Malware Analysis Report

2025-08-11 00:07

Sample ID 240513-hrxqxabd4z
Target 3e41a3189f5816e580e7a5e653c771a4_JaffaCakes118
SHA256 6c083c3489fd114b31f6ee890e38803e5ecb5c63b57d81016942929053e1f533
Tags
discovery evasion persistence
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

6c083c3489fd114b31f6ee890e38803e5ecb5c63b57d81016942929053e1f533

Threat Level: Shows suspicious behavior

The file 3e41a3189f5816e580e7a5e653c771a4_JaffaCakes118 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery evasion persistence

Loads dropped Dex/Jar

Queries information about running processes on the device

Queries the phone number (MSISDN for GSM devices)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Queries information about the current Wi-Fi connection

Requests dangerous framework permissions

Checks if the internet connection is available

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-13 06:58

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to read the user's contacts data. android.permission.READ_CONTACTS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write the user's contacts data. android.permission.WRITE_CONTACTS N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read SMS messages. android.permission.READ_SMS N/A N/A
Allows an application to request installing packages. android.permission.REQUEST_INSTALL_PACKAGES N/A N/A
Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS N/A N/A
Allows an application to read the user's call log. android.permission.READ_CALL_LOG N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-13 06:58

Reported

2024-05-13 07:01

Platform

android-x86-arm-20240506-en

Max time kernel

8s

Max time network

131s

Command Line

com.dada.syn

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.dada.syn/.jiagu/classes.dex N/A N/A
N/A /data/data/com.dada.syn/.jiagu/classes.dex!classes2.dex N/A N/A
N/A /data/data/com.dada.syn/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.dada.syn/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.dada.syn/.jiagu/tmp.dex N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.dada.syn

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.dada.syn/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.dada.syn/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.213.10:443 tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
CN 203.107.1.97:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.201.110:443 android.apis.google.com tcp

Files

/data/data/com.dada.syn/.jiagu/libjiagu.so

MD5 5aea02f4e4c77fbf2e7a27f7ca9cc06b
SHA1 522db1748608e9173547b29b7aa82ddc3542c534
SHA256 5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2
SHA512 5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

/data/data/com.dada.syn/.jiagu/classes.dex

MD5 8aa4ebf070d44b83919fbc31a9714dd6
SHA1 3580a4071c27f476f720cea1d5ebc8f139700929
SHA256 71599b1a14c7d9904416b515867ec6abe17c563ed038e34d2693991471780d6d
SHA512 cc7b56437220762921b2707820a8b89c542355e0a924786541dc296a1f80f7a4368326c81dc8f0782f16f07cffcc6b186aae7c4e3dd7e0c49ea305c0394a58b3

/data/data/com.dada.syn/.jiagu/classes.dex!classes2.dex

MD5 cb43eafa46bc4a4ec3f5f829b2e003d3
SHA1 8026adf7ae582182c36c723deda5d736c48ac666
SHA256 dafa5b33ecbba11bc44bc1f9cbdaa22ca13a295b84be7fe3f47e4c33671f6ecc
SHA512 8386eda944b8edbe7dd0a3a6f07c29aebccfad5ca448d7a9c270075c606d3580104fd80af11b96b0c1c51536e43e19ad70bd7b9d1d4f0d9451572ee235997b8c

/data/data/com.dada.syn/.jiagu/tmp.dex

MD5 f1771b68f5f9b168b79ff59ae2daabe4
SHA1 0df6a835559f5c99670214a12700e7d8c28e5a42
SHA256 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512 dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

/data/data/com.dada.syn/files/.jglogs/.jg.ri

MD5 44f0b226a79c5d7944cc0909d4dda035
SHA1 3da2c09bf6ca248a5c157c422dc73fb7e8bf1df7
SHA256 a5f568321c343635bae0725640ad4b3f59244f37958e6d8f37a286ec0c68fd8b
SHA512 c0be6c91ab663ff99f3405968b7e941931faaa5c6f9a1c65d016690ee1e40c541bcabc1b1bda2b5143f03c08946a16b64bee19088f2115f6c9601d73a6f2cd85

/data/data/com.dada.syn/files/.jglogs/.jg.ri

MD5 6c3a367f978c65496af315340d15cb05
SHA1 0b0d25adfacd34ac3b4d44cf07b2a556b431d526
SHA256 ba214d7de6191ebb136e61434bb5e7fdcc9009e362745b7a58129c2588e370f5
SHA512 830eb7402936e013292ddf12dcb34dd080f328b17fa85844cb30303dd2ae075f71e4ee87cb746c08254cc70c4edbe8980445769732f20a23ae84e2416ac2efcc

/data/data/com.dada.syn/files/.jiagu.lock

MD5 6e882efb9933ce4e049ef04929c839a7
SHA1 791a6a3b0f1433a912a120384374ba0749d38377
SHA256 68ee430927c60d5818f1dd52e615e16c3dfcec7edddc738773f95ace3b98a9c8
SHA512 beebc790b543b5170c3dc1812acedacd83feea9bc5137945e76884283d659247b3280f9adbb2d1224174e559050f75c72361218e1c8b6905f8739140bd45d470

/data/data/com.dada.syn/files/.jglogs/.jg.rd

MD5 a6d25161c4c7fa07c5776d3f78afecc8
SHA1 bc7be30764295be3c5973fa4a48fd1934ea14e05
SHA256 ed7bae0ab6d9168d492f06f65d4ed6f4921cb7c835d0ac5861373b79fd549b15
SHA512 a601f780547417ed0dffe612458d35114af6ef2597a986aa61b230627d1accb7f16dd2c791e77f4be102bb6df1090fbda672072b1321776751c6b613be5519f9

/data/data/com.dada.syn/files/.jglogs/.jg.store.report_pid

MD5 51982a65863cc095368f242f7c75043d
SHA1 5e29109513c55faf5fa1a64f2331642048c4b380
SHA256 4c73877910e868879f5d52d1f7a49c3568241e0d3472ebe7ef874ea2d069f41b
SHA512 dc6424d4bad5b706d55170ba819ddacc2d7f9a03eff7e3b3a0fadc5bbe27613acd1ddca1f00085bbc74b2d1ba36474d937f4887a4e65f1a00c5fe9289e0c06d9

/data/data/com.dada.syn/databases/MessageStore.db-journal

MD5 692857f27ce9d2fc3a174ec0f344bc66
SHA1 a710c7f086a97b6868aff606a60bc37912a911c7
SHA256 8c0ef0e268b9c9ab2a62c5dbd37aac14f631b6c3817f413f2defe08bedbf56ac
SHA512 9a181495ff3bf8bb37e9b771e3441d35c36628e353c58b704c23f347dfd3a322c00df880e975c3be976b25bab76880b9b7f7addb69cfa272c8589fc8c3f542f5

/data/data/com.dada.syn/databases/MessageStore.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.dada.syn/databases/MessageStore.db-shm

MD5 cf845a781c107ec1346e849c9dd1b7e8
SHA1 b44ccc7f7d519352422e59ee8b0bdbac881768a7
SHA256 18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7
SHA512 4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

/data/data/com.dada.syn/files/.jglogs/.jg.ac

MD5 8ecca02eca0f8032a08aaf6736ac7595
SHA1 227abcc8f86104bb4bdf004de6180382837a6c5f
SHA256 c5c18797bc6aff2f83278e067a3a37c05dfe681e82961b949eb2e88bcb61df34
SHA512 7c7d75a684c86471a270d51f54d4b50155da6dc74e815394bae6601816dba0563457ea69932d03209b8a75ddb50cbb879c4f6738251a71a0edaaf820cfa517b9

/data/data/com.dada.syn/databases/MessageStore.db-wal

MD5 718ca63db4b6a00b19e02107177610b4
SHA1 ae91b454734dd388158dff3df1d020fb872962aa
SHA256 f8108a2c04d9925ba11e622b8e40a76252e6c2d9754c5a502fac771bf2505a0c
SHA512 339139a8f7c81479dc84b34bd519eac9e0f9bd76b717584aa1df35cd554f2f7a28eeca68aaac969dee48081d83116b0bbe3cbcffe888897cc1ed23287a12c92e

/data/data/com.dada.syn/files/.jglogs/.jg.ic

MD5 11e95665c13c5dd65af52e4eeeca28aa
SHA1 a9f9f3775d35a77b1f9a73c7c4068166f48279ef
SHA256 0af0e02aacac44b0b0afa7f34df74bc1752b06e98acc4fb149bbd8a21d99c04c
SHA512 665159275cd39b104e77b54cc4b6be4a782fa91ab693bf9086fb619e446fb46d4269f8afe5104a97d90aa16be1eecab4055d51d84b1b93419333fed574078e6e

/data/data/com.dada.syn/databases/MsgLogStore.db-journal

MD5 9bb2fd0fc8715b0dbab187516954f82a
SHA1 1251582775a47c93e5e1e3ddb198b77f1acbbf7e
SHA256 77da1b66789578df8ee534c65f422e9a3fb46228eca4fac4b419f3668162327f
SHA512 290f4991dd4cf0eba2af8955d4521a77fd11dd5b76a9f0e5f60dfdd010dee2ef1fdf974db92315424d281c548c5e3547975d7f3f3359a84c6aaf527be2de0fae

/data/data/com.dada.syn/databases/MsgLogStore.db-wal

MD5 3e88559492011bdc84db401ac78414f0
SHA1 625e958b0021f539f857b4f23c69cbb948847943
SHA256 5767784d99cbab15a8ffc9f2ba2792a1216f66a0efce6fe771e25d2db2a6cc3c
SHA512 9b4d3d3aba0fc625012088083ebc2dbdfa1340cde1b79a3cffec698accd2dbedabdce99b7fc125576c40fa48fe8f69ac280624451a25af72483450be7394d2ae

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-13 06:58

Reported

2024-05-13 07:01

Platform

android-33-x64-arm64-20240508.1-en

Max time kernel

8s

Max time network

133s

Command Line

com.dada.syn

Signatures

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.dada.syn/.jiagu/classes.dex N/A N/A
N/A /data/user/0/com.dada.syn/.jiagu/classes.dex!classes2.dex N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.dada.syn

Network

Country Destination Domain Proto
GB 216.58.213.4:443 udp
GB 216.58.213.4:443 tcp
BE 173.194.76.188:5228 tcp
GB 216.58.201.100:443 tcp
N/A 224.0.0.251:5353 udp
CN 203.107.1.97:443 tcp
US 1.1.1.1:53 norma-external-collect.meizu.com udp
CN 183.60.176.112:80 norma-external-collect.meizu.com tcp
CN 121.42.44.37:9393 tcp
US 1.1.1.1:53 voilatile-pa.googleapis.com udp
GB 142.250.187.202:443 voilatile-pa.googleapis.com tcp
GB 172.217.169.35:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
GB 142.250.180.3:443 tcp
US 172.64.41.3:443 udp
GB 142.250.180.3:443 udp
GB 216.58.213.4:443 udp
GB 216.58.213.4:443 udp
GB 216.58.213.4:443 tcp
GB 216.58.213.4:443 tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 216.58.212.202:443 remoteprovisioning.googleapis.com tcp

Files

/data/user/0/com.dada.syn/.jiagu/libjiagu.so

MD5 5aea02f4e4c77fbf2e7a27f7ca9cc06b
SHA1 522db1748608e9173547b29b7aa82ddc3542c534
SHA256 5a1c513b347e2a929769e2be67552c1d591704f08f7b5590282b66cc2c7d7bd2
SHA512 5c979a11f5e896829db906f533756efc1cf3c5a7e35ecc9e376a0aae818f2dada013441649feac2e188bd51affbbf35156e32fdc6552e185bddbc547f3850316

/data/user/0/com.dada.syn/.jiagu/libjiagu_64.so

MD5 289fb443987b114ee4237b4dd97672bc
SHA1 9b898410845dfaeae3af212b5df41177ba9b8f34
SHA256 a55e9ee18285b41a4ea1bf375930a5bdb603dbfc530a3dcb224bbded14e68210
SHA512 debbf2720c9b132b5923eaa9fcb372a72a97d574bce59789d06b645925fa2d6a27473aae4c9f1e4968614d44fd98a8b0fb1eec217a595fb5c80bcfc056705508

/data/user/0/com.dada.syn/.jiagu/classes.dex

MD5 8aa4ebf070d44b83919fbc31a9714dd6
SHA1 3580a4071c27f476f720cea1d5ebc8f139700929
SHA256 71599b1a14c7d9904416b515867ec6abe17c563ed038e34d2693991471780d6d
SHA512 cc7b56437220762921b2707820a8b89c542355e0a924786541dc296a1f80f7a4368326c81dc8f0782f16f07cffcc6b186aae7c4e3dd7e0c49ea305c0394a58b3

/data/user/0/com.dada.syn/.jiagu/classes.dex!classes2.dex

MD5 cb43eafa46bc4a4ec3f5f829b2e003d3
SHA1 8026adf7ae582182c36c723deda5d736c48ac666
SHA256 dafa5b33ecbba11bc44bc1f9cbdaa22ca13a295b84be7fe3f47e4c33671f6ecc
SHA512 8386eda944b8edbe7dd0a3a6f07c29aebccfad5ca448d7a9c270075c606d3580104fd80af11b96b0c1c51536e43e19ad70bd7b9d1d4f0d9451572ee235997b8c

/data/user/0/com.dada.syn/files/.jglogs/.jg.ri

MD5 1e43d2f4d8dcbee72a17de17c553b981
SHA1 a8285540773abac0a333ef5bbb30ea19bb62986b
SHA256 813a924bbba5b1c145935060df3328e424d59af0612a0a2c59e5b9ce8dec3068
SHA512 af34587e28f0cb647e91dbad3149516370570b1dfc567041fec1b384e6864ffed9b61c431b2643e84616072e464bcad694f707e6db562af2395370429dc60c52

/data/user/0/com.dada.syn/files/.jglogs/.jg.ri

MD5 7b6555886518a28354ee8c416ee3fcad
SHA1 17f4b92e5bdb5db7869f70bc71686f1e95eff9cd
SHA256 e4a726e53773ae9af1bf85ebec1cf9de5881c5eb86b9c8c55acdd0070c20c81a
SHA512 dce9f865bca3cc78afd4e04a7d818e48bb47a8e50080418a791ddae34ea19cee4bdc9e1ffbf8376b1661472701d44c16bbe4fbfedd1e791f60d41ad67e0c1fd8

/data/user/0/com.dada.syn/files/.jiagu.lock

MD5 cc73b895afa37b0dd84b2d9d3e0bc0c5
SHA1 d8a0600ee5ebd89a1dfa5aa40702277748c7d6bf
SHA256 61bfc2c18b4df5a62c7cb0efdb58dfcb06a1e0eea4f43b75f6cd9d2b111b7350
SHA512 c48b69856d630653521d6241e36cd2f160a55a70fb9839a65981db5ed0e49470e554abe2dac0b1b6e989d7de4a119d30286fbb273796123bd5011da96d919188

/data/user/0/com.dada.syn/files/.jglogs/.jg.rd

MD5 6432173f2a80ceeaf03296f8418b50df
SHA1 a80c2b1cd6f62881d946da62bfb320748923e1c0
SHA256 c00bedae745fc387e0311716f6c79faae5fa38e0e8a50743f4b363e4cf1e454e
SHA512 541e1ce3e03e86b7125df22245f6cfd9851958b87f1c4f1c8d7d7f4b5d89b103c9f9c6fa5ba7a604089e7032d8aedf5bea0e7796709af00360e57ce98cd4413d

/data/user/0/com.dada.syn/files/.jglogs/.jg.store.report_pid

MD5 51982a65863cc095368f242f7c75043d
SHA1 5e29109513c55faf5fa1a64f2331642048c4b380
SHA256 4c73877910e868879f5d52d1f7a49c3568241e0d3472ebe7ef874ea2d069f41b
SHA512 dc6424d4bad5b706d55170ba819ddacc2d7f9a03eff7e3b3a0fadc5bbe27613acd1ddca1f00085bbc74b2d1ba36474d937f4887a4e65f1a00c5fe9289e0c06d9

/data/user/0/com.dada.syn/databases/MessageStore.db-journal

MD5 dce978c6b79a3060f168183b0cdf9898
SHA1 1c7064346260cf6dbb7db7d8f878ec4da10df767
SHA256 aa15cc3bdea82563c4a92ffee9d4830bc37a4819f070bbad7bea4dfcd4557f8c
SHA512 949bf5f0ea65bc29b47e11c4b650450965d5fb2dee9f46c3f09f46304451bf0f7c15f01fa3ba19d765f509e80a727547f547bcd312675b921252e68c9aed12ee

/data/user/0/com.dada.syn/databases/MessageStore.db

MD5 813ae82180259fa068bea189e07fec67
SHA1 67a335e3df54b04f3ad89b53c3f3c4ec1567c515
SHA256 fba97e7f2a5671566f1ae652107b14b8ee1c307761ce2f044f41103fb3fd708c
SHA512 1284db387240ad2fc91aa0adfc6e9f97e7c098b9843602afaea280adf01e9a9b829f0e7cfe15ad9e7a9f5f482f4260cf022d754db9da06595735e06c1998618d

/data/user/0/com.dada.syn/databases/MessageStore.db-journal

MD5 020c020240ea45fc62ea201b586512e2
SHA1 5a271f8a3ed2b93230d59b51147f8d40c13fae57
SHA256 b27ec14d210deb59c1e896d547fd5b0a5a0e273b6d3f8b6d1c0bff76468538ed
SHA512 314981f5bcaf925e3fd5bb69bdb2baa6e9852ad6fb64816f7a32a00bf481f27a67f30e9dfd65c507b72b429fa7e9f47bf6d099f237c72cd84589743eb6872c0f

/data/user/0/com.dada.syn/databases/MessageStore.db-journal

MD5 3ee379a1d31a530fd1f70abf2bedeafe
SHA1 88e771b63374f1c513416f71c139988bb4001f72
SHA256 5ef5037dcd040bcd1cc9edea7f8924a886273b8930481736380e14d6489ef514
SHA512 ec0337c98ab8941ea475227204f326d5ebd0f9d0eb6d1929f1538204cfad229fe21cec07a9a54ff11fb4553a7b19e5be762290870520dbc2aabce9019f184e26

/data/user/0/com.dada.syn/files/.jglogs/.jg.ac

MD5 8ecca02eca0f8032a08aaf6736ac7595
SHA1 227abcc8f86104bb4bdf004de6180382837a6c5f
SHA256 c5c18797bc6aff2f83278e067a3a37c05dfe681e82961b949eb2e88bcb61df34
SHA512 7c7d75a684c86471a270d51f54d4b50155da6dc74e815394bae6601816dba0563457ea69932d03209b8a75ddb50cbb879c4f6738251a71a0edaaf820cfa517b9

/data/user/0/com.dada.syn/files/.jglogs/.jg.ic

MD5 11e95665c13c5dd65af52e4eeeca28aa
SHA1 a9f9f3775d35a77b1f9a73c7c4068166f48279ef
SHA256 0af0e02aacac44b0b0afa7f34df74bc1752b06e98acc4fb149bbd8a21d99c04c
SHA512 665159275cd39b104e77b54cc4b6be4a782fa91ab693bf9086fb619e446fb46d4269f8afe5104a97d90aa16be1eecab4055d51d84b1b93419333fed574078e6e

/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

MD5 49b560cf9066ae26e6c128cceccf7ae0
SHA1 9e0326ccf7d71bb74ec8f760216f5db2f62e7d48
SHA256 cfb219f3e223160d46cca29b82f51835c243562c029b473fd25534e7743912e8
SHA512 c8aefbcce29d8225f49589c193cff25892414be62b8f527c6ee7548e735c3ff0bd2df3f018a9e6b84e58b57f5e310a6bfa169b13a83a9e5d4b05f73ea5eec2d5

/data/user/0/com.dada.syn/databases/MsgLogStore.db

MD5 12a7d379e17bbd9dfb425607991f4814
SHA1 bc7c5ed79c42863755432f9adf05ffc1848b0a81
SHA256 6e9e6f531496fd3cb33584bf4a1303845743589d5527bf8e96e27e2264b1e90f
SHA512 18d678715f1712f8baee18e23487af449890a4130e304ea10d883dfc99b33b7f88f0f1e0b4008ac0c8f1ea6c19f5460b0510d5372c579b039a96785529d980c4

/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

MD5 83bfcfadf753038ebb73bfa947a49632
SHA1 5965cf7957af39e79a593f42f4458e8629491a78
SHA256 13661b27e20ee76624494cbea49a3e09df082d648a798947329a31c2f2b08a67
SHA512 3906b83f60147e5109a5f7a4989b67cba5704df42c05f0313387c720ac3ddbb633c74ed909958813df02dff590cf0caac726d200cc45bd75869f864ee34f440d

/data/user/0/com.dada.syn/databases/MsgLogStore.db-journal

MD5 da16f1962a3894f107f5fdac04ae4df0
SHA1 7fb3f037a34b5c81a2ab1d6180edacfefc2c0a7b
SHA256 8bd2d170b2806bd8ffa94160bd29c9c3413970111e0b5dbec250a21aea053d47
SHA512 6444c0505fea6f7cb030c858e3e607c7ac073309646aac2ad2c9ec4b44fffe50a48b08c67f1644d3485348003c8c9ecb6ced797f73906cce2745cfb5c9b7e752

/data/user/0/com.dada.syn/cache/mediahttp/journal.tmp

MD5 37e8e716e0e2f4a0b05cd9571d95b84d
SHA1 f8d068f6931707bddb8cd69f706f2224ad1fea3c
SHA256 7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca
SHA512 e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-13 06:58

Reported

2024-05-13 06:59

Platform

android-x86-arm-20240506-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.3:443 tcp
GB 142.250.200.3:443 tcp
GB 216.58.212.202:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A