHA256 f27ebb6b87a3e09875dd458c6eb271fdbce01b1330133c24d88df0e316bf58ef
SHA512 34c2c504b7cd85e58f97c30124398a54c37633334e3dfb7d7a670971845636c9e5c91309b136de94ebaf2a21e10e648ae2aef68b8a490276567e0f590c7d8efa

/data/data/ir.askar.cake/databases/evernote_jobs.db-journal

MD5 a210bdf6a0466604b5aa2f6440270b20
SHA1 ba15efdc360cadf1eaece624f82c5d79a1a23ab2
SHA256 85ccd9c4712d23ffabe57c912c02a8efec78b1c5c3ea339f69a771f4df21012c
SHA512 5207ff3cf9ea9555fa63a7bbef6e685f2a71b1fb1b8d0ce23d2098d136e20ee7599c6ee79160023ccfdd26d8d6e0bd91eccd3c1a4912ed7241bf23b8b88c47c6

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 636a002f001ac176827fed9fbabab608
SHA1 93cbbf53b9f64b56b00714207808c3df82666801
SHA256 c804efbca75edd3822849c036d7e4c6f703edaffde76afa791e5a99dcf7ca93b
SHA512 709e0581c0af9f54a008126614d151ffbb542afd9815694daebb499ac67c405da89dc68660304378007a6c8c99cde35e06bead7ce2810de4a1527fb15df4ad79

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 0538fbba5eedba398878e466ca1df197
SHA1 93bd28d7a5460ec98873258ff5752c0352dde9a5
SHA256 148ac3000cb18ebf6c318686c11ac788138803628c0062a8d390df874d03c95e
SHA512 6ad8ad6b3ff14aff1347a3998bbeb00006ec80448dcaedbae9c059181824a354d9eacd768a0afad0def432f060a1e5af9ad24492dfbc5fe9db4238447ab7daa5

/data/data/ir.askar.cake/databases/evernote_jobs.db

MD5 1acbe0b8a460f427d43726cf9b8dbd20
SHA1 6c46ae4088d9e25bfb46aa608295e6e1841104e6
SHA256 bb109609b5a4a6885bd4357af94d5d32bd2528011f359ce6ba67f4d0ea8d296b
SHA512 bc9e246580b50b5118650013de8e1399733a36c1d23056b52ba227fddde486028eb9cd05397e9eebe427324cefd214acfc74e3db4728badeee57b116d9d1af0b

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 7aa7e433b36316ac0f39c7b4161804e0
SHA1 39c7ded76ff2ac1a97e40d049a23057faa45ff81
SHA256 9ff49394d641cf10e7242fdf417e1135717b04f425d933c39166e8fe3b54fa7d
SHA512 9d932bd411ab05c9e842a7d99cd5c50139316efab443b3687caa709e8b28a095ac21be4fa95a95838ef988c8d8efbfeb5c96586599e6cfe8e69a7f2743fe7d1a

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 bf1de51cc42c1dd280a0b1e09dae6ac1
SHA1 8be7ec59aa700add31f54b5928a34e25205028f5
SHA256 103469bf4336d2342b8e0fc38d0c22dc84f600b396a8fbe1ad71ca657211cd5f
SHA512 0d08e054aeb9a859df26a87cc5c215b48c69f600f6daf7f4380f41ea431577a954b175b57ad8b55f628207144fc0dab3d1fbcfb9bb939aba45b6b3f9ce4bf9b8

/data/data/ir.askar.cake/databases/__pushe_base_lib_db-journal

MD5 67d7f66a3c26b1ce052cd1dd171335e1
SHA1 ecf4180c5af40640dbd5583e521e396ae28293b7
SHA256 bbacca4bb9a01b9feb32b9aa725d96c9052abd1170acbd23b440f6c214459bca
SHA512 2e8859f9062fb944f8f6dec3adbd83b15cd02f017c740a2c891324eafcd2b6cd1de37d2ec19c071bdf3dcfd7f9453e89cb4aa59a05ac67fc29d46700bb86a803