Analysis Overview
SHA256
6c083c3489fd114b31f6ee890e38803e5ecb5c63b57d81016942929053e1f533
Threat Level: Shows suspicious behavior
The file 3e41a3189f5816e580e7a5e653c771a4_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped Dex/Jar
Queries information about running processes on the device
Queries the phone number (MSISDN for GSM devices)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Queries information about the current Wi-Fi connection
Requests dangerous framework permissions
Checks if the internet connection is available
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-13 06:58
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an app to access precise location. | android.permission.ACCESS_FINE_LOCATION | N/A | N/A |
| Allows an application to read the user's contacts data. | android.permission.READ_CONTACTS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an application to write the user's contacts data. | android.permission.WRITE_CONTACTS | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows an application to read SMS messages. | android.permission.READ_SMS | N/A | N/A |
| Allows an application to request installing packages. | android.permission.REQUEST_INSTALL_PACKAGES | N/A | N/A |
| Allows access to the list of accounts in the Accounts Service. | android.permission.GET_ACCOUNTS | N/A | N/A |
| Allows an application to read the user's call log. | android.permission.READ_CALL_LOG | N/A | N/A |
| Allows an application to collect component usage statistics. | android.permission.PACKAGE_USAGE_STATS | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-13 06:58
Reported
2024-05-13 07:01
Platform
android-x86-arm-20240506-en
Max time kernel
8s
Max time network
131s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.dada.syn/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.dada.syn/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.dada.syn/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dada.syn/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.dada.syn/.jiagu/tmp.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.dada.syn
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.dada.syn/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.dada.syn/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.10:443 | tcp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| CN | 203.107.1.97:443 | tcp | |
| GB | 142.250.187.206:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.201.110:443 | android.apis.google.com | tcp |
Files
/data/data/com.dada.syn/.jiagu/libjiagu.so
| MD5 | 5aea02f4e4c77fbf2e7a27f7ca9cc06b |
| SHA1 | 522db1748608e9173547b29b7aa82ddc3542c534 |
| SHA256 | 5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2 |
| SHA512 | 5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316 |
/data/data/com.dada.syn/.jiagu/classes.dex
| MD5 | 8aa4ebf070d44b83919fbc31a9714dd6 |
| SHA1 | 3580a4071c27f476f720cea1d5ebc8f139700929 |
| SHA256 | 71599b1a14c7d9904416b515867ec6abe17c563ed038e34d2693991471780d6d |
| SHA512 | cc7b56437220762921b2707820a8b89c542355e0a924786541dc296a1f80f7a4368326c81dc8f0782f16f07cffcc6b186aae7c4e3dd7e0c49ea305c0394a58b3 |
/data/data/com.dada.syn/.jiagu/classes.dex!classes2.dex
| MD5 | cb43eafa46bc4a4ec3f5f829b2e003d3 |
| SHA1 | 8026adf7ae582182c36c723deda5d736c48ac666 |
| SHA256 | dafa5b33ecbba11bc44bc1f9cbdaa22ca13a295b84be7fe3f47e4c33671f6ecc |
| SHA512 | 8386eda944b8edbe7dd0a3a6f07c29aebccfad5ca448d7a9c270075c606d3580104fd80af11b96b0c1c51536e43e19ad70bd7b9d1d4f0d9451572ee235997b8c |
/data/data/com.dada.syn/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.dada.syn/files/.jglogs/.jg.ri
| MD5 | 44f0b226a79c5d7944cc0909d4dda035 |
| SHA1 | 3da2c09bf6ca248a5c157c422dc73fb7e8bf1df7 |
| SHA256 | a5f568321c343635bae0725640ad4b3f59244f37958e6d8f37a286ec0c68fd8b |
| SHA512 | c0be6c91ab663ff99f3405968b7e941931faaa5c6f9a1c65d016690ee1e40c541bcabc1b1bda2b5143f03c08946a16b64bee19088f2115f6c9601d73a6f2cd85 |
/data/data/com.dada.syn/files/.jglogs/.jg.ri
| MD5 | 6c3a367f978c65496af315340d15cb05 |
| SHA1 | 0b0d25adfacd34ac3b4d44cf07b2a556b431d526 |
| SHA256 | ba214d7de6191ebb136e61434bb5e7fdcc9009e362745b7a58129c2588e370f5 |
| SHA512 | 830eb7402936e013292ddf12dcb34dd080f328b17fa85844cb30303dd2ae075f71e4ee87cb746c08254cc70c4edbe8980445769732f20a23ae84e2416ac2efcc |
/data/data/com.dada.syn/files/.jiagu.lock
| MD5 | 6e882efb9933ce4e049ef04929c839a7 |
| SHA1 | 791a6a3b0f1433a912a120384374ba0749d38377 |
| SHA256 | 68ee430927c60d5818f1dd52e615e16c3dfcec7edddc738773f95ace3b98a9c8 |
| SHA512 | beebc790b543b5170c3dc1812acedacd83feea9bc5137945e76884283d659247b3280f9adbb2d1224174e559050f75c72361218e1c8b6905f8739140bd45d470 |
/data/data/com.dada.syn/files/.jglogs/.jg.rd
| MD5 | a6d25161c4c7fa07c5776d3f78afecc8 |
| SHA1 | bc7be30764295be3c5973fa4a48fd1934ea14e05 |
| SHA256 | ed7bae0ab6d9168d492f06f65d4ed6f4921cb7c835d0ac5861373b79fd549b15 |
| SHA512 | a601f780547417ed0dffe612458d35114af6ef2597a986aa61b230627d1accb7f16dd2c791e77f4be102bb6df1090fbda672072b1321776751c6b613be5519f9 |
/data/data/com.dada.syn/files/.jglogs/.jg.store.report_pid
| MD5 | 51982a65863cc095368f242f7c75043d |
| SHA1 | 5e29109513c55faf5fa1a64f2331642048c4b380 |
| SHA256 | 4c73877910e868879f5d52d1f7a49c3568241e0d3472ebe7ef874ea2d069f41b |
| SHA512 | dc6424d4bad5b706d55170ba819ddacc2d7f9a03eff7e3b3a0fadc5bbe27613acd1ddca1f00085bbc74b2d1ba36474d937f4887a4e65f1a00c5fe9289e0c06d9 |
/data/data/com.dada.syn/databases/MessageStore.db-journal
| MD5 | 692857f27ce9d2fc3a174ec0f344bc66 |
| SHA1 | a710c7f086a97b6868aff606a60bc37912a911c7 |
| SHA256 | 8c0ef0e268b9c9ab2a62c5dbd37aac14f631b6c3817f413f2defe08bedbf56ac |
| SHA512 | 9a181495ff3bf8bb37e9b771e3441d35c36628e353c58b704c23f347dfd3a322c00df880e975c3be976b25bab76880b9b7f7addb69cfa272c8589fc8c3f542f5 |
/data/data/com.dada.syn/databases/MessageStore.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.dada.syn/databases/MessageStore.db-shm
| MD5 | cf845a781c107ec1346e849c9dd1b7e8 |
| SHA1 | b44ccc7f7d519352422e59ee8b0bdbac881768a7 |
| SHA256 | 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7 |
| SHA512 | 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612 |
/data/data/com.dada.syn/files/.jglogs/.jg.ac
| MD5 | 8ecca02eca0f8032a08aaf6736ac7595 |
| SHA1 | 227abcc8f86104bb4bdf004de6180382837a6c5f |
| SHA256 | c5c18797bc6aff2f83278e067a3a37c05dfe681e82961b949eb2e88bcb61df34 |
| SHA512 | 7c7d75a684c86471a270d51f54d4b50155da6dc74e815394bae6601816dba0563457ea69932d03209b8a75ddb50cbb879c4f6738251a71a0edaaf820cfa517b9 |
/data/data/com.dada.syn/databases/MessageStore.db-wal
| MD5 | 718ca63db4b6a00b19e02107177610b4 |
| SHA1 | ae91b454734dd388158dff3df1d020fb872962aa |
| SHA256 | f8108a2c04d9925ba11e622b8e40a76252e6c2d9754c5a502fac771bf2505a0c |
| SHA512 | 339139a8f7c81479dc84b34bd519eac9e0f9bd76b717584aa1df35cd554f2f7a28eeca68aaac969dee48081d83116b0bbe3cbcffe888897cc1ed23287a12c92e |
/data/data/com.dada.syn/files/.jglogs/.jg.ic
| MD5 | 11e95665c13c5dd65af52e4eeeca28aa |
| SHA1 | a9f9f3775d35a77b1f9a73c7c4068166f48279ef |
| SHA256 | 0af0e02aacac44b0b0afa7f34df74bc1752b06e98acc4fb149bbd8a21d99c04c |
| SHA512 | 665159275cd39b104e77b54cc4b6be4a782fa91ab693bf9086fb619e446fb46d4269f8afe5104a97d90aa16be1eecab4055d51d84b1b93419333fed574078e6e |
/data/data/com.dada.syn/databases/MsgLogStore.db-journal
| MD5 | 9bb2fd0fc8715b0dbab187516954f82a |
| SHA1 | 1251582775a47c93e5e1e3ddb198b77f1acbbf7e |
| SHA256 | 77da1b66789578df8ee534c65f422e9a3fb46228eca4fac4b419f3668162327f |
| SHA512 | 290f4991dd4cf0eba2af8955d4521a77fd11dd5b76a9f0e5f60dfdd010dee2ef1fdf974db92315424d281c548c5e3547975d7f3f3359a84c6aaf527be2de0fae |
/data/data/com.dada.syn/databases/MsgLogStore.db-wal
| MD5 | 3e88559492011bdc84db401ac78414f0 |
| SHA1 | 625e958b0021f539f857b4f23c69cbb948847943 |
| SHA256 | 5767784d99cbab15a8ffc9f2ba2792a1216f66a0efce6fe771e25d2db2a6cc3c |
| SHA512 | 9b4d3d3aba0fc625012088083ebc2dbdfa1340cde1b79a3cffec698accd2dbedabdce99b7fc125576c40fa48fe8f69ac280624451a25af72483450be7394d2ae |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-13 06:58
Reported
2024-05-13 07:01
Platform
android-33-x64-arm64-20240508.1-en
Max time kernel
8s
Max time network
133s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.dada.syn/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/user/0/com.dada.syn/.jiagu/classes.dex!classes2.dex | N/A | N/A |
Queries information about running processes on the device
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.getRunningAppProcesses | N/A | N/A |
Queries the phone number (MSISDN for GSM devices)
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.dada.syn
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.4:443 | udp | |
| GB | 216.58.213.4:443 | tcp | |
| BE | 173.194.76.188:5228 | tcp | |
| GB | 216.58.201.100:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| CN | 203.107.1.97:443 | tcp | |
| US | 1.1.1.1:53 | norma-external-collect.meizu.com | udp |
| CN | 183.60.176.112:80 | norma-external-collect.meizu.com | tcp |
| CN | 121.42.44.37:9393 | tcp | |
| US | 1.1.1.1:53 | voilatile-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | voilatile-pa.googleapis.com | tcp |
| GB | 172.217.169.35:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| US | 172.64.41.3:443 | tcp | |
| GB | 142.250.180.3:443 | tcp | |
| US | 172.64.41.3:443 | udp | |
| GB | 142.250.180.3:443 | udp | |
| GB | 216.58.213.4:443 | udp | |
| GB | 216.58.213.4:443 | udp | |
| GB | 216.58.213.4:443 | tcp | |
| GB | 216.58.213.4:443 | tcp | |
| US | 1.1.1.1:53 | remoteprovisioning.googleapis.com | udp |
| GB | 216.58.212.202:443 | remoteprovisioning.googleapis.com | tcp |
Files
/data/user/0/com.dada.syn/.jiagu/libjiagu.so
| MD5 | 5aea02f4e4c77fbf2e7a27f7ca9cc06b |
| SHA1 | 522db1748608e9173547b29b7aa82ddc3542c534 |
| SHA256 | 5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2 |
| SHA512 | 5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316 |
/data/user/0/com.dada.syn/.jiagu/libjiagu_64.so
| MD5 | 289fb443987b114ee4237b4dd97672bc |
| SHA1 | 9b898410845dfaeae3af212b5df41177ba9b8f34 |
| SHA256 | a55e9ee18285b41a4ea1bf375930a5bdb603dbfc530a3dcb224bbded14e68210 |
| SHA512 | debbf2720c9b132b5923eaa9fcb372a72a97d574bce59789d06b645925fa2d6a27473aae4c9f1e4968614d44fd98a8b0fb1eec217a595fb5c80bcfc056705508 |
/data/user/0/com.dada.syn/.jiagu/classes.dex
| MD5 | 8aa4ebf070d44b83919fbc31a9714dd6 |
| SHA1 | 3580a4071c27f476f720cea1d5ebc8f139700929 |
| SHA256 | 71599b1a14c7d9904416b515867ec6abe17c563ed038e34d2693991471780d6d |
| SHA512 | cc7b56437220762921b2707820a8b89c542355e0a924786541dc296a1f80f7a4368326c81dc8f0782f16f07cffcc6b186aae7c4e3dd7e0c49ea305c0394a58b3 |
/data/user/0/com.dada.syn/.jiagu/classes.dex!classes2.dex
| MD5 | cb43eafa46bc4a4ec3f5f829b2e003d3 |
| SHA1 | 8026adf7ae582182c36c723deda5d736c48ac666 |
| SHA256 | dafa5b33ecbba11bc44bc1f9cbdaa22ca13a295b84be7fe3f47e4c33671f6ecc |
| SHA512 | 8386eda944b8edbe7dd0a3a6f07c29aebccfad5ca448d7a9c270075c606d3580104fd80af11b96b0c1c51536e43e19ad70bd7b9d1d4f0d9451572ee235997b8c |
/data/user/0/com.dada.syn/files/.jglogs/.jg.ri
| MD5 | 1e43d2f4d8dcbee72a17de17c553b981 |
| SHA1 | a8285540773abac0a333ef5bbb30ea19bb62986b |
| SHA256 | 813a924bbba5b1c145935060df3328e424d59af0612a0a2c59e5b9ce8dec3068 |
| SHA512 | af34587e28f0cb647e91dbad3149516370570b1dfc567041fec1b384e6864ffed9b61c431b2643e84616072e464bcad694f707e6db562af2395370429dc60c52 |
/data/user/0/com.dada.syn/files/.jglogs/.jg.ri
| MD5 | 7b6555886518a28354ee8c416ee3fcad |
| SHA1 | 17f4b92e5bdb5db7869f70bc71686f1e95eff9cd |
| SHA256 | e4a726e53773ae9af1bf85ebec1cf9de5881c5eb86b9c8c55acdd0070c20c81a |
| SHA512 | dce9f865bca3cc78afd4e04a7d818e48bb47a8e50080418a791ddae34ea19cee4bdc9e1ffbf8376b1661472701d44c16bbe4fbfedd1e791f60d41ad67e0c1fd8 |
/data/user/0/com.dada.syn/files/.jiagu.lock
| MD5 | cc73b895afa37b0dd84b2d9d3e0bc0c5 |
| SHA1 | d8a0600ee5ebd89a1dfa5aa40702277748c7d6bf |
| SHA256 | 61bfc2c18b4df5a62c7cb0efdb58dfcb06a1e0eea4f43b75f6cd9d2b111b7350 |
| SHA512 | c48b69856d630653521d6241e36cd2f160a55a70fb9839a65981db5ed0e49470e554abe2dac0b1b6e989d7de4a119d30286fbb273796123bd5011da96d919188 |
/data/user/0/com.dada.syn/files/.jglogs/.jg.rd
| MD5 | 6432173f2a80ceeaf03296f8418b50df |
| SHA1 | a80c2b1cd6f62881d946da62bfb320748923e1c0 |
| SHA256 | c00bedae745fc387e0311716f6c79faae5fa38e0e8a50743f4b363e4cf1e454e |
| SHA512 | 541e1ce3e03e86b7125df22245f6cfd9851958b87f1c4f1c8d7d7f4b5d89b103c9f9c6fa5ba7a604089e7032d8aedf5bea0e7796709af00360e57ce98cd4413d |
/data/user/0/com.dada.syn/files/.jglogs/.jg.store.report_pid
| MD5 | 51982a65863cc095368f242f7c75043d |
| SHA1 | 5e29109513c55faf5fa1a64f2331642048c4b380 |
| SHA256 | 4c73877910e868879f5d52d1f7a49c3568241e0d3472ebe7ef874ea2d069f41b |
| SHA512 | dc6424d4bad5b706d55170ba819ddacc2d7f9a03eff7e3b3a0fadc5bbe27613acd1ddca1f00085bbc74b2d1ba36474d937f4887a4e65f1a00c5fe9289e0c06d9 |
/data/user/0/com.dada.syn/databases/MessageStore.db-journal
| MD5 | dce978c6b79a3060f168183b0cdf9898 |
| SHA1 | 1c7064346260cf6dbb7db7d8f878ec4da10df767 |
| SHA256 | aa15cc3bdea82563c4a92ffee9d4830bc37a4819f070bbad7bea4dfcd4557f8c |
| SHA512 | 949bf5f0ea65bc29b47e11c4b650450965d5fb2dee9f46c3f09f46304451bf0f7c15f01fa3ba19d765f509e80a727547f547bcd312675b921252e68c9aed12ee |
/data/user/0/com.dada.syn/databases/MessageStore.db
| MD5 | 813ae82180259fa068bea189e07fec67 |
| SHA1 | 67a335e3df54b04f3ad89b53c3f3c4ec1567c515 |
| SHA256 | fba97e7f2a5671566f1ae652107b14b8ee1c307761ce2f044f41103fb3fd708c |
| SHA512 | 1284db387240ad2fc91aa0adfc6e9f97e7c098b9843602afaea280adf01e9a9b829f0e7cfe15ad9e7a9f5f482f4260cf022d754db9da06595735e06c1998618d |
/data/user/0/com.dada.syn/databases/MessageStore.db-journal
| MD5 | 020c020240ea45fc62ea201b586512e2 |
| SHA1 | 5a271f8a3ed2b93230d59b51147f8d40c13fae57 |
| SHA256 | b27ec14d210deb59c1e896d547fd5b0a5a0e273b6d3f8b6d1c0bff76468538ed |
| SHA512 | 314981f5bcaf925e3fd5bb69bdb2baa6e9852ad6fb64816f7a32a00bf481f27a67f30e9dfd65c507b72b429fa7e9f47bf6d099f237c72cd84589743eb6872c0f |
/data/user/0/com.dada.syn/databases/MessageStore.db-journal
| MD5 | 3ee379a1d31a530fd1f70abf2bedeafe |
| SHA1 | 88e771b63374f1c513416f71c139988bb4001f72 |
| SHA256 | 5ef5037dcd040bcd1cc9edea7f8924a886273b8930481736380e14d6489ef514 |
| SHA512 | ec0337c98ab8941ea475227204f326d5ebd0f9d0eb6d1929f1538204cfad229fe21cec07a9a54ff11fb4553a7b19e5be762290870520dbc2aabce9019f184e26 |
/data/user/0/com.dada.syn/files/.jglogs/.jg.ac
| MD5 | 8ecca02eca0f8032a08aaf6736ac7595 |
| SHA1 | 227abcc8f86104bb4bdf004de6180382837a6c5f |
| SHA256 | c5c18797bc6aff2f83278e067a3a37c05dfe681e82961b949eb2e88bcb61df34 |
| SHA512 | 7c7d75a684c86471a270d51f54d4b50155da6dc74e815394bae6601816dba0563457ea69932d03209b8a75ddb50cbb879c4f6738251a71a0edaaf820cfa517b9 |
/data/user/0/com.dada.syn/files/.jglogs/.jg.ic
| MD5 | 11e95665c13c5dd65af52e4eeeca28aa |
| SHA1 | a9f9f3775d35a77b1f9a73c7c4068166f48279ef |
| SHA256 | 0af0e02aacac44b0b0afa7f34df74bc1752b06e98acc4fb149bbd8a21d99c04c |
| SHA512 | 665159275cd39b104e77b54cc4b6be4a782fa91ab693bf9086fb619e446fb46d4269f8afe5104a97d90aa16be1eecab4055d51d84b1b93419333fed574078e6e |
/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal
| MD5 | 49b560cf9066ae26e6c128cceccf7ae0 |
| SHA1 | 9e0326ccf7d71bb74ec8f760216f5db2f62e7d48 |
| SHA256 | cfb219f3e223160d46cca29b82f51835c243562c029b473fd25534e7743912e8 |
| SHA512 | c8aefbcce29d8225f49589c193cff25892414be62b8f527c6ee7548e735c3ff0bd2df3f018a9e6b84e58b57f5e310a6bfa169b13a83a9e5d4b05f73ea5eec2d5 |
/data/user/0/com.dada.syn/databases/MsgLogStore.db
| MD5 | 12a7d379e17bbd9dfb425607991f4814 |
| SHA1 | bc7c5ed79c42863755432f9adf05ffc1848b0a81 |
| SHA256 | 6e9e6f531496fd3cb33584bf4a1303845743589d5527bf8e96e27e2264b1e90f |
| SHA512 | 18d678715f1712f8baee18e23487af449890a4130e304ea10d883dfc99b33b7f88f0f1e0b4008ac0c8f1ea6c19f5460b0510d5372c579b039a96785529d980c4 |
/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal
| MD5 | 83bfcfadf753038ebb73bfa947a49632 |
| SHA1 | 5965cf7957af39e79a593f42f4458e8629491a78 |
| SHA256 | 13661b27e20ee76624494cbea49a3e09df082d648a798947329a31c2f2b08a67 |
| SHA512 | 3906b83f60147e5109a5f7a4989b67cba5704df42c05f0313387c720ac3ddbb633c74ed909958813df02dff590cf0caac726d200cc45bd75869f864ee34f440d |
/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal
| MD5 | da16f1962a3894f107f5fdac04ae4df0 |
| SHA1 | 7fb3f037a34b5c81a2ab1d6180edacfefc2c0a7b |
| SHA256 | 8bd2d170b2806bd8ffa94160bd29c9c3413970111e0b5dbec250a21aea053d47 |
| SHA512 | 6444c0505fea6f7cb030c858e3e607c7ac073309646aac2ad2c9ec4b44fffe50a48b08c67f1644d3485348003c8c9ecb6ced797f73906cce2745cfb5c9b7e752 |
/data/user/0/com.dada.syn/cache/mediahttp/journal.tmp
| MD5 | 37e8e716e0e2f4a0b05cd9571d95b84d |
| SHA1 | f8d068f6931707bddb8cd69f706f2224ad1fea3c |
| SHA256 | 7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca |
| SHA512 | e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-13 06:58
Reported
2024-05-13 06:59
Platform
android-x86-arm-20240506-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.3:443 | tcp | |
| GB | 142.250.200.3:443 | tcp | |
| GB | 216.58.212.202:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |