Malware Analysis Report

2025-08-05 19:14

Sample ID 240519-evgbjsab24
Target 587fd13d51e04716da2fe7b4274db573_JaffaCakes118
SHA256 4caa8c33c9c9509d05dff8652724031eefba653b8a6fd35d045a9d5ee88e0267
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

4caa8c33c9c9509d05dff8652724031eefba653b8a6fd35d045a9d5ee88e0267

Threat Level: Likely malicious

The file 587fd13d51e04716da2fe7b4274db573_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about the current Wi-Fi connection

Queries information about the current nearby Wi-Fi networks

Checks CPU information

Checks memory information

Queries information about running processes on the device

Registers a broadcast receiver at runtime (usually for listening for system events)

Reads information about phone network operator.

Requests dangerous framework permissions

Checks if the internet connection is available

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-19 04:15

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-19 04:15

Reported

2024-05-19 04:15

Platform

android-x64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-19 04:15

Reported

2024-05-19 04:15

Platform

android-x64-arm64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-19 04:15

Reported

2024-05-19 04:18

Platform

android-x86-arm-20240514-en

Max time kernel

127s

Max time network

178s

Command Line

com.kongtiaoyaokk.jjjd

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar N/A N/A
N/A /data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries information about the current nearby Wi-Fi networks

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getScanResults N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.kongtiaoyaokk.jjjd

/system/bin/sh -c getprop

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar --output-vdex-fd=58 --oat-fd=59 --oat-location=/data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/oat/x86/gdt_plugin.odex --compiler-filter=quicken --class-loader-context=&

getprop

/system/bin/sh -c type su

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 sdk.e.qq.com udp
CN 113.108.27.88:80 sdk.e.qq.com tcp
US 1.1.1.1:53 mi.gdt.qq.com udp
CN 43.141.43.110:80 mi.gdt.qq.com tcp
GB 142.250.200.3:443 tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 14.22.7.199:80 android.bugly.qq.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.177:80 alog.umeng.com tcp
GB 142.250.180.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.206:443 android.apis.google.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 223.109.148.178:80 alog.umeng.com tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 sdk.e.qq.com udp
US 1.1.1.1:53 oth.update.mdt.qq.com udp
CN 113.108.27.88:80 sdk.e.qq.com tcp
CN 116.128.134.253:8080 oth.update.mdt.qq.com tcp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 223.109.148.179:80 alog.umeng.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
CN 116.128.134.253:8080 oth.update.mdt.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
US 1.1.1.1:53 oth.update.mdt.qq.com udp
CN 116.128.134.253:8080 oth.update.mdt.qq.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp
US 1.1.1.1:53 android.bugly.qq.com udp
CN 119.147.179.152:80 android.bugly.qq.com tcp
CN 14.22.7.140:80 android.bugly.qq.com tcp

Files

/data/data/com.kongtiaoyaokk.jjjd/databases/bugly_db_-journal

MD5 3b9a11e9cbcb2434076619413fdf6982
SHA1 ec981bb91342fcdd9e6db1670eaf9feefe00057f
SHA256 fc19a8e6797c0d5c518a26eb2a106313adaf017a4958fdd1f9d4346d2d91dabb
SHA512 4b81c1df17b26488de469e2e69205e399abaa621f7172eac0f2cd4143b52ac6366ab74d8b86e91058bcf429dcb1b54be5b8412fb58c11cddec418ebacfebb9cf

/data/data/com.kongtiaoyaokk.jjjd/databases/bugly_db_

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.kongtiaoyaokk.jjjd/app_crashrecord/1004

MD5 baada8b762146686aecb5d31c582f454
SHA1 d9e3cf3d210ae845e21ef444405a0a4cc96688c5
SHA256 b3b3ecb075668ff2da6c148b78b2eddec4a20887200b1a3b9d32b647f00e5a55
SHA512 a344b992e6d3e50ee8f27297a4131957b5a22e044e2ccf6462e167c147b4d33be0b2945f3e7d949815ce2fdd0ccac180ea422591d2af382f44a5f26bb6637e93

/data/data/com.kongtiaoyaokk.jjjd/databases/bugly_db_-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.kongtiaoyaokk.jjjd/databases/bugly_db_-wal

MD5 0330802c181749c4ef2a2f03dc613b43
SHA1 2e9e9773fb59d893c13314cd771427ddcc4439e4
SHA256 acf497c18836d72514c487ab5d6a05bcb501a52b7e82a190ed8f051312d18b16
SHA512 9cbf59c17bc835e3cd0cec91ce03e9bb7d95b9668a23d920c691b366eadd90e32a7a7ee37a551497ad53cb86fb31cecf3f161a0782f2c4ac447ac91c7c44dd42

/data/data/com.kongtiaoyaokk.jjjd/app_crashrecord/1004

MD5 0d210bfb2a0e1f1b4c082a6a0f79de07
SHA1 bb8ed9e364db79d1d9f2fcde3f15091893222faa
SHA256 988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d
SHA512 536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

/data/data/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/update_lc

MD5 dce7c4174ce9323904a934a486c41288
SHA1 e117797422d35ce52f036963c7e9603e9955b5c7
SHA256 0c030586945fe504b604ecc2e875c38ede400cd5cd73da9730302162e6b02c6f
SHA512 d570ab6a8f4a7b54d426b0481219074b5277ace37d88438d87ab97eb387938eca1cf7b09fa42d596c56ada860710d2a7385d2a96e1cedff58ad6ed8900f1b143

/data/data/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/update_lc

MD5 0bcef9c45bd8a48eda1b26eb0c61c869
SHA1 4345cb1fa27885a8fbfe7c0c830a592cc76a552b
SHA256 bbf3f11cb5b43e700273a78d12de55e4a7eab741ed2abf13787a4d2dc832b8ec
SHA512 91972aa34055bca20ddb643b9f817a547e5d4ad49b7ff16a7f828a8d72c4cb4a5679cff4da00f9fb6b2833de7eb3480b3b4a7c7c7b85a39028de55acaf2d8812

/data/data/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar.sig

MD5 c07a9cd78cba123ebfad22ac2604cd0b
SHA1 f5d856fb737790611033701d08476ed609b408c8
SHA256 28ea32389db7edbb147928d27b2994a042fb09173ea126abd6f407a0a895c872
SHA512 05da6bf460920e5d51339919a8866e9cc454929e98e8523c224148b219b49e3d6b9e590b912989b0787c5616da05c2390ce05abd60a6e8afd75f5f07477ad121

/data/data/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar

MD5 20260cd261dc030e24c9aa3738f096a8
SHA1 10cb03d6d2d5762185ea723204bb8914639af567
SHA256 c8a9aaabd205b53a0cd5af93e3b85601b139e2b2b253baf7e5bc3ecbe0761e7c
SHA512 fe8bd6533e8f54b9f1aa693b6aef7f2fb2e738513cc09c2f295efd69f542caa76b4d27cbcd1dab2b37117b36b8d19b3af4c66dd2471aef09b2e700da27c4faf7

/data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar

MD5 b97d8ce8d7ede2c41383c7937c8b8bb0
SHA1 c6cfbfb43619a1da7bdfce7c673dfff580921675
SHA256 7a731d4f3f167aecc6413b9821e4997331d4ed010152248d7b2dc5fec5e4c14a
SHA512 7eab78aa6b6addd650939cf79ec8af1756ab7c9a9f1e4936551637037344dec480185161b82812440bc99c3efa32be21975a5f8ca9256838edbd82bcab496330

/data/user/0/com.kongtiaoyaokk.jjjd/app_e_qq_com_plugin/gdt_plugin.jar

MD5 be0867e923abb109e9d77ab2469cfc72
SHA1 1741c2672714f4f258ff03930a951fb741c372f4
SHA256 d4ef58dbcb87b7998b0fdd112a2cf7108857434d24be079265662cf93dbfaa51
SHA512 19589af875576d615d51980132ac60839cfb32187121335777aefe30aa42547434dce5d6ac473e611c69279c2c210acf159cb67a9aa168ef050773935f1a08f2

/data/data/com.kongtiaoyaokk.jjjd/databases/GDTSDK.db-journal

MD5 bf93e91ac7a67eab7fc28bab597c95e6
SHA1 25164eae05d9ca924e4a28bb4fe73eef9f524c71
SHA256 f8b3c6ba5263fdd46b2bdaeb53ddc169f6469ff7bdb2f2287046f98f2e962682
SHA512 ac60309281a74d43cce453937354f6a0142167b071b95b2d18a449be2b1d5aba1066799c82c26536236cc137d5acab53f6eeed4b1ed37d2cfc539c7af25c46d7

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db-journal

MD5 1b803648b8646eca21dfc4cee751c110
SHA1 b699986dbdcfe0252f5ef460e377dc7ac079ed0b
SHA256 3a778d0f38f1cfb379bddb4cb9ffd0d9f2f642b2ebb7ea9cb27069dbddbdedcf
SHA512 08f2fb4944f861351eec70d66b86baf6cbd421b9c655d5c72fb54bf3ae12d00838eafc932835a762dbb61d355ea23547b41c0666c711d27c621a3a7f017be0ac

/data/data/com.kongtiaoyaokk.jjjd/databases/GDTSDK.db

MD5 755d1d1b0599d7be973031b5a9ed3373
SHA1 3b13cffb97005729fc20cd9b9a8547e0fa32632d
SHA256 90bc14445f887f7dbff548bdcc44145362d7fd20cc8ad8568b4d5c9372ee9b46
SHA512 afbd3a1c76a41015b2d4523d1c08dc14a3a75dfea3a5082b5e0552d750a498fd316bc98055b9f0ad2992f28b820ef15254461fb5df4cd6c21573a96f17b24ae2

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db

MD5 5773c85771788c2d2093ed010030025a
SHA1 3c2c2704511cc39ffc40e221711eec25240fa34a
SHA256 fa70177064f8da483058a40b422b80ee853f1681651955dbe4df997456fc6678
SHA512 d10e48471aaa84c054325d6bf510d81ef10c8a724e11952c14997f7d46b7ad36584e03904258c80643d2a3fde1acdddb619e940023ef4d1186aa603a0ac7c1c2

/data/data/com.kongtiaoyaokk.jjjd/databases/GDTSDK.db-wal

MD5 50659c97b5a1b6d4424afdc474aec58f
SHA1 51dddacbc8a6766c0f343871f287fae9b9980c29
SHA256 18f79c145cffdd307170937cd0a3e6395f43807c1bb0100bdd0549983d782ec6
SHA512 0825e25b403fdc7b624b7e249030a223f49bbef6304f5d23f41137df29fb9ef8ce1d49f486fb3f893b4087201434f8ecf16b4b601d084c2601678419bf3d489c

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db-wal

MD5 3390c0c83d8a9a833dc0e564a33da31a
SHA1 f8a01312edd1608fae719a4d5d3301973735d363
SHA256 e5e5c9b4d85e478d48eb84c6616aede6b4b4b1186d23bf8d2f603ec4d04f40cd
SHA512 70d01316ed4b1f2ad8777200c3d5c56817ab010d3d52722b98366c27b600e6b44088b380e63a50a9325d1378a13823b21bb6bf786ff1a20d57eb1683c6ac7314

/data/data/com.kongtiaoyaokk.jjjd/databases/cc/cc.db-journal

MD5 35815d8b95edf080464e3d39bf469c97
SHA1 09c4d129677aa22ba0b1d9bb235c71739d09505d
SHA256 2118d76a7a2f2b818cba5aea005e9623a7e6e8832c4c2a08dc50084672d86415
SHA512 0b4599b8f5ff8ae07a9def9bdb0b7e6fe601461728c29e87c09e50de5964391684c1da042bb34bc909d35cf58538a35f82fff0c16adb0a3d740cdd0cfaac6863

/data/data/com.kongtiaoyaokk.jjjd/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.kongtiaoyaokk.jjjd/databases/cc/cc.db-wal

MD5 e504954057420a3a5ff3ef3b308fe9b5
SHA1 2b418b39c76171e30bbbde84502ee03bb11809d7
SHA256 b00ef99b239ae9b81af8724b26e39a241efd42a8b77af308a0c58e9935ebefde
SHA512 c583d5472347a0ddcb6da6d4e1d2d0570f7aeec82adc2671a6430479e033fe74a717a562575545b0ec09a0e60aed356e2a7d2887fc7563bf11e519d60fcfe26a

/data/data/com.kongtiaoyaokk.jjjd/files/umeng_it.cache

MD5 713713c1e70d4f2509fad44bbfa7f59f
SHA1 2e6dbf9514985cf8f2a2d624b647cea60a683898
SHA256 88eb4cbb55d4c3f71fc14df30748e45c6d6a178ee3f48475bcbef0045b9a653d
SHA512 7b450a79440000c7614f7256ff88d0058c338b63b6f9fe9d517489b7369c2522408969f755dd040ae5276feea4dce00e155e2e450e609021a77c545437682076

/data/data/com.kongtiaoyaokk.jjjd/files/.umeng/exchangeIdentity.json

MD5 b69dbd8a0412389eb88ce11a59a198a2
SHA1 91526a01cdc7c4670e8bc07c5d7a0f1950a201aa
SHA256 217915af3697c861dddbb75d68dea577840d412244a69df3d435eb4a9471a550
SHA512 431fbb194277ff05426dbfdf961784e6d13e5dce0ca4b850efd4b9b40ffd740236d2b235c12995d7ac8f08dff063d081ca36345b10584fbb3632c72f7a675ca4

/data/data/com.kongtiaoyaokk.jjjd/files/exid.dat

MD5 737d1546d8bb760acaca63ef23194fa7
SHA1 dfc3fbe3e12e76326f228a82e3f747ba1f4a7307
SHA256 a0278b5a3abe19bb3caa3f3d3335625a426d85e0a4d4903f19b90235be956c98
SHA512 2807fb9c9f52d0b527e3637a38c5464491ee878ef4250072c2c551fda39782e3bb7e19aa8a5fa471273de1478d0336a65311665c7654bca578807d4e941de0c2

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db-wal

MD5 f5f913cd11e6a91d8b9612bfbdfd86e8
SHA1 cb2155d6a78df9bd0fe58a873ad440fa05114408
SHA256 0adc0584ac674aca6e2c4d1001f6911f48b04f2ea002e9253fb4e1c094615c95
SHA512 6aee477446842deb1c0a81e24ca7a52b210bff947a79c1f718d5ab65b217a4cd675a2f3be25a88e94b4babe3d51faedbea1ef2d9109d5e19b1cab996abf2ac39

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db

MD5 d604a3bf1f8d992cc320ea5b1f7609bd
SHA1 247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA512 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

/data/data/com.kongtiaoyaokk.jjjd/databases/cc/cc.db-wal

MD5 ce56a8c8a4a7539cb045b57e8912876d
SHA1 66d1d8b2108db9d61b73b21dd91229ee4394fd4d
SHA256 c6aa6bf65fa9063e8b7bbdaea461569a7435113c788583ca9f8de0c6596b92ce
SHA512 abb6125f3aeb1df6a7fcf5a67d6bd4265df9fd0ac06b76a66b2085868729e7104df77b1640bc580f8798aad5af67dc52d544f99200f4a1dc141c0c2aa6080efc

/data/data/com.kongtiaoyaokk.jjjd/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.kongtiaoyaokk.jjjd/databases/hremote.db-journal

MD5 e1703b6d8f9d098d1fe4cccc67732c7e
SHA1 a27d15e5d7e58d555df2646b3b738465c9d48ef3
SHA256 2d333e4bafdacaec830722a35c8c03b12274e0e1723d0d95d1e5285006acba71
SHA512 308ecb67f49b23bacde72f698813beaeaa05ea72b5da8e049b3ae35ee960abb97326134df6c57a615c5e0fedf0c510cb68175f28d765416e962b9ffbb84b5f5f

/data/data/com.kongtiaoyaokk.jjjd/databases/hremote.db

MD5 3fe30614d7e0d11db870b4624f6c50e0
SHA1 053ff0fc621ab40f2afeddb3e7b4a73ee41ec533
SHA256 67c532f0324228dd33b445cd399c1426e3a0e0cdc7b9358c66b402c5d40a838d
SHA512 c7c09e97a408e88aacaf8099ad4d1fa604d58113393500a384eb3c2eb7c3c105af41314934b86eca2f088045cbab5a20d768bbb295448dc1ae6cb6c3f59821ae

/data/data/com.kongtiaoyaokk.jjjd/databases/hremote.db-wal

MD5 2ab102cd6db930f2810a4fe603b079a4
SHA1 af47638439490e35738bb2f88ab1b688b83d82df
SHA256 86ee9a93cfd4309609b91d4d5351306bd0508282120579b306d8071a2810c071
SHA512 802532d485c8dfee989dc4700ac18f5ef979ae9b42cf3c3cecd67ac0677c9e24a3f41722dd0c2d27e5aef60c40cd167d3e0d7c91d123dc05fe7f8d78d2f40d70

/data/data/com.kongtiaoyaokk.jjjd/databases/hremote.db

MD5 a67c3be0f984f64ca0dccd18122f1d1a
SHA1 270775de7cc1f9d584132e0e3187297d5e48055d
SHA256 d1346a09cd92afb861b9d39a303035b5c3111d723b4e88b2d480ebb27f71ee4e
SHA512 40dc17f77bc32e78d3afb12ff3830fe06369a1af92a1575205090718fc0b52ef2e044eab7a9a33fd517f6b856957888d72c669259523899096140f3e192af47a

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db-wal

MD5 30694cce01e6273c94147bd9b575ad3c
SHA1 ed54a97c0f9e6e2fd97705ad145cbe83f7c7234d
SHA256 a46666b33a61a8497f105b0d33c8f124aece3cd8814ea3d81ce8e65b6bf18918
SHA512 e6a4b99411572ebbfcfcbb54655423d1c13941195d72674bda8d11c973ae52da8b4bce7a9db63719563cd621a4b8fc2810e0ab250bfe65c5f0bf75d74165c5cb

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db

MD5 10f87e9122293d2dabf22d67a0cd2dd3
SHA1 7289116857c98619250aae775f5781a6f6ccf08e
SHA256 1cdfef8ed453337693d939b3ffd79fdf2f7ab1967008fbae30fbc7f0a0fd1a2f
SHA512 c7b92ab5110b0a54933c4416e1acc8f7660a0cb9dd7fa3a464e6cd88ca789feb150395e16fe709a70481bebe355f872fb1f5cef31826aa5f173740705772cc5c

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db-wal

MD5 b6cdd8afdb59d82f5212a4d508c7e14b
SHA1 d6d33b2a2060149f8e73f98d9096116b0bad2e33
SHA256 d4d292c095e44cfbd1bbc762b91bd8d78de16393d70046287baa66f532655562
SHA512 2ef49fbf8b06537b2c6c98d7cc9059aa77de29d6c8a4f464040daf1e9147d1fe5b1d38ff21b5b06b18a568fd577ade3671fbb1a176f1436dd451c6e033ac4f79

/data/data/com.kongtiaoyaokk.jjjd/databases/ua.db

MD5 bff150655ec3d8cb2ebb896422a66af6
SHA1 e80484804478933197dcda3456c3c270bfc2a4c2
SHA256 fac22da54fb16d1c6c96474920e35f646be5c398116e30d56327b2f92296638c
SHA512 a58df99090fb28747d403698fc037ac2382a8a857cb24347661cdf242bdcea97ba4dd683f8bf48018955a033c5be977e4df0d91c9619f463b1e02e474a02d6c9

/data/data/com.kongtiaoyaokk.jjjd/files/.um/um_cache_1716092265538.env

MD5 c78c3469b6a1e3724901097391f96eab
SHA1 78f2123ce3e87f8db6f49ac883658d54cf2c3a49
SHA256 d8bf1980af50a6945a2bced3e5d17e8ac8c21a4ef86a3ea17832275bae3ec1a4
SHA512 dbf617df071c056ae6ec5f6c3a6b3242b448d3f7ecb58c81bb45f6bdf848437ae812ab15a0be188f7d2e7e126bc143b1a5ba79a5794429b1dfcb9da076585f0f

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-19 04:15

Reported

2024-05-19 04:15

Platform

android-x86-arm-20240514-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A