7ef25c81ef6e482f29a37c398ea9d169956919d4363199a0158e01924483d348

Analysis

max time kernel
151s
max time network
162s
platform
android_x64
resource
android-33-x64-arm64-20240508.1-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240508.1-enlocale:en-usos:android-13-x64system
submitted
09/05/2024, 03:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

280feb164edc0b0a72c92299e088654e_JaffaCakes118.apk
Size

26.9MB
MD5

280feb164edc0b0a72c92299e088654e
SHA1

c306e23752c771cfcaa50af3114525a0434990f7
SHA256

7ef25c81ef6e482f29a37c398ea9d169956919d4363199a0158e01924483d348
SHA512

1e77759ff694c22c90300591f4273aa7e289f17e61071e8333dffdfee16adea442ee224f8e83bb1e06cdc0d05b2afda4ba99a0866806ed8f7a79aa4f518af1d0
SSDEEP

786432:RIiPu6krOkszHXTHq/1X2falLQXh+JPABbAh3aQDZ9yF3:uwpkafHXTHoX2SFMh+JUbA5PyF3

Score

7^/10

discovery evasion impact persistence

Malware Config

Signatures

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.jcl.yuesheng

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.jcl.yuesheng:channel
File opened for read	/proc/meminfo	com.jcl.yuesheng:QALSERVICE

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	com.jcl.yuesheng:QALSERVICE

Queries information about running processes on the device 1 TTPs 3 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jcl.yuesheng:QALSERVICE
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jcl.yuesheng:channel
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.jcl.yuesheng

Checks if the internet connection is available 1 TTPs 3 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jcl.yuesheng:QALSERVICE
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jcl.yuesheng:channel
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.jcl.yuesheng

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 3 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.jcl.yuesheng:QALSERVICE
Framework API call	javax.crypto.Cipher.doFinal	com.jcl.yuesheng:channel
Framework API call	javax.crypto.Cipher.doFinal	com.jcl.yuesheng

com.jcl.yuesheng
1⤵
- Checks CPU information
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4222

com.jcl.yuesheng:QALSERVICE
1⤵
- Checks memory information
- Makes use of the framework's foreground persistence service
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4352

com.jcl.yuesheng:channel
1⤵
- Checks memory information
- Queries information about running processes on the device
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4651

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Foreground Persistence

T1541

Privilege Escalation

Defense Evasion

Foreground Persistence

T1541

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.jcl.yuesheng/databases/cc/cc.db

Filesize
36KB

MD5
b986a138e325f9ed31653e246087baa6

SHA1
1cda06c101efbf7c89305f44b552e38282225064

SHA256
6945d75275af161fa082eab8b348f4cdccbab03854963f5e861fde210447e058

SHA512
5894180006885af44962dcd92c6f33a640d6080060a51a38ee4e348ee2dafe9abdcf2a931cfad4c395ebe20e08b96f810ca54b5b1f584fa232cdabc76be0740d

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db

Filesize
36KB

MD5
1b77217d803a7c04af9466680b92d104

SHA1
0cb959f4773c6730e8aed5746706c0f3ecb35c1f

SHA256
66c83ae35e997c33eaffe9c0557d98ee31931c18b99585a64eb6cc8f63d303e3

SHA512
39ea189895ca93855bb71b4a5447815e9373ffd39b50611ac172ae321ee7716fd4af5f86c1fd0d17e12b771f4016a86184620a7c5d07f57b88f017c4ce8312ec

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
512B

MD5
4c1c6e989bdb0f389ac014eb76072b9e

SHA1
9773ddfdd0500a81a650477be5a6cb2ae70639c9

SHA256
d6c81c357a107d52a2fb93ebf2c4a0c8173c7353b45ff5bb2e60686a4491e8f6

SHA512
b8e6e75db649e86aea608af7b298043e534a66fb1caaeeaf0a492e79c2778b9c1563026e90c1bc576dc7f8e932c4a94f43275180b8272e19786c46bc0801dd8f

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
8KB

MD5
5c068ee470dfb79df885dcbed42e2358

SHA1
99db6f52e0f2348327593aaddf68eb258ef22a85

SHA256
88c9978e8c683395f3339cae3b816eb3f82b27a1fca0063d359b38188922b390

SHA512
9e7612d63c9710d6aeb8edc3099bfd54f74475e10cce373e888b53a6ea7e4ae7b54d7ad76ec7c4fcc055e2f8e839d3a7e95770b9044c0ee990624d27663f93d2

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
8KB

MD5
49fd6c2b3256e743781f1b606b2fd31a

SHA1
0168956cb6e2125c5427ea2303576786c75eb444

SHA256
47972c57761bd465c4e96ea5fd657867a01d4223f61b9905901c355a518d6743

SHA512
501b83b2463678c3c28280c6b513f15f11d8c7c5a747e7b1a282b9a22301af6528d8e3d4fd890ee78e88148bcd285aa33e90fa68e393c48a8cf384f42c8b1e32

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
8KB

MD5
d144ae205e99c756b101047c45fcc32e

SHA1
966e3ad25f7d952b65c8e85ab6e7b24b37571074

SHA256
6cf9b2aaaccfac1c1863c9310a54a1111f15fee3b2b395bf314660c48d8cfa88

SHA512
611a2b3eac9bd61c96e49e0c1b2bafcef3104c3192e0fc6cbc43425e4591aaf67026b2267834fcbfae05bc6982894e073bc7516e743ca1b3a6747817f2078d47

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
8KB

MD5
c25defb65a8dd6c1a1661a60dcba71af

SHA1
a11253d35cdc6ea19da846fa7e9611b21e9fd185

SHA256
128617ed9552cd8906742b65fe484acf27010989608074ebfee8ebf1d9229077

SHA512
2cbb6c6c212a083264d12e2dc36dfa5cfcd5cf64b84bcae543b04de06740095f86e84d6209d050e39f525772e79bc3140d586477d5d325281d53f76089fb1ab9

Download Submit
/data/data/com.jcl.yuesheng/databases/cc/cc.db-journal

Filesize
12KB

MD5
db67c702bc6d0d8697e4213b2c7eca27

SHA1
026b93efc057b2c2d8e4e888162561f381e0eab2

SHA256
aef5feea7c45bdb4486db109715cf8a2335e54abb7fbb2c6264e084bf5fddf4e

SHA512
fe458d590e47cfc5ffea5346475c6b79467f693259804ba2050ba8f0c624c680e78d6fd3cbf0a85ea13e361ce585e376c4f74a21a0c5157dd821153b8b3d87ab

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db

Filesize
32KB

MD5
42896c140c0dca83c8f93803b0c06bc9

SHA1
be71d0053dd5a649d96340743464b903c14554e9

SHA256
56277fd182751d1f1792429aef3e1db1afc8972cdb4d076333b7f95c46d5c789

SHA512
ea5db83d6d04e5666545b7a6c9c81db930ba503df4b101ec94cd9e96ac053e13b576727fbf6ee2f4660c7993136dbc2d3603a866e24c8d24ceb9566725da9d19

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db

Filesize
32KB

MD5
17bb57268badc491266a2729e57b37c9

SHA1
ebcb029dd3fc1f70e210d93ab3086bbd5d39e3c5

SHA256
eda21e9bb4ad31e62a195d99b6e8e7f361411de6ae8f3049537055c8e688f837

SHA512
a4a6b7ef13c6d81777bd583c1a96fdfc735b7aae8fa67d9502807d1e150784abad3fec756af3f59a0f9086447b89ceed5fdaa726e67682915285beb6d23f2182

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db

Filesize
16KB

MD5
44ac8df885c157c72e97532b6923db2d

SHA1
38cdbf4bd0976344cecd603d73cef89cdecffcb1

SHA256
bb39ab1d55051171ffd5fa27b8c5110b8b8cd70244021c8b93b36172c3683da1

SHA512
2d32eafef49fa1307fd927843e4bf9ca89cce85c1aad80506d21c2b4ddf2ecb434eeabb46e0ed846ab01922022b50510e09c80cd3a0133f3ea3d626cda564f10

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db

Filesize
16KB

MD5
7ea1ab585a2593a0250e41150519c1d1

SHA1
283cecc7bf6c3773b7b4ba26f375a958c18d3648

SHA256
59ddd9bbabe2870dc4404b8ac1924344f33101c67d55a22c3ab31161672c47b8

SHA512
fcf4f60e7f78152eddbb2bac4738ba4b82e9fd09b4664ccb94b883ad1292b2f9ff204c10fa601df3a722c1d3d7bec8225f3a1fa3f9c560b154de7ed80d0f0735

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
512B

MD5
6fbc1b4e9b4543026fdc00bcdc8ac34e

SHA1
4eeaa0ef50cd639ccbad2d13657d2bf0b1d94cfb

SHA256
438dcd97229a897e71c6ed6defcc3c0ee3d9ae0719f2dd83569b7452c03d5556

SHA512
1391715a7390bdfe00128602f3b02cdd2fcbd3c26d1968da8c594512b42061e7fffcf6cd9493227d9aa7aa0533bc288bfa4bfa1a8c59c81ff3578639196d5db7

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
8KB

MD5
e380c6e0f116e4f5afa9171cd6863c79

SHA1
c7e06603e88e5bc423be9225afbae2d0b62677b4

SHA256
4e68d323017d33ab8f046be29bdde5a618032ca2edf08e7675f20a9b76009a70

SHA512
48838b0ebc5a5600b57516e4d79c0e6a7d22dae2b435d4c433bf13fcb44d1b625c53ef8b399d532e199694f68956b7f3ad9ddb18b60be08a3626280a4d4cca5f

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
8KB

MD5
a895aacb47f94cebb87262a1614a6908

SHA1
dbd7eccaf8282ed1824738469e35a3932d817c5a

SHA256
49a93a0dabbe0d135b8fdbdd012dcd36ec6a70a5a5d7ef560f964d8de8d5052a

SHA512
7243f5db33f3fe5fa344e1b4093783706b414a3f2b1c2478b5d5b41f197bd24b624921e20e8891f1d4b4b1c5b2bf363dc050f5407dc0f8dcdda7fcb2cd2192ab

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
16KB

MD5
d44563ff32b3055391f9da9a734c5a98

SHA1
a73012677c3d6ee39994638889b2dda28f7dd5b5

SHA256
87c21ab9889449bcbd2487f0c7299abd67c2670e73d03b5c768025da3cfdc846

SHA512
be837ad11826f7d7035feb6951fb63c61cf1d272f45fe33c855725ade280952be126d313779544aa39d93aac173056d49506836626cddec3dfa51ffe147d9414

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
12KB

MD5
7b750317125b4fcf1eece6d597cb94e6

SHA1
bf0471ae3e9ae5ec9547d8cd4f8a6daeda31f291

SHA256
91f78dc3d502517a433b6393a4c23e601bc90c9d3221c046279e6ca7ff19de5c

SHA512
c113aca1ded508adcbb83aa834532324ea300be32bc058644fbac9fb6b9ff617834ffbe41e35b96664e29cf904102b1620acb49b1addabdd02a2ebe4754c3583

Download Submit
/data/data/com.jcl.yuesheng/databases/ua.db-journal

Filesize
8KB

MD5
ed961553da84c8837cbf7333d0192c74

SHA1
7bf857eeb3a2641a3d31a39ce2f1abd2b7aa4093

SHA256
2ed87885ab010e03af88e9e6610f3a8037e0bd6b93593b26559adc595ef1aaf0

SHA512
f2867574d3b0d0f3c3e6dc0a0400474b7b899f62065bc02c69f2f970cba1be3b93103ef8078914c36034e7c57eb3837a0975a7a066192ab0435d9c56d070f978

Download Submit
/data/user/0/com.jcl.yuesheng/databases/message_accs_db

Filesize
36KB

MD5
8667c540902807cb0150ee8fec9f07c7

SHA1
1a0cc595caaee104b2209d5e3f6757f2aca8b4c0

SHA256
4cbe86bf14b5cba7e82b4c126ca2d7b4e10fb1760936c3a785dcc360863003a4

SHA512
665e0106bd09c25d061b77acf933db23d8a4ae6a2f608a41a0cc1eeaa4842605e96b60dbbda1f5fb85f0de5523a15280a593e1f1562ad8e2bface32ab5ec9c62

Download Submit
/data/user/0/com.jcl.yuesheng/databases/message_accs_db-journal

Filesize
512B

MD5
7938ad355cc236277c0c3471b8d87e70

SHA1
08f1d6487761a7caf6a85c60fe96055fe46ddd4c

SHA256
dec218cf8f317d8f742309bbe0cfbd99b65f9ba3eb9b30c12f2150ba6200d5dc

SHA512
005ecd16a2bc70facb1760a55610185adab6188c88b57fc8d7ef3239568c01009b536044836227bb80c0f218d1e3ef52607a931e388cc03c97f47b92adad88b9

Download Submit
/data/user/0/com.jcl.yuesheng/databases/message_accs_db-journal

Filesize
8KB

MD5
7cae5757b2a3492891fce3dff02fc22b

SHA1
94d5dbd2be58789c7ea8d47d470b9d4053a52599

SHA256
5123c8ae22ccd8458c994e7cfe8086989a82b85bb3c1cb55fca5dd901887be4c

SHA512
b3f06e22174274bb4a86dc0ddcf68ceb0bf9020491a3caff663433fa85ed51bed54d6543a44d58b211b2468cba0deae42c52543a17661b25d9e9f3a630db0ceb

Download Submit
/data/user/0/com.jcl.yuesheng/databases/message_accs_db-journal

Filesize
8KB

MD5
43241b88a9fd7f634b69818ab22cc2ef

SHA1
10a610b704ff297f7d2572148d44491e0809487b

SHA256
3d70e90ee83cd702ba84d1f0cb5074eee683d6d4e2b13231eb25697a751c4e9b

SHA512
33e444401ec567ba05dfdfa7f2c8408b8ea23e6842fb69eba484b7b999512625b43da96c2d96bfec4972a85456c1b72257b0f5c7c0ed5d5a52acbaaa5fc56503

Download Submit
/data/user/0/com.jcl.yuesheng/files/.um/um_cache_1715225051602.env

Filesize
1KB

MD5
90e051932c7c4575acae5ddded8ba6c3

SHA1
808701f47d20994f2c38f55f14fae89ebb902146

SHA256
bc0d42a6a13d2919876d6971fe8fe3ca820a7fa0c59c1a0633449bcc69b98411

SHA512
efbd8b68db32f26f761096bad063b870f99189bb6f489ab12159201d1f92191eda0e0012f47d8ad9afba20f1241003cae8b89bf28818943f7e3b67ef1f7e73d2

Download Submit
/data/user/0/com.jcl.yuesheng/files/.umeng/exchangeIdentity.json

Filesize
162B

MD5
f0d36a5ff42f76dc6f4697324a29197a

SHA1
f671b56a7b87a2ab48b4624e32e8c48cfbfb1fb6

SHA256
012925a06088c8476e68851849bdb4d4188b1d9f2b133e43b7bffc818c95c0ee

SHA512
ba3fa11073461a9cdc76d328567e8fd73a65ce387f5b0e089ca3e3658ab70166d41bcaad6d000c5e6214abe7af0de893a674c38313f6129b50f8556626363150

Download Submit
/data/user/0/com.jcl.yuesheng/files/exid.dat

Filesize
57B

MD5
de66ec186eb2fbf375939d398116f461

SHA1
7f843943f55c2f15611383209f704973ee2bf455

SHA256
13cd8eb55f8080417b529a2203894a2216ef03d0592e88d5c6ce23263c6cbdbf

SHA512
811e4015679a095c7cda575fac1a3e7401bf8e5fae15bf27416447e59fcdd8e9296b28fe9ad2c0cfc12f481c5bc7a6f1e77407f2e9ec7d7dccf92298c45b1c76

Download Submit
/data/user/0/com.jcl.yuesheng/files/tencent/qalsdk/imei

Filesize
54B

MD5
29705feb2b9d5b7fb210bffca9a320ca

SHA1
1277a96f86d4f728a748b79c5a13451010d78f21

SHA256
7679bf8c47793a97e030ecb2d7b03496c1c95713d7172ff371393f646d0d4cb8

SHA512
d9c82b2d4b7ebb4ba81ff81f50ea621ae6428141f727228c4365f52ec3ebd4e44eb02adb6aeba2b14431496f3579e8d6b60f39490d43218ed1b4e07009526c43

Download Submit
/data/user/0/com.jcl.yuesheng/files/tls_device.dat

Filesize
372B

MD5
bf17a004d9e8d4917171b5e9e2dbc811

SHA1
822019d0e213ac60c4617ca2d7b30e233cbfbdc2

SHA256
228483c8b8fccb43edec693449aee3f6a590bc970edc0b9fa055ed021fb040dc

SHA512
0fd1ad01f44822d936c802c6dd81dccc34345444efd331e425c311c095264d62087d8b0c10e77924c70e0f5eca9ef910694485695eb3d99f47b3acfc1ab68bc6

Download Submit
/data/user/0/com.jcl.yuesheng/files/umeng_it.cache

Filesize
433B

MD5
3333345fd97bf6a37b8e49d7817e368d

SHA1
035f1306e4148c21b87ba2c9aaf9a3002b8e5a0e

SHA256
8fe6ae85c45a3f5b238198554fce0bb468a1deb3a36ef4d0b089724f5e0f3d55

SHA512
15dbb9880a7e1466d1870d7088505ee4d256be4ab50939a10220b10e88eae45f87cded195a4f20eafa7f824e666969d9123de4fe3484765f87a4992b9a562fd3

Download Submit
/data/user/0/com.jcl.yuesheng/files/wlogin_device.dat

Filesize
16B

MD5
c8c8ec0b94771c11049fdc487de7e3ce

SHA1
2dea0cdcfbe8e5dbaf06ead959493d13788096c8

SHA256
1177170a113aa23a7029ab22913c5d992a6fc34feaa829758a2750483f8729cb

SHA512
db0dadcf68908bb74763e7f5f8d7c13354b7f28286391afff98c336214c83fbaeabce3d321071a79a30bfd07c0b804c7a39539c9beacd8b0d0d373743ad6ddd9

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
20KB

MD5
558105926688c7d4f4788f6b593bcebf

SHA1
d16091461bb6ba14d9de002f0e32feeb35fda9dc

SHA256
51b2b66764ca441ef1a110abc89f5b8251be8522e0a9bda462a9375d18594616

SHA512
1e7c7947765f949be950a73be089c256b52def43f6621357548a88449ffb6cb128f99bee382cfe8c8c786c3e9ac2a907c08f38e2ff9e1e37fc9138360533b55a

Download Submit
/storage/emulated/0/.DataStorage/ContextData.xml

Filesize
8KB

MD5
c5fc0bb0f399f24d28c575f81479edeb

SHA1
cca2d9dd3a11baf5b063f3c3f439adff2fe3a299

SHA256
ccffd2d9cf9ac659d35f74e2d386715023f9ca05782546aed9ce12e1f8f442c3

SHA512
149879cd15116dce588a9f744958d9eab98d26cf64f2c789b37f7a1d36a6a739131d4e4b9d863999facff874a8ac7d0bf94f54590f06d30f0c60c89a9a263a72

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
167B

MD5
1a00d5c0d745c5b4f768b2ae20eaf2ea

SHA1
678206e46fc5b56dec900137e155d99011945332

SHA256
a3956c34406eb1d8d0de188e1363a4c2065be94f27f6564af669e38cede2abd3

SHA512
30ac2d5846484e2b53a6ce5ab72a549e21d086aa5047fa1dbe49ed1a458e13060b816d1ddad6ca44d97b45abaada58edf774b1e06e6af1894deee5478fdd01db

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
213B

MD5
68c21dd1d9f92f792bed9f079e7c07d1

SHA1
7eef3051aba412475cca92f95da597a1d0faf9fe

SHA256
751750047ee4d4fb4fc5ff416f569a87a06908f341a91b0c2ec5b3f50db2d8c4

SHA512
ae3f7c9e7918e5c21ba8f16934c0a4a901442ad110e633f10872026fa735105e77c3e7138d5790fc8072b77f3df5dfc517f11ee547b3ad542b4e2ddcbb664aae

Download Submit
/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

Filesize
512B

MD5
64efb193fe6151ef785ffeb21201fe2a

SHA1
ffb6cf9c445be0dccab458a751181e5b4fe54677

SHA256
16925b8787e7c9088cf17284514aa4439ea078ebdc69f57154726f1ef47329cd

SHA512
09f3202520591df8bcb9756385b9a41f226c5cc2d0e193c3cce74a60486261a649c36560e80e1099e0db7f531e9ac6644cc3ef9a0d5e3f4d3dc34016e3b635f7

Download Submit
/storage/emulated/0/Android/data/com.jcl.yuesheng/cache/29f3e66caa03405797f9d4f8254c25b4

Filesize
1KB

MD5
89fb54675c7fc0a7c8f8612fc2cb1b09

SHA1
4a9155fd14745fb37f2ab73eaca0d124805aba66

SHA256
970cad0fe5820f4f1dfe9b1a09eb2f593fb55ac9eecef73224024d183c75c948

SHA512
db29f29d5de7ab93e9fb15dd096a1008ea9be7efd08dc6d8492efc0663e797ecd4b0db7f42fac0dd5afeebcd205ecf562c17fc2350d11f20bb288e936ded2d4a

Download Submit
/storage/emulated/0/tencent/imsdklogs/com/jcl/yuesheng/imsdk_20240509.log

Filesize
8KB

MD5
8e9089c60fde22c2c376c0845d9ca23a

SHA1
211dc0238b3aab37bceb9332c83744de4292e45b

SHA256
e002f7e273ae12e8e3d5aba0c9b16b7b401b043c73727886f61d36afa710fd1b

SHA512
d7f6d2028d70f4506feae28595ee2b39f61bde13a433b6a44699b1731364a1e97eecd37c1b38fd2cdd676059e95d00854d26be5e53253296137981786ebd08c5

Download Submit
/storage/emulated/0/tencent/qalsdklogs/com/jcl/yuesheng/sdk/sdk.24.05.09.03.log

Filesize
2KB

MD5
227a083bb26c5d34f433e1cd1da156e0

SHA1
b6836713f1c3f40b9cf0845e8ae94f2f15f93400

SHA256
682d179b88872f56f9244b73b3513a33e392f31ce04f5b6ca4d61a3f48d1790d

SHA512
f32cbc53d0b7166d4b5af953d99f97d2de2b78cf8a664d17bded58d584c172da8d8362add2db12a72b8a79146ac03e46a382d7ba08a903c1613acb57636fcdce

Download Submit
/storage/emulated/0/tencent/qalsdklogs/com/jcl/yuesheng/sdk/sdk.24.05.09.03.log

Filesize
3KB

MD5
f9742b13ef848b5a78c7aa92a317a8bd

SHA1
25f981df4fc149e2196a0799dee202b6566841f7

SHA256
3b6c4e7bb7ec4c40c80a5779da3d7bea16f418d926be58326294e287b39bcc14

SHA512
3a3baac09ccd5f498883b4c7f2b1bacc15e34a74b7b1c4451d339366e493114c13b8165767e37ab359d8ce4c2adccd4b6c2a6c9c05a9400e1cce72f2a27c3ce2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads