Malware Analysis Report

2025-08-05 19:13

Sample ID 240519-flqpasbe79
Target 58a6ff9ac51e03109c63ae922db35579_JaffaCakes118
SHA256 e9ae6b48c1abc06ac94752fa3164a751bb3b63a485d48f575e416996cc6850bc
Tags
banker discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

e9ae6b48c1abc06ac94752fa3164a751bb3b63a485d48f575e416996cc6850bc

Threat Level: Likely malicious

The file 58a6ff9ac51e03109c63ae922db35579_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

banker discovery evasion impact persistence

Checks if the Android device is rooted.

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

Queries information about running processes on the device

Checks CPU information

Checks memory information

Registers a broadcast receiver at runtime (usually for listening for system events)

Queries the mobile country code (MCC)

Queries information about the current Wi-Fi connection

Queries the phone number (MSISDN for GSM devices)

Loads dropped Dex/Jar

Declares services with permission to bind to the system

Requests dangerous framework permissions

Checks if the internet connection is available

Acquires the wake lock

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-19 04:57

Signatures

Declares services with permission to bind to the system

Description Indicator Process Target
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device. android.permission.BIND_NOTIFICATION_LISTENER_SERVICE N/A N/A

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Required to be able to access the camera device. android.permission.CAMERA N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A
Allows an application to collect component usage statistics. android.permission.PACKAGE_USAGE_STATS N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-19 04:57

Reported

2024-05-19 05:01

Platform

android-x86-arm-20240514-en

Max time kernel

175s

Max time network

142s

Command Line

com.mobile.indiapp

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /sbin/su N/A N/A

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

banker discovery

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.mobile.indiapp/app_plugin/sdk.jar N/A N/A

Queries information about running processes on the device

discovery
Description Indicator Process Target
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A
Framework service call android.app.IActivityManager.getRunningAppProcesses N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Queries the phone number (MSISDN for GSM devices)

discovery

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Acquires the wake lock

Description Indicator Process Target
Framework service call android.os.IPowerManager.acquireWakeLock N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.mobile.indiapp

com.mobile.indiapp:worker

cat /proc/cpuinfo | grep Serial

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 puds.ucweb.com udp
CN 59.82.31.175:80 puds.ucweb.com tcp
US 1.1.1.1:53 api.9apps.com udp
SG 47.241.15.144:80 api.9apps.com tcp
SG 47.241.15.144:80 api.9apps.com tcp
US 1.1.1.1:53 msg.api.9apps.com udp
SG 47.241.15.144:80 msg.api.9apps.com tcp
SG 47.241.15.144:80 msg.api.9apps.com tcp
SG 47.241.15.144:80 msg.api.9apps.com tcp
GB 142.250.178.3:443 tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 portal.9apps.com udp
SG 47.241.15.144:80 portal.9apps.com tcp
SG 47.241.15.144:80 portal.9apps.com tcp
US 1.1.1.1:53 sdkupgrade.insight.ucweb.com udp
US 157.185.189.159:80 sdkupgrade.insight.ucweb.com tcp
US 1.1.1.1:53 insight.ucweb.com udp
US 157.185.189.159:80 insight.ucweb.com tcp
US 157.185.189.159:80 insight.ucweb.com tcp
US 1.1.1.1:53 adn.insight.ucweb.com udp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
US 157.185.189.159:80 adn.insight.ucweb.com tcp
US 1.1.1.1:53 gj.applog.uc.cn udp
US 157.185.189.158:80 gj.applog.uc.cn tcp
US 1.1.1.1:53 audid-api.taobao.com udp
CN 59.82.122.145:443 audid-api.taobao.com tcp

Files

/data/data/com.mobile.indiapp/databases/pkgcache_basic.db

MD5 4386eb855fd412fd336d30a132482e17
SHA1 164253ac97556978a5ead788ec477991e84de55e
SHA256 ae19ad69349c4fbc6a3ee2c96903b3a4b1160ed7775f59809e9dfbad75a97157
SHA512 cb6c060d8b6791fcb1867f761f15ac75383f080d047bc1738af0bf420c122e575376bb64cccde71401243d55cc9e11294fbf608a41f48030f3f9eb40fd7b4bc1

/data/data/com.mobile.indiapp/crashsdk/tags/unique

MD5 c542743abba5efb19b2c2c452b10f395
SHA1 2b33bd8351ee12d2020ee32399f960b0859f32f3
SHA256 ea6ff608702e38c25d99054a47a9a455d2e3aa5499462ba0738cedcea8a0ee40
SHA512 d1b5d4d4bd9d4ff127df9ebbe03aaa2cc21e470bd7f477c53c875bf39df7fb4765b14c0b07246942ffbacf97c788061fc877cd73cdf3ad4424983bf4589d493f

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 b15b00bf90b7c93b3665eda88fbc4808
SHA1 5d90cbaee0798753afcad7e6555a92d2567dd02a
SHA256 92882182a7ffae56437ee1b2b3a68ddc0594b28c1e3a4254920023015cb4b429
SHA512 cbea5c61e2043c01bbf5b0ba79e45106bf011e29447317a4bc66560afb52177f2268f5fd95d84868152b25b1aa4368256392d24eed3f4fb9a56cb2eaa1b27059

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 a87d119f93c98ea689de906ec4b600e7
SHA1 c8bd6a5f9b6c22a2340c0a3a62f4bdf5d08d6eb1
SHA256 78e09103160513d2f9e4d9402c7d6a5f6699fe7f5f9948c6df78efbc1df3b973
SHA512 2e5b8bc7d57c5015e5e945b1b8b9b926ffdf91f1058d36ecff7089078634496619a67cd1b8705e97fdd129eaf2db677c2b887f7bae7389dfff9abc8f41789595

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 9781ca003f10f8d0c9c1945b63fdca7f
SHA1 4156cf5dc8d71dbab734d25e5e1598b37a5456f4
SHA256 3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793
SHA512 25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 6120562a5824d774c08aef3183114efd
SHA1 5dfa387ea0a32a851771f9eaa3bc385af8f1de48
SHA256 b5fa2084bb1eeaa6598733dd484e72b1b1568991e5e0b0caaf4b0955a30eb2c6
SHA512 18ca7cff970fbb4350055721f1be1bf87d2e914698778c13be084481ad70074a08ad4c5c367c460cccf75f41c66e386af4dba365ebe83ce870d63334e89f6b44

/storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml

MD5 e93f3cc5e17c5e4ba6791c8279ee9b18
SHA1 174434f3fd288d17facd0437c37e9734ce671510
SHA256 e903842608964381db62509b2d36f211d6f094d9db0c2884a2f2a1a5080078c0
SHA512 b891de1bbe999fe2162565851e1fe2bf0d068c7db7aadeebb7b4c1b9fc64173bf1ca49d6d6b4edca20fd1a152f977d5be7b29385f9e780d791d374b2d9dc588e

/storage/emulated/0/.DataStorage/ContextData.xml

MD5 63c1c9fa92cc7a48cdf7cced12972546
SHA1 a9379ec3a84aef1cd628b5ed07e346330a50a053
SHA256 6cbe2425469dae9fb38af145ad1c95efbbcc85050c6e44a5243b178ff524ec92
SHA512 07d7cb94b94cf5257eff47d1d57389d1141e6c8d4de307c7f818bc56af2a4289c50ae76bda023c0d892b583ccf941516f710092dc76cb12055e040657a893e07

/data/data/com.mobile.indiapp/cache/httpCache/journal.tmp

MD5 539fc1fad74c9413988dae70373bf766
SHA1 dfcc1b078719d5cc103666498f00b5162c6a4661
SHA256 f66ccdb6afd589e4428913823679e4d3f1e0207494f58130a6d1f80e028a2af9
SHA512 c6d149a8b3023b68f2486df6fcf97a8aaaf6933fd0e148c776c0c2330008fc9e29ece1d0cb228abbc39631246fd3eb09b4c0903e3c915db689a5d23ba8a98e39

/data/data/com.mobile.indiapp/databases/downloader-journal

MD5 2be9eee8050f3166ca9d18c43bb67dba
SHA1 afad7b7a63a420889389ee2c590ecfbdee2d2862
SHA256 b9e4cb002040dab52cb9a05d6961e57b2d2c9936ed2bf9504be33009e79adbf7
SHA512 8a0be03f20c319eff7177010bbc0470b4efbbafd5742033ca14d80ea37c6a1ea4b71ba33ada5e1e64fc993ea02b991ba4847779fa27acad05404400f56b869fb

/data/data/com.mobile.indiapp/databases/downloader

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.mobile.indiapp/databases/common_db-journal

MD5 4dd062a6f9c3dc304b467b6523b1818d
SHA1 b10d2234efdd6c40348191b903d8573531c07945
SHA256 505933f8154d2a1238a5a8675843a13af0e7ebaac2dcd22916b7dbf121fd729d
SHA512 122996ceb2df17757fdab1e2479af45e0a5ee2c98a1388d33e8247d1d9b5991bde4f1e72e0aa154deef2221f93c9c2d485fbdbd0f42e7d32d45fe480e783535e

/data/data/com.mobile.indiapp/databases/downloader-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.mobile.indiapp/databases/downloader-wal

MD5 6d92cdd95b87a4299fdc6569bc3f7ed5
SHA1 176402fc926d2e2cde547eac88497f7176e49ce8
SHA256 427db7823660d6264fed2d5ddf3de0142767eab12be14acd1b61c393b7d6f753
SHA512 05346edddf07ad7451c1b838f4b6161ba8d288e47e27e2a0f622582773484505dfe7e19f2402ee084855d2984efd27b5b1b563ccffeef3503f040da1f784627b

/data/data/com.mobile.indiapp/databases/common_db-wal

MD5 c6ad08ebc2bd79badb71bb37f58b4c2d
SHA1 331c3c132df7f4d31154eeed91ff4b80dcef9fe1
SHA256 5f53a085c1ac4ce822b4f5693cefadaed5d420c47171ddc73f82ff5b24b1e462
SHA512 37050a4cff15b79bacd4aca25f2761e881df5a1f83b352852b9a4d4972aa21f4297d4475b25a3cef4051ec3f06ba4d3eb3d8a36624ac3141d7c777976d82b21a

/data/data/com.mobile.indiapp/databases/message-journal

MD5 41f366fa435bc6284dedb900f632480a
SHA1 8906854ea3e28d5657b2d342269e22affee4ee9d
SHA256 80ec75e2cd5f5a8ab75455c7f47973b0fd04073e1bf7e7d38bce10670a689c48
SHA512 53a18a39b90be09aa67b6413d38b46f7d6276d23c4ec74abcc11fa3f7a6b8b7ed8ec812b0584157fdbc18f0742f6fb5a891910fc7dd6cd21d8c7a576704c2ee5

/data/data/com.mobile.indiapp/databases/message-wal

MD5 b88edc694b03f76d2e2e77e71a80d256
SHA1 7bb2a19e0b4d78878cf7f4caeabf86f85b47f133
SHA256 87cb82e621fcaaa97187b77c1e6ed1f850e4347900dca5683fde60d639dd9e07
SHA512 5c438482fd427280503f4ccc599572c0385b44bb12789a96b38cc634163febef4662f386bafe1486a7cbd46de8049869fde2a3a33510a07363b74f6859f6181e

/data/data/com.mobile.indiapp/databases/WaSession.db-journal

MD5 cba734fd5e6c648fb578d113d1ddc4ea
SHA1 74f7d7556b4046af127c585001c73787a943addd
SHA256 4959d1c574bb05575bc2ca46cbee25b559d3c6b8bd132a80d055ac954c442908
SHA512 8a259f4f4843fed875c7447dedba2d49ba23bc0faddf541a058114e5bb72876059696c0f5120c71eb05b0c7959dda0e7160597d76b7802e1eb23d6cdfedbc5ee

/data/data/com.mobile.indiapp/databases/WaSession.db-wal

MD5 a710d2243412cdacb0cfdebd1f7d9d95
SHA1 162e3f081b5346110f054346f44863139f0266ca
SHA256 0197f2f7ebc231e5222aa58df890fbb650866978aacf8bcbe76474db63542419
SHA512 edaaecd0315c2edd9c09ddb2f50563b8e2c4648f7afe7b261e3ededaf532974bb6b122abab83d9e220c499a23d8d45c0a908babeac4133dec5c4fc37811e691a

/data/data/com.mobile.indiapp/app_SGLib/app_1716094679/libsgmain_1536863620000.zip.tmp

MD5 40f15f4d0fe071d0652fd1e4e4d03d5b
SHA1 6b5fd02be0e736ca160406afbe3c790abd53f198
SHA256 d5f192d7f4c3b8ebd19206979d3ab50c5adc2821fd291fc58691cbfb8f344ab8
SHA512 9739ac9938524038a80e572354d901816c82f6f39a2d6f1c638a2db90b2ebfd10d8d11e26f9729adfaee00607d363acb5149d031d515ef8785bde86a3eafb83c

/data/data/com.mobile.indiapp/app_SGLib/app_1716094679/libsgmainso-5.3.7011.so.tmp

MD5 cf700b21ec224d3bd3bcd210e6424e00
SHA1 7c8bc069087cc119f08c236c435606b7c5d363f6
SHA256 24addb5e5a182e0f36634c2365606283343d75bfb28ac77a91394256b8b57bac
SHA512 a567d67c636ddb5fe32371d87a6375ae0016c90bc1200a0492b6dbd9f7452fb6e3cc0f2e48efbf83ff24d97b6f504afc7f59229546e9f6ea223fbbf31c129b55

/data/data/com.mobile.indiapp/app_plugin/sdk.jar

MD5 4e7bdc12dba237c8a237687d2c1baf34
SHA1 7bdb206603276da76ae32f13f4baae8666680081
SHA256 8fb02d79d0120da325059cde2c13c753f4ad219a2b16d865ce3e227410d2b595
SHA512 d8d8b04f5292ab2eb4b33e71d89a2fc862c819b02f884ee7f3c04e42b65e1f1da5f0dc06451b8b3ef4d00056b945862811e48e5b2241f1bcc1821a556bce593a

/data/data/com.mobile.indiapp/cache/httpCache/journal

MD5 34edb3f4058d2366093468b3bcc25259
SHA1 3d22ce74f8b155ca651bc960a35e77bcad1200ee
SHA256 d222f6c2bf5c65b4e68529027bfabccb7f54eef12a3d2f5e56f8f0c197bdf480
SHA512 690b86d23aa3efde1878acec0900f54e0469b48bff2af1646199515480f2c2c4e056444d224761b27b61206d78dfda8f14628ecaf99873a646263f7d209a03e6

/data/data/com.mobile.indiapp/cache/httpCache/f2502609808030cde5c9275e0fb5e2f7.0.tmp

MD5 f11ab98c4a80633e0ba4aab38950ebac
SHA1 a76b9889ae89e0000832e0e321202d0ae80f638c
SHA256 d918450db066a46b1b551f7b59caabdedc8c1ea50d096290ad8da818401b3e67
SHA512 620b82e8da20fb38d85122e24055cef5d74df211d63c2810caade5ae5c12b5e85bcf8077d19af2b585c075ac89e1bb1df4443f9333f2b835a9a2d059bfe99bae

/data/data/com.mobile.indiapp/cache/httpCache/f2502609808030cde5c9275e0fb5e2f7.1.tmp

MD5 6a248ee3aa9f548a2c026964661df545
SHA1 1f11741704154ac29224fc1be535612ca19c1b2f
SHA256 61b84393ac0e413de62795adb4c1aaf5e66ab7664bdc39b4c487f7b8e77bf182
SHA512 902f1dc800f162c9c519784d076c3ab4db549aa29f7d9345e0eb058e363e683a94b98f3d50afc76b2cbd1c37bcba8fb8fb7d038ece8a9e39bb8347712d20e9fb

/data/data/com.mobile.indiapp/cache/httpCache/7e2291d7ec37206ce48306cd694c4d48.0.tmp

MD5 13a0b38eeeb4ad1098ba72ea58ea916c
SHA1 7074dd2466adcbd9b5eb3fe8c3e56a49d3505ad1
SHA256 1bbec3223b7b835bd745e4bfe661d308db653cd990cdc17ea5a3dc1a4a4f6c8f
SHA512 3ca17468e87b1005b2a53fdeb71cece8fe536801f902beea594503efc2bf6d9adcdfb1b7811ff8b0b0a28dfb0b3512d361712f56e44ba28b81d1a9e4525f0511

/data/data/com.mobile.indiapp/cache/httpCache/7e2291d7ec37206ce48306cd694c4d48.1.tmp

MD5 66559ac6e25f2275449213566d1e847b
SHA1 918e4d1bb264a34d62b9d80cf0f135d421aed3b8
SHA256 dd2b12be6e4c26f9b973672b032449f2a58796f070623cf81847bddc3ad7440d
SHA512 e5ca39856e93e36230ebf374321fbca1696eb772aef72f4f79c719c49c8297c968deea9d425232e42037088f360c992984d6803d0808d26185633fc9f24155dd

/data/data/com.mobile.indiapp/cache/httpCache/edec31cc1813d3183a7b4a20da440abb.1.tmp

MD5 4f00b0e3564eebe49c6cba7aeee933de
SHA1 a71332d249edc400ab4f1878138cacade693f328
SHA256 b163fc6707763389acd531f58aedf78ac83bb377a01faea9f5320514dfa2dc26
SHA512 c3fa00aa3f75328c680bcb3f3ac5505efeb38581d14a3537b9396a71e9d8deb98f11c8fae4a73aad9ba3054ca333e0764068c3000ba5ec97988354c3f8d59284

/data/data/com.mobile.indiapp/cache/httpCache/3b149cf5178b3da80982e0f6fd88c168.0.tmp

MD5 df1d95f84929cbea081e8a6d08bad425
SHA1 eae9654a238cdf07609c705a71331259902f75b0
SHA256 f50228ebd57b4a2e8d6588bf5b9125ae9a12ac3e24a93f5a4268d9d42d38d342
SHA512 24a96b72df5876fcd27ea2bd3add68e9d4a38fc72fc83567455bef2226be7e19f9b38a6089c4da601f0dce38572bfd5a545a87803a32006dc35a28f411f7a26d

/data/data/com.mobile.indiapp/cache/httpCache/3b149cf5178b3da80982e0f6fd88c168.1.tmp

MD5 8ceef651d0d160d167cfdb6242ea3ff8
SHA1 523a461c5be93b85517983eeaeb2862acda666df
SHA256 0a623925ce1959098c5f3d1ddc5533fbea08f8ff9c77ab0b769f906f047079ec
SHA512 fcd20454e7c77f1f78df9246f69ba6adf8485775bd4f113fbfeee39df483795830928b5b377df3d60165c50844c2223103f19401ead9bcc596782b448342393b

/data/data/com.mobile.indiapp/cache/httpCache/aab5e1af2e22273db3d4e78e8f891cb8.0.tmp

MD5 7ac6bb3c2075603a7b51503ae5afb9f4
SHA1 adbe5c063e1f15e01e628974a1754148bb538f41
SHA256 a4227c7686ef47a6e8738ba333387fda056b7ceb3535fdf948536c9103adc804
SHA512 dc7a599c76be437d6a6907165ac26abdd99090279a2668932bc7266df7bf680979f504dc42e3361195056554162bba89eae35f6bb6721f15ceb9c29d9eea453a

/data/data/com.mobile.indiapp/cache/httpCache/aab5e1af2e22273db3d4e78e8f891cb8.1.tmp

MD5 aa3eb9624cb110e6511ca2ef247d4b3c
SHA1 c1096531d66075a17f3c534aff0804ff5a32a342
SHA256 e4c54ecef875b2dbdd2b8699583a4b7fc63f7bd7fce817bbdb8b4e91100b41c1
SHA512 b7da3fc8c35e073b04753421b9763bd0cf2e6fdef35d6132e2f169d58d5865f36e515381467292ffe44e1df1494a2ead5452c23edc5077bd5fa72a38a6af69af

/data/data/com.mobile.indiapp/databases/WaValue.db-journal

MD5 8acacbe601f005d884f8a894036c8953
SHA1 314a741f35dc7ce65e26fd5df08233390722b913
SHA256 30842ac92f38675d2bd03de0f186225b6e900c72f5fdba992ae4cc41082d4436
SHA512 1d0a649766134b07bbecc71e2248429105bfdd89ce43206dcd852eada88c24bd02e52153375739129269c1a2fe8a8edea173bb6ffd34c812f9167176267a36cc

/data/data/com.mobile.indiapp/databases/WaValue.db-wal

MD5 b0f42624c74fb90fc664f5c1156f6b0d
SHA1 4c0d71ee3af8de3cf253aec9c676316c20f1d058
SHA256 afd23a1e48cf0be84de857381a98fe0dfad6203f1ce38cb451d1f50403398eef
SHA512 5e3d524b68d80b275cea5a37ad3e1b53d01dbad21771a1a66d47e78c2429da2dd910b61c10e6eb5445ccab0e20e23d7fa1be0690b2da3d4a7d4e918401373011

/data/data/com.mobile.indiapp/cache/httpCache/4be91ad5c9767d96ebee7f1e7e14e95b.0.tmp

MD5 fb4ae4207ae33e81871511dc96765db2
SHA1 9e14ce72f3764ed598b8bb34fb373af1fdd49f09
SHA256 c00676da09d3f9a906c66e785865148d63474f478f3a4d0d9a3282fabac48b76
SHA512 eed03ecf010bb3fc404fb3135faa65c52b7669a814cff56fe69b959a2ee5f8a586083a11b11892d1f28ef621870d1503683070c8dbdd076c4ccb5478bb0ca637

/data/data/com.mobile.indiapp/cache/httpCache/54ad233f6074e1b25f85067d42cc60d2.0.tmp

MD5 87c7a5b9dd3c9a7fad0b10e2ab877f3c
SHA1 cfd22ff61600dc238643313ba78cee166cf01fdc
SHA256 0bd3992a2d1c5ed3fcbd92cb131063b3c997fde06387e213aa34b1f2de7fb48f
SHA512 95c8d01b5f22347b2df16db921aa0bd7608e3871c7c960eb32dcf010a97672c58d8fc2132bd6877b5846d998969475719fdcfaccbc468009701fa1f59102fc55

/data/data/com.mobile.indiapp/cache/httpCache/52d88e7f039666b1e7bcdab7c8983d49.0.tmp

MD5 8bf8e128ad62cad28055ee9af73c3d7f
SHA1 ed0450d2d813ae996a334803a266776799c32704
SHA256 76cfce47d505b92a2cf31c6e60177843e38f6240dc80a41ff80f1425fc65ba37
SHA512 e3e25feb194ebd6f470991e20796292645c9a76940be3edaf3a9c99b4d4b3e7a3cb7652d32a839437b1e1c25ab09bc78d89480e1128a5123364badfe5d6c7005

/data/data/com.mobile.indiapp/cache/httpCache/52d88e7f039666b1e7bcdab7c8983d49.1.tmp

MD5 a7ab45cc5977d366af00bfa07ee3a948
SHA1 67dcec450c4e867f14507d66da8d9d0a690748bc
SHA256 555cc177c5f978aa1841cc2aeca148ba3ebc4590e506e37c2f690a76e0a38011
SHA512 fcc55193e2a8fbc28898a8c162b9b707039f6dde11ffa030bc9940003f6b8ef6f9ad4a0f47e2cfa5f820f08bde9a3cc0096ff2302baa4c9b82269c4b28cdc12c

/data/user/0/com.mobile.indiapp/app_plugin/sdk.jar

MD5 75a4cbe3a9f3197118d02ded8db72f42
SHA1 9a830d876acb56773564118bced483680d1cae3c
SHA256 55d2e061b1b6e5962a6538c5b3ef32066f78e835f5bb7eeee3d914f5e760e4ae
SHA512 c9070d2abb8106dcd2ccbf8178d8a5eed2fffcf01f513cb2bc4cb0b0b6af0f11f46c110c3b40514bd3634bd5a90d80d004f7711fdf794dbc539c5835069cfade

/data/data/com.mobile.indiapp/cache/httpCache/88869b922a25723b81d43ee1624f09e6.0.tmp

MD5 14754a6b8349669c53b703cef9f07f6a
SHA1 12535c251ba6a82b19fdf14eb5ba1a9af502fe1f
SHA256 ae5da485c96a42f056218c11a6c5703f958f3f245125c06878c32e8e916a2d66
SHA512 665b3e760236c3f946c2f948331019d6ded22878e84ee3857aac3d5225edac2357e07670fbeabfdc38ae947cb19b804a57ac6703a7d96bd7a62769f96ae921a0

/data/data/com.mobile.indiapp/cache/httpCache/88869b922a25723b81d43ee1624f09e6.1.tmp

MD5 bd105a271b1bcbb5d97ec69c8b8e710a
SHA1 50702b94cf68d1ad1c90d3e40f3d35f067621995
SHA256 dcc1d918a2bc3fc5ac4c01ac2ae5bb32a3c58e71e7b5309e0580e6ad84a03c60
SHA512 7abdddde39a41b9fb81bcb8f34dd4a3dc46c60208a0b8e63286be66d722fa7dc735aa02837d47f071ad0d51b8e99674a71a39982a72e39e3a46f991a88d7ef3c

/data/data/com.mobile.indiapp/files/work/PBUD-4241-1716094691250

MD5 1768f538e238bed7d690e8c18f25d731
SHA1 87767420c26f139ece985e6f75963a81bbacafb2
SHA256 9128512d12ffa2ec9fde7e700aaaf4a3b93f6625addaeb5d7c7546b476104960
SHA512 dc47a6cee9d31fcd971963f73d9bbb2be9aac849a55d27353c9ca485267ef065185771e92f5d3391f9307b90fb1b046f220270797a1964c37d2fc02399ab581b

/data/data/com.mobile.indiapp/files/work/ECPMD-4241-1716094693670

MD5 e52a7f9b561773e412974e5364663400
SHA1 1ab3a66be7cb5d317cf7e7f152eec1e58bdb3e3c
SHA256 29a627c977d3a4c60df89065e2b1fd01d422b379adb1d1420cf5c2a66d5e1362
SHA512 432b4d36c27e695ce2ce7262cbfb2a7ec30fc37e8fc5f9a3fafc294804791a639d66e36970f052b0ed071282ae495ebf55c85a3d055b3d930b5edf13adab1612

/data/data/com.mobile.indiapp/files/work/ECBMD-4241-1716094693754

MD5 cda49460d78a4de4b3ba74ff54ede357
SHA1 02912b1ce38a2f12de2962f3346ca6f50f293b3a
SHA256 3056f5639a6215c4eaca34a6d7e44202ef57566d27ae1b72cbb40feea9072d39
SHA512 3144d65f2b52305875ce443bcbc05fb19a627e1fdf9635cf9cd791b2b9593e244d2e792c183bccb36cf056b4c9cc23ce6ae1f061bae284e457d322da87c1d4f8

/data/data/com.mobile.indiapp/files/work/ECPMD-4241-1716094694509

MD5 749536fcda74c231337a3e1b278e3b0e
SHA1 23ef21ddaa14306462188f34d33ae89e4cf21dfe
SHA256 2ed6ccc69242684cab5d79ccea5ce3f2dc147e607d88dc4cef430ab0a4e47d79
SHA512 18229eafd7ebfb14af6fe18aa353330f437968eb4224c9d3ac77177b9a13bf40e99c0280e1247e8ef0a2b27a417388d413103de6cfb0c69ed4a3f178da6ad5b6

/data/data/com.mobile.indiapp/files/work/ECBMD-4241-1716094695177

MD5 04fc042f96d30b1d17520d9587ed9a18
SHA1 651b0619a7e19a5af59a5f9dd054783fcbdb893b
SHA256 e103b71f9e01d212e1442130c8123f730336467f51d4a37ab8f5efb596b2cfb1
SHA512 663e96a71f429ac060f2b2ecfb189e77b51c8d1763652ac2bb90b0db06056fdb96772d1516e9ac32c68b3170d878490318cd940ec488c492c271cca3f7d16ced

/data/data/com.mobile.indiapp/files/work/ECPMD-4241-1716094695241

MD5 82a97163ab87bff4790c209cec6034b9
SHA1 d2ff2cf8fd78a56e9b8a771643c773149f3c0dad
SHA256 240ac62d0d7c5be5699bb6b3792a8278001ce1ee39e9b37acce8502a9acd1613
SHA512 a91e93e96e9aaa09bf4abdf1d72e1ce3a364bdc4e1601eddfaac72c42c1e01ccee95f22d7d4b98149c0b0e16d32578b8e3153ea4126d6953306996080100bcde

/data/data/com.mobile.indiapp/files/work/ECBMD-4241-1716094695417

MD5 b53c1e6379c84db2bb626c39a55ef2d4
SHA1 4348f6339f77e71f387cfdeb161a8610709a986d
SHA256 f0e9309cb26d8131b62a7698b6db253928cee5edb821c7d720763dad73b977aa
SHA512 e1286486e337a3f7a157f3dbe6e54a80b684d7a8effb7b02f3471eac40f272dcdc2b385d173ae0a59c1248ca3791d7a37caade2ee3415106e1ee4416eec3941b

/data/data/com.mobile.indiapp/files/work/ECPMD-4241-1716094695538

MD5 2dbb10a97e9a62dcc18b429cd468bcff
SHA1 a4bf8da17339167ad415c9211e555e9d55beefd1
SHA256 ed7b6e080c9fb073a041f1fbdae0aa4b24fa3c57a6081a66c0674a391bf400ad
SHA512 77973c2c8e9890c0ca54f6fee3b8bf9d0d6a0b47e0cce0c25da614fb6b3c05b70051d87c19e2c6e57f1c2c18dfc4848eed83cc7e2461575f1f597d34a17e92dd

/data/data/com.mobile.indiapp/files/work/ECBMD-4241-1716094696229

MD5 58205bd365e7655f368851b8806c4935
SHA1 ee81aecefe22a9d5b94c36ea55eade1cc47dad4b
SHA256 3d1076f151505ebe545e65334c1ea61350f7ef6cf2dbcfc62b348a40b4d52aed
SHA512 e12d5bfd23a7d98f186f39e5f5c83cb96d83e2cf519596d37522de74f5622112609b08b2f4c89960dfb806d684ad666159dbd328e5effdc7f131f5a6e030c6e1

/storage/emulated/0/.UTSystemConfig/Global/322a309482c4dae6

MD5 a5d72c9f57ddbec78deabcf6d57daee2
SHA1 469effaf5166cfcc51f5ad521285f008ce17497e
SHA256 de7e5c12dc2f2acb53254d09bf0285edf708116766e25b36c60c1e252ec574c4
SHA512 4e7838eaee7c6161849df3cddd5a82d7b829b80b53ac00d19acfa70738dd2d84e5171dcbdcfaf147ed1a8fca67a2571dca237c01e95a1b17839be51fc5199b6c

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-19 04:57

Reported

2024-05-19 04:58

Platform

android-x86-arm-20240514-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.34:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-19 04:57

Reported

2024-05-19 04:58

Platform

android-x64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-19 04:57

Reported

2024-05-19 04:58

Platform

android-x64-arm64-20240514-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A