b851761640c18d6ce981b2caa46b0021562586ce2fcef0c2b6253c73ac9ab4d0

Analysis

max time kernel
177s
max time network
188s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
17/05/2024, 02:34 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b851761640c18d6ce981b2caa46b0021562586ce2fcef0c2b6253c73ac9ab4d0.apk
Size

29.3MB
MD5

4dfa2a2812981b7b881a292aad4c03d9
SHA1

6752394057effe2e4fe89cd0c5c4575b7b042136
SHA256

b851761640c18d6ce981b2caa46b0021562586ce2fcef0c2b6253c73ac9ab4d0
SHA512

68f78e8af3ca9b8b3e2da1af90b79d65d1834e9a347597c4dc6640fa94b3a638101eee8b6af2a9cf9b7c55210c942031bc722e91591b6ca9f0b6e2d1379b8ee5
SSDEEP

786432:swCggntDWPsYz9SUDRZl8PGxRF+owaFbrf0PI:swCggFOfDuPGjdbFbrsPI

Score

8^/10

banker collection credential_access discovery evasion impact

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Requests cell location 1 TTPs 2 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.ijingyi.buy
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.ijingyi.buy

Checks CPU information 2 TTPs 1 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.ijingyi.buy

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ijingyi.buy
File opened for read	/proc/meminfo	com.ijingyi.buy:pushservice

Loads dropped Dex/Jar 1 TTPs 2 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/user/0/com.ijingyi.buy/Anonymous-DexFile@2069735286.jar	4645	com.ijingyi.buy
/data/user/0/com.ijingyi.buy/Anonymous-DexFile@2069735286.jar	4836	com.ijingyi.buy:pushservice

Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs

Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

collection credential_access impact

Clipboard Data

T1414

Transmitted Data Manipulation

T1641.001

description	ioc	Process
Framework service call	android.content.IClipboard.addPrimaryClipChangedListener	com.ijingyi.buy

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ijingyi.buy
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ijingyi.buy:pushservice

Queries information about the current Wi-Fi connection 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ijingyi.buy
Framework service call	android.net.wifi.IWifiManager.getConnectionInfo	com.ijingyi.buy:pushservice

Queries information about the current nearby Wi-Fi networks 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.ijingyi.buy:pushservice
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.ijingyi.buy

Queries the phone number (MSISDN for GSM devices) 1 TTPs
discovery

System Network Configuration Discovery
T1422

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ijingyi.buy
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ijingyi.buy:pushservice

Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
discovery

System Network Configuration Discovery
T1422
Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ijingyi.buy
Framework API call	javax.crypto.Cipher.doFinal	com.ijingyi.buy:pushservice

com.ijingyi.buy
1⤵
- Requests cell location
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Obtains sensitive information copied to the device clipboard
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4645

com.ijingyi.buy:pushservice
1⤵
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Queries information about the current nearby Wi-Fi networks
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4836

Network

DNS

ssl.google-analytics.com

Remote address:

1.1.1.1:53

Request

ssl.google-analytics.com

IN A

Response

ssl.google-analytics.com

IN A

142.250.178.8
DNS

service.dcloud.net.cn

Remote address:

1.1.1.1:53

Request

service.dcloud.net.cn

IN A

Response

service.dcloud.net.cn

IN A

111.229.199.57

service.dcloud.net.cn

IN A

115.159.204.155

service.dcloud.net.cn

IN A

124.220.57.196

service.dcloud.net.cn

IN A

110.40.169.99

service.dcloud.net.cn

IN A

110.40.181.119
DNS

sdk.open.talk.getui.net

Remote address:

1.1.1.1:53

Request

sdk.open.talk.getui.net

IN A

Response

sdk.open.talk.getui.net

IN CNAME

sd.cname3.getui.com

sd.cname3.getui.com

IN A

183.134.98.102

sd.cname3.getui.com

IN A

183.134.98.76

sd.cname3.getui.com

IN A

183.134.98.112
DNS

sdk.open.talk.igexin.com

Remote address:

1.1.1.1:53

Request

sdk.open.talk.igexin.com

IN A

Response

sdk.open.talk.igexin.com

IN CNAME

sd.cname3.getui.com

sd.cname3.getui.com

IN A

183.134.98.112

sd.cname3.getui.com

IN A

183.134.98.102

sd.cname3.getui.com

IN A

183.134.98.76
DNS

sdk.open.talk.gepush.com

Remote address:

1.1.1.1:53

Request

sdk.open.talk.gepush.com

IN A

Response

sdk.open.talk.gepush.com

IN CNAME

sd.cname3.getui.com

sd.cname3.getui.com

IN A

183.134.98.76

sd.cname3.getui.com

IN A

183.134.98.102

sd.cname3.getui.com

IN A

183.134.98.112
DNS

wx.jieyang.la

Remote address:

1.1.1.1:53

Request

wx.jieyang.la

IN A

Response
DNS

sdk.open.phone.igexin.com

Remote address:

1.1.1.1:53

Request

sdk.open.phone.igexin.com

IN A

Response

sdk.open.phone.igexin.com

IN CNAME

psbiv4-6.cname.getui.com

psbiv4-6.cname.getui.com

IN A

115.227.15.225

psbiv4-6.cname.getui.com

IN A

115.227.15.227

psbiv4-6.cname.getui.com

IN A

115.227.15.229

psbiv4-6.cname.getui.com

IN A

115.227.15.231

psbiv4-6.cname.getui.com

IN A

115.227.15.233

psbiv4-6.cname.getui.com

IN A

115.227.15.6

psbiv4-6.cname.getui.com

IN A

115.227.15.235

psbiv4-6.cname.getui.com

IN A

115.227.15.239

psbiv4-6.cname.getui.com

IN A

115.227.15.241

psbiv4-6.cname.getui.com

IN A

115.227.15.7

psbiv4-6.cname.getui.com

IN A

115.227.15.237
DNS

norma-external-collect.meizu.com

Remote address:

1.1.1.1:53

Request

norma-external-collect.meizu.com

IN A

Response

norma-external-collect.meizu.com

IN A

183.60.176.112
DNS

abroad.apilocate.amap.com

Remote address:

1.1.1.1:53

Request

abroad.apilocate.amap.com

IN A

Response

abroad.apilocate.amap.com

IN CNAME

abroad.apilocate.amap.com.gds.alibabadns.com

abroad.apilocate.amap.com.gds.alibabadns.com

IN A

59.82.44.11
DNS

c-hzgt2.getui.com

Remote address:

1.1.1.1:53

Request

c-hzgt2.getui.com

IN A

Response

c-hzgt2.getui.com

IN CNAME

ps.cname2.getui.com

ps.cname2.getui.com

IN A

115.227.15.15

ps.cname2.getui.com

IN A

115.227.15.13

ps.cname2.getui.com

IN A

115.227.15.14

ps.cname2.getui.com

IN A

115.227.15.16
DNS

www.gstatic.com

Remote address:

1.1.1.1:53

Request

www.gstatic.com

IN A

Response

www.gstatic.com

IN A

142.250.200.35
DNS

android.apis.google.com

Remote address:

1.1.1.1:53

Request

android.apis.google.com

IN A

Response

android.apis.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

216.58.204.78
DNS

c-hzgt2.getui.com

Remote address:

1.1.1.1:53

Request

c-hzgt2.getui.com

IN A

Response

c-hzgt2.getui.com

IN CNAME

ps.cname2.getui.com

ps.cname2.getui.com

IN A

115.227.15.16

ps.cname2.getui.com

IN A

115.227.15.13

ps.cname2.getui.com

IN A

115.227.15.15

ps.cname2.getui.com

IN A

115.227.15.14
DNS

www.google.com

Remote address:

1.1.1.1:53

Request

www.google.com

IN A

Response

www.google.com

IN A

216.58.213.4
DNS

abroad.apilocate.amap.com

Remote address:

1.1.1.1:53

Request

abroad.apilocate.amap.com

IN A

Response

abroad.apilocate.amap.com

IN CNAME

abroad.apilocate.amap.com.gds.alibabadns.com

abroad.apilocate.amap.com.gds.alibabadns.com

IN A

59.82.44.11

142.250.178.10:443

tls, https

1.3kB
40 B
1
1
142.250.178.10:443

tls, https

530 B
40 B
1
1
142.250.178.8:443

ssl.google-analytics.com

tls

1.4kB
6.1kB
10
9
111.229.199.57:443

service.dcloud.net.cn

180 B
3
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.225:80

sdk.open.phone.igexin.com

300 B
5
183.60.176.112:80

norma-external-collect.meizu.com

420 B
7
115.159.204.155:443

service.dcloud.net.cn

180 B
3
115.159.204.155:443

service.dcloud.net.cn

180 B
3
59.82.44.11:80

abroad.apilocate.amap.com

420 B
7
142.250.178.14:443

tls, https

695 B
40 B
1
1
115.227.15.15:80

c-hzgt2.getui.com

300 B
5
142.250.178.14:443

tls, https

695 B
40 B
1
1
216.58.204.78:443

android.apis.google.com

tls

3.9kB
7.6kB
17
18
124.220.57.196:443

service.dcloud.net.cn

180 B
3
124.220.57.196:443

service.dcloud.net.cn

180 B
3
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
110.40.169.99:443

service.dcloud.net.cn

180 B
3
110.40.169.99:443

service.dcloud.net.cn

180 B
3
110.40.181.119:443

service.dcloud.net.cn

180 B
3
110.40.181.119:443

service.dcloud.net.cn

180 B
3
115.227.15.16:80

c-hzgt2.getui.com

300 B
5
115.227.15.227:80

sdk.open.phone.igexin.com

300 B
5
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
111.229.199.57:443

service.dcloud.net.cn

180 B
3
115.227.15.13:80

c-hzgt2.getui.com

300 B
5
216.58.201.100:443

tls, https

905 B
40 B
2
1
216.58.201.100:443

www.google.com

tls

11.3kB
11.1kB
32
39
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.13:80

c-hzgt2.getui.com

300 B
5
115.227.15.229:80

sdk.open.phone.igexin.com

300 B
5
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.14:80

c-hzgt2.getui.com

300 B
5
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.229:80

sdk.open.phone.igexin.com

300 B
5
115.227.15.14:80

c-hzgt2.getui.com

300 B
5
115.227.15.14:80

c-hzgt2.getui.com

300 B
5
115.227.15.231:80

sdk.open.phone.igexin.com

300 B
5
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
216.58.213.4:443

www.google.com

tls

1.4kB
5.6kB
10
11
115.227.15.16:80

c-hzgt2.getui.com

300 B
5
142.250.187.206:443

520 B
10
142.250.179.226:443

520 B
10
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.16:80

c-hzgt2.getui.com

300 B
5
115.227.15.231:80

sdk.open.phone.igexin.com

300 B
5
115.227.15.15:80

c-hzgt2.getui.com

300 B
5
115.227.15.233:80

sdk.open.phone.igexin.com

300 B
5
111.229.199.57:443

service.dcloud.net.cn

180 B
3
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
115.159.204.155:443

service.dcloud.net.cn

180 B
3
124.220.57.196:443

service.dcloud.net.cn

180 B
3
110.40.169.99:443

service.dcloud.net.cn

180 B
3
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.13:80

c-hzgt2.getui.com

300 B
5
115.227.15.233:80

sdk.open.phone.igexin.com

300 B
5
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.6:80

sdk.open.phone.igexin.com

300 B
5
110.40.181.119:443

service.dcloud.net.cn

180 B
3
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.15:80

c-hzgt2.getui.com

300 B
5
115.227.15.6:80

sdk.open.phone.igexin.com

300 B
5
115.227.15.235:80

sdk.open.phone.igexin.com

300 B
5
183.134.98.102:5224

sdk.open.talk.gepush.com

240 B
4
183.134.98.112:5224

sdk.open.talk.gepush.com

240 B
4
59.82.44.11:80

abroad.apilocate.amap.com

360 B
6
115.227.15.235:80

sdk.open.phone.igexin.com

300 B
5
115.227.15.239:80

sdk.open.phone.igexin.com

300 B
5
216.58.213.4:443

www.google.com

tls

1.4kB
5.7kB
11
12
183.134.98.76:5224

sdk.open.talk.gepush.com

240 B
4
115.227.15.239:80

sdk.open.phone.igexin.com

240 B
4
115.227.15.241:80

sdk.open.phone.igexin.com

240 B
4
111.229.199.57:443

service.dcloud.net.cn

180 B
3
183.134.98.102:5224

sdk.open.talk.gepush.com

120 B
2

224.0.0.251:5353

3.7kB
11
1.1.1.1:53

ssl.google-analytics.com

dns

70 B
86 B
1
1

DNS Request

ssl.google-analytics.com

DNS Response

142.250.178.8
1.1.1.1:53

service.dcloud.net.cn

dns

67 B
147 B
1
1

DNS Request

service.dcloud.net.cn

DNS Response

111.229.199.57

115.159.204.155

124.220.57.196

110.40.169.99

110.40.181.119
1.1.1.1:53

sdk.open.talk.getui.net

dns

69 B
150 B
1
1

DNS Request

sdk.open.talk.getui.net

DNS Response

183.134.98.102

183.134.98.76

183.134.98.112
1.1.1.1:53

sdk.open.talk.igexin.com

dns

70 B
148 B
1
1

DNS Request

sdk.open.talk.igexin.com

DNS Response

183.134.98.112

183.134.98.102

183.134.98.76
1.1.1.1:53

sdk.open.talk.gepush.com

dns

70 B
148 B
1
1

DNS Request

sdk.open.talk.gepush.com

DNS Response

183.134.98.76

183.134.98.102

183.134.98.112
1.1.1.1:53

wx.jieyang.la

dns

59 B
135 B
1
1

DNS Request

wx.jieyang.la
1.1.1.1:53

sdk.open.phone.igexin.com

dns

71 B
282 B
1
1

DNS Request

sdk.open.phone.igexin.com

DNS Response

115.227.15.225

115.227.15.227

115.227.15.229

115.227.15.231

115.227.15.233

115.227.15.6

115.227.15.235

115.227.15.239

115.227.15.241

115.227.15.7

115.227.15.237
1.1.1.1:53

norma-external-collect.meizu.com

dns

78 B
94 B
1
1

DNS Request

norma-external-collect.meizu.com

DNS Response

183.60.176.112
1.1.1.1:53

abroad.apilocate.amap.com

dns

71 B
142 B
1
1

DNS Request

abroad.apilocate.amap.com

DNS Response

59.82.44.11
1.1.1.1:53

c-hzgt2.getui.com

dns

124 B
228 B
2
2

DNS Request

c-hzgt2.getui.com

DNS Response

115.227.15.15

115.227.15.13

115.227.15.14

115.227.15.16

DNS Request

www.gstatic.com

DNS Response

142.250.200.35
1.1.1.1:53

android.apis.google.com

dns

69 B
109 B
1
1

DNS Request

android.apis.google.com

DNS Response

216.58.204.78
1.1.1.1:53

c-hzgt2.getui.com

dns

63 B
151 B
1
1

DNS Request

c-hzgt2.getui.com

DNS Response

115.227.15.16

115.227.15.13

115.227.15.15

115.227.15.14
1.1.1.1:53

www.google.com

dns

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

216.58.213.4
1.1.1.1:53

abroad.apilocate.amap.com

dns

71 B
142 B
1
1

DNS Request

abroad.apilocate.amap.com

DNS Response

59.82.44.11

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Clipboard Data

T1414

Discovery

Location Tracking

T1430

Process Discovery

T1424

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Clipboard Data

T1414

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Data Manipulation

T1641

Transmitted Data Manipulation

T1641.001

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ijingyi.buy/cache/weex/libs/weexjsb/x86/libweexjsb.so

Filesize
32KB

MD5
34097f1fa73633491f8fccf7352ab4ae

SHA1
38c4d9e57a56ee1af4fbc588aff7cd0c4750657d

SHA256
69f78ad30e6c6b14ce5e804cd6e76ec9b1575400ec8fb5af33118ebaad2633d6

SHA512
6885efeba36514b8d0bc3f6d87ed9ff04c18a3b2be894a5deb7ad60a405b54974ca4d9dd4aa0eadbc1e8d42111de2730313bdab88bbb0506c15fb3182c3d1a11

Download Submit
/data/data/com.ijingyi.buy/shared_prefs_ext/test_app

Filesize
8KB

MD5
e7cd57a0e58e189d5412456ea7132f43

SHA1
dbaf8c9aa98d0624764a3fe22fb4207ecc4c874d

SHA256
51b72e78ff2dace0745e8cbaae346d35dfd067dc00428bd1ea5c756e124f2f7c

SHA512
4ed5965defcfa5c87862561a35ff94b0d760c43e4d3e9c33b877ff555e30ab4a10d1dda168f7b89da7d419440e50a4d12c18cd730e03c601ddd10e7c9d8fa01a

Download Submit
/data/user/0/com.ijingyi.buy/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
e0972a230a38bbcbc1c736626c74ba57

SHA1
4bf4367ac158f8704c07017308db35778eb0e2d1

SHA256
6362cd0db68191ad8a5032ca44173e37850649ead084f4aea1a5bba3f5f66f2e

SHA512
5c52155dfd557c6cb5c7db6a6d998586f477de1b332d825152522f7884921e550596c06d2c3f59643236f6ddf3ed165bed3df32af42af37fffbfefdad3bfb6af

Download Submit
/data/user/0/com.ijingyi.buy/.00000000000/A3AEECD8.dex

Filesize
63KB

MD5
15d58661ebfaf97fd2b6ad1b8af9a3f1

SHA1
c9ab491a9432fabf246c02301ce67358c903f6ba

SHA256
0fcb8fe1120b04524ca04b2041f39865ff653920c199bd386c5e8e199fee072d

SHA512
0ccd951d7b7a05dbbb152fa2eefbdf47b0df98ba592100e9d974683d7d21134a7d3a6b45e2ca6d24f0194ec81e3ae27f9850da5a235e019b59612223185ea893

Download Submit
/data/user/0/com.ijingyi.buy/Anonymous-DexFile@2069735286.jar

Filesize
63KB

MD5
5061e4948844f7d366972ac8005e9f13

SHA1
a2b79a1c79afb095ddebf0f16a1f9db64482bcaf

SHA256
3aa6caecfcd101531539147e01382bc530b4fdc61e98937d63cc4648793c6a45

SHA512
223d18ce248912df18cdea3c8e864ea5e6ec058ca42cc5fde738188c54abcd260d7f24ac53d4987d3e32f4ae3e1e40e01354054d035bb100eef51b2d695f5299

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/3633f4aea60087a3172ca815e8028876b98bb5e2882b6c1dfc0e02d108ea142b.0.tmp

Filesize
8KB

MD5
1721ec6937e722528f70b71a2cc889f7

SHA1
b046e2dec76495690d53a2296e79ce2e77cb2d6c

SHA256
5fb1b59d26906f283942c643cd8f900e9c6397c4b2b646777b3e019caac7f1f0

SHA512
f63e2eaf76801ed32990a5da13a3afd72566f0bbacf97d6cbf44908a9dbe9192365115c6d7836901250e879c7ad7f70bed44a4f2dc9f958e2518cf6109bc18ef

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/9ed1e417a79659ff517a3930dbb48115c728e1575520924147dc7a8309ca1e4a.0.tmp

Filesize
8KB

MD5
29fe59b6870b1ace2cef92e7b5eb76df

SHA1
4b90771e5fd61a210c49c64b0dbb4dea950da3de

SHA256
386e0da2b68f88c037cdf04d5ffac4013f6364dc12a80b3e83c406c4aeca663f

SHA512
d1845785be95eb0a3138dedaa486000f7c97734053d9168d61564a81abc8e59c38e246a13436920f310269a6e42cea291ea3f074af44dc20641158929b7c776c

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/ceb4efcee8bbaac8fee8f9483de122e8e49cc1f1b7eb90d338c505ce26bbf208.0.tmp

Filesize
8KB

MD5
c3b7e1c1e1ff729563fc7dd1577cde9b

SHA1
cf144b2bb8c51fa974147bf6b1a8778cc7bc4794

SHA256
4774c1b9594c06275c8403142889cd2dabe2410f9e7894bdea091aa2318f76c4

SHA512
873c330e992849cb8bc6503e9dfa1d47b9b94888b7ff21492d861a6ed7ce651a84bfe95751dae156a133af1c2d2dc632446d6a29d491c1e047171fc78e2e9793

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/e5aea0590df81b4da37b9dc1cdbe9fdcca272f9507a7592f89ce612c4fcae2f2.0.tmp

Filesize
8KB

MD5
44cd51940d2e24532914db8d9788e2cb

SHA1
c36814eaef51cccf45662fa339eed2a959b3b889

SHA256
f459aa4aa953ea5679c6ee4f4fe08055bba362a38ef6ffa25cac2da0f75ef582

SHA512
75a757c7843e8aabcf5bc3fe8d21b4beccdcc82d3fa050bc458a93dfc5f1f92ccc73a7dbc1b2a638e8d7c3ee4720fe73cd4047b266b6813e09c8e99ba8f2504e

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/journal

Filesize
616B

MD5
44a6e583834d114701e2ead8ca7bd9db

SHA1
af996698a48f25b97a31d0c49d6d4eb80c99c2e7

SHA256
fa152aa94d4d7cb23efd43525014b19d198c8b792f6e55dd667902d78975450d

SHA512
7209d31886235f95bb08d879319310ae14b91f65303f9c6c67bc487abec0909835793bcb00cd03340af9f020c6f0838340b849ef439d17cb62b868abe42f3be0

Download Submit
/data/user/0/com.ijingyi.buy/cache/image_manager_disk_cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db

Filesize
36KB

MD5
a925951bbef27a9ea507f847a6ceaad7

SHA1
34b73ba1b11a2423198826f820fe87a1b8cc13b6

SHA256
1dd2d23b7c64bde28175205a16f99abac0aa5938d31812c095234defbd1f917b

SHA512
4ce18802068f8549fae1d3c594423476753deb776c57acf8ddbacb47360db50c922452db037b3c2d852f28147781c6532a141e9cfae51772b96958825e7ce5cf

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db

Filesize
20KB

MD5
6d39f95187ccd5a6111921081a937fdc

SHA1
bf99b75b0bbeb204a3a835c103b4891f856ca6af

SHA256
dfadd085bd82d83eeffb40eb865e86dd8ba05f9f05fb961a872fb7e7fc5edfce

SHA512
13deb5cb36cd4f4da8845330ed694d8c8ce9946f241ea328f8f90285a26a85d9aa00942ed1eb7423f61d67f449179af4bae5085e9a74b09754f94ed2afbb5908

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db-journal

Filesize
512B

MD5
448be97009186bae60fbc2bcfa5bb844

SHA1
825069fde3cbb0d8d2b8485a85277e8a31f8263e

SHA256
bb547ced4dc34de5a2af7c8b1ada5574da3831770dabfafdd5d3299e419c430a

SHA512
99760a3094b739739c2f808aa1f5de07fb0c14cfdc22033cd235d6f6edcf63885ceeadb608fa65e59f20402e9f83648b2bbfde7c34619664fefd0d059fe2976e

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db-journal

Filesize
8KB

MD5
a58b89a8895fd91e89c8effe181cb685

SHA1
639f3f62deb4fd81b176c15fad13413dc10f05ee

SHA256
3d0c0839e1ed982fbdef304de19afe1657007dd20a563ec60c01f6c6316781bc

SHA512
20952fd403edc740019bb7fca877a5d7630c2a2f4cd3742b6a826b5e2e66f0a4a88a04629ed3949c7f8ee60bd68bc968f30f6d4cf3b740be084792a44435b9d1

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db-journal

Filesize
8KB

MD5
9967bc2c2ff2077c298183645e7550ba

SHA1
91649fd217cdf870418ceec2997b066d2b989e5e

SHA256
7e0e9b51810fd1cdc1e4024848bbde7fbfb329b2940273a1e68ea5ed14d43bce

SHA512
41ec9ced5f1321c3eace2a1eca746fa749221b1af967ce945d1df99ff55865019e65198d218d51e4848f89465d30ea1b80c87279dbe60e5b979694c9e0804c74

Download Submit
/data/user/0/com.ijingyi.buy/databases/logdb.db-journal

Filesize
12KB

MD5
18ee248c89b243523f07c6424ebad535

SHA1
bdcdd27b849920053534a6f8511f4c2464d0c5d2

SHA256
70d9e4f7164d9040b2cfcdb6a91cef2c17b539379ce0d373a9cf46defdd159f8

SHA512
605fecea39daf8043c247f1e0f156ba7f5115c888e567b2a847559e1f0a7cea2d85939cd887fa7882039f9e5beeb1dca93e5e1096632cd093d8e2815daa80b47

Download Submit
/data/user/0/com.ijingyi.buy/databases/pushext.db-journal

Filesize
512B

MD5
8d3545d2455c436d51e0f536569b57a3

SHA1
6ef65e102d355cb2a88e493e42c4c168428fe5a1

SHA256
e0b6e41e5da07fa38a89272ec2bc5b03055baf56d101af8ad51dc2e7283e1cef

SHA512
07c550710ccfebc405928ea910496493a75db7506afec108494e8fdd15e88f4dc6f83bc6c36c1c525ba3b191ee22aa88d3e2e5fbb26079e27f5bc9d38e719246

Download Submit
/data/user/0/com.ijingyi.buy/databases/pushg.db-journal

Filesize
512B

MD5
c41f75d04d38fd055dfea1651e79f92d

SHA1
c371aeb137f10a7b32248b5664a72578e27a905e

SHA256
a1a508ac70ddf5b5bf3c61b27b3efd89b4bf5aa02073e4238bcf97870e665344

SHA512
81e3d73fa5fd324e8daf13a95fe3e09a072ff77b31399221c664092bbc4d46892e64b2536c7a9d2a5a9ff8918844a31bce192e39489a46d405947c97f1e51ca2

Download Submit
/data/user/0/com.ijingyi.buy/databases/pushsdk.db

Filesize
48KB

MD5
5772d80290ca3b2c6a647392bbd91003

SHA1
aec558596014267e9fa193fc6dba229f70c54ddc

SHA256
474051bc78159c67ee3008c59f7df755049f5225d1e29040fa9cc2e693daefb3

SHA512
d1665849df808bf9ef750063f16013dff5b3bbbae62d1d2f7c261158b7328078466c68b3fe155a640a2d24d54828454bbfa2d38ed24170d3813e43d54260f06c

Download Submit
/data/user/0/com.ijingyi.buy/databases/pushsdk.db-journal

Filesize
512B

MD5
07dbf40c981ff7f71f9fee4d42c53ef5

SHA1
d66f4b34b6e5ed74d4c05819c203d5a7a8c2d8f6

SHA256
ecf053efedddf97b26280a63e3711cbb56489fa826388ce52581af29e5a5a54a

SHA512
07ea103ca1378fa9a8691cb416b77ad4c8327f5efe5145014fdf61216199e1ce466d8f0415639f5fc67bc56b7117c955b2e871cbe96708f868771a5d31fefb29

Download Submit
/data/user/0/com.ijingyi.buy/databases/pushsdk.db-journal

Filesize
8KB

MD5
383149fedb971fb69d2137b28fdac5f5

SHA1
9bd3f78a5f641407b902281a501988cf6a30fad1

SHA256
118c1fa9165dc3111ef4f45675291659be565676ccf04425822a9b26b41d8dff

SHA512
5041047174bd6d25ff6a2849607d825a272eb04ffd938d5514e2cfef0e5ff5b25cd995da196eb5c5ad1da9c943c2c31200ae2531b6955e5e518b729b33fe9224

Download Submit
/data/user/0/com.ijingyi.buy/files/.imei.txt

Filesize
8KB

MD5
9b5fad0d69515dda3bf92a861e23dd07

SHA1
f717a48d07c77ed738ec0b91b9e55fd481f34ae1

SHA256
db8c8e102061ad2907f7497b4ce0442513909f55d997934e6cc97e4f373ab7cd

SHA512
885617f949211cd936dff87cac62ebd168179a6545bfd0143ea6f56579e6469c7133075f160ca687ad5fcf1e9321fa1a87364a568e1dd891de53722a53429092

Download Submit
/data/user/0/com.ijingyi.buy/files/a/b/4c984fe24161907e5b5b9423ecec3163.0.tmp

Filesize
547B

MD5
c258352d2dc80b3b3b84ed6bdbf11855

SHA1
27ab208ffaa178bd01f624a74ce31444589753bd

SHA256
11ab7588fb5d6951a8d688cabfbaf9828185b9dd7efbbf85d4a3350e2eae11b7

SHA512
51ea391c6df003fa89b24f316f7b9950a892846d4e6bdfb20b0450a2f209b1badfe14cbadd426a3c749e607954372bdf4141b7978040a90a20f764a6347092d4

Download Submit
/data/user/0/com.ijingyi.buy/files/a/b/journal

Filesize
113B

MD5
94ea29ccc65d824350a5409832de3577

SHA1
355bcb9e942202e511be21cb264dcfdbfc0a93c2

SHA256
768bb5055e609f1dc8f2c10b27bbe265eb707d8585b80858253c261ef2682fac

SHA512
40a00f4f7e7a882ed29f4e01301bdf3e020d7f5eae3936289e0952939c8bb3a908c4927ba2de6dec82f71eae09ebdb72380aa1c4e11bfef358ca14adfe7edf95

Download Submit
/data/user/0/com.ijingyi.buy/files/a/k.store

Filesize
32B

MD5
e826b47cc4810a6b0594b20bc276e5b3

SHA1
3e5172ab33315cb1e5524afedd9f084723d6e072

SHA256
b3356b40ab4f81880ad4af063c9b400f24860317c5457d82b1603ada8e691209

SHA512
6dd8816851e49db006ad374c1380bba94ca8ca3806c00776165783336da35d3cdfa6eefba70a1d342cb62e520c5a21d8a9805c7b62eda96a2b2ab8bffa96ceb1

Download Submit
/data/user/0/com.ijingyi.buy/files/cnc3ejE6/eje3cnc

Filesize
35B

MD5
762298b93820a5cd8b6d8ec469078f7f

SHA1
d5b02a2ff3b235cd2b61ceff53a1d88b8984477d

SHA256
dc3f98a33c26c2796dc294b354831fd5ca9796295f4cb38479c80b145d4807db

SHA512
70f864211ce16679d0538abf9b7071d27c2d22ae458e32409d20065032c762dd186307ef33ede90abd9ac794a4ced8b163404e9799c05f0c515337249684311e

Download Submit
/data/user/0/com.ijingyi.buy/files/init_c1.pid

Filesize
14B

MD5
f0ec1f7b0f3cb7587c3d2c3b9195c121

SHA1
ca98e8bf7ad974f95ffb43a56abaab4dd082d899

SHA256
ca3ccd08953185df01469211126d299fde8e09b31e1097f7e3e6a93c747fa390

SHA512
b52f287c5df4ca83916906c64abfe14c0d645a00581eaaae8feb11625d3ac8e45e0a7ead55ba9b1da4c832ff793b2c1532e52f80a562ceaffe05b4967394bb53

Download Submit
/data/user/0/com.ijingyi.buy/lib-main/dso_deps

Filesize
4KB

MD5
f3410f8d6c7f88a0305ff8efd3025d11

SHA1
2f2762e55b2fc958f99561b31155a768dede650e

SHA256
1fa2f2fb581b4d43d7a7ce086f4eac06124c8fcbdffbd5e7ea034beee456da2a

SHA512
8b0b2e11fa57ca70fcaa80b053f58d623576da41fcab796eaae69ad939814db004f1ee2f27b86a35e40e42ac646c6e612f4feaf8f2aa808a29b5286ab2ea7647

Download Submit
/data/user/0/com.ijingyi.buy/lib-main/dso_manifest

Filesize
8KB

MD5
09cb41641da40f93f323c3f73c684042

SHA1
2120f5efc219e90860c21c06493a595082c37990

SHA256
681a3203b29ca9d2ebea95f3dcbe8166aa7dbe42b3184110d867f5c010adf5bf

SHA512
d8aa0dbe583ca541473b2a2ef3298722288f71e75c587daad9c68a918a78520315058e4eb7a116e15bd2feb87654b6c13df210e33921dfd09d658519fd8b219e

Download Submit
/data/user/0/com.ijingyi.buy/lib-main/dso_state

Filesize
8KB

MD5
af8b1170f53574787e12ee8890ca3669

SHA1
2419327f9d32362a5aa9ebe81e1d93e1da34271b

SHA256
40fe424da2155cf0433609594f06acae4c14316e2a67cafc64133764e47bb7a4

SHA512
8751298dbb8a87c87b06f7c96502dc408c2bdfd435c09f8eff4609ff242fe8c74fa8a70d72af0df583e795a63ae6c323bc31122195b7dda0406cd94d31d1651d

Download Submit
/data/user/0/com.ijingyi.buy/lib-main/dso_state

Filesize
8KB

MD5
dcf375ef52e46c769ec189dd66c4f34d

SHA1
7f94a1a68ce77b5cd55f854800cc4f1eb5247dde

SHA256
ecebd6486d6e5d86e36b48283019843423d95c6adffd42dfb13f6a76c9b1ad49

SHA512
d17c18a74f000bca7282175108ca5cff4fdc1aa0b62b92d0cb9052bff21efcb535c62e6fd96b089a3b9ebcafb2d4f3fa21681da6aaafc622a9fd9b4916131735

Download Submit
/storage/emulated/0/.imei.txt

Filesize
28KB

MD5
a4940433cb748b741e6f3c6de775910c

SHA1
fab27c4083a847561923f3cdb96560e271b3a6e6

SHA256
94e7b64fc1223db9ce5288d382c705d463f9207ce20506eb085bd1ccb7f5ea88

SHA512
70565e8cce903d222afa289d0c41e7bb2b4868d7d9adacd994369e0218654cc073099b644785a739cdf8d425f20bf3e7e022fddc95dd58374cc40af90cd01b5f

Download Submit
/storage/emulated/0/Android/data/com.ijingyi.buy/apps/__UNI__25C561C/temp/1715913326186 (deleted)

Filesize
1.1MB

MD5
cf4fd9aec12c6dd6dc32725e75aba94e

SHA1
3e05f7717cfd4cc4ba6708e73df7b1df678135bf

SHA256
5ee8f7a5c1a2930627481f2594644a0707be46c0d84b6a59829bdd8574ab9c17

SHA512
739dd2f1cefa8f29af61c6a5e1f730af2a436ac71b808bcf10241c5f8376fe491acafd14149ba0aa4093e045da8fa312e0756c65e1792465730e9ccbca947dde

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.