Analysis Overview
SHA256
38946992ae547ceeccbe9282e18769f7d921d55c7b62f41a42f448c7e53983a9
Threat Level: Shows suspicious behavior
The file 65802c85ecd70712ed4d040b19a80d0e_JaffaCakes118 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks CPU information
Checks memory information
Queries the mobile country code (MCC)
Registers a broadcast receiver at runtime (usually for listening for system events)
Obtains sensitive information copied to the device clipboard
Checks if the internet connection is available
Reads information about phone network operator.
Requests dangerous framework permissions
Acquires the wake lock
Checks the presence of a debugger
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-22 01:20
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Required to be able to access the camera device. | android.permission.CAMERA | N/A | N/A |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-22 01:20
Reported
2024-05-22 01:24
Platform
android-x86-arm-20240514-en
Max time kernel
168s
Max time network
151s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Checks the presence of a debugger
Processes
abnehm.app.low.carb
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | semanticlocation-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | dev.fitnotfat.de | udp |
| US | 104.21.57.56:443 | dev.fitnotfat.de | tcp |
| GB | 142.250.178.3:443 | tcp | |
| US | 1.1.1.1:53 | app.fitnotfat.de | udp |
| US | 172.67.159.144:443 | app.fitnotfat.de | tcp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.187.200:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.204.74:443 | semanticlocation-pa.googleapis.com | tcp |
Files
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | d5aad8453ac1de97807c076fb38b8666 |
| SHA1 | be325e95cc64292e2c8bd0037ee2515cf3a47016 |
| SHA256 | 217f9853d7cab3e4e0ff0f14cd2d7eb3f7926a34ca43c66d2224be963996e223 |
| SHA512 | d4d4f5156629f423591c08b3466f8e597c8325f58fffbf14505327a799865eac5051681b656d9f6482f7b7ab9318e22c1f689c7af2511495e899b2edb4473d39 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 9ebc3109cbd46dfc30afe322c53b9328 |
| SHA1 | c29c74e775cc7e1340b0d31cefed10e7c82c4dc9 |
| SHA256 | ddc6b71b0d6e99044d976ee702d710264836e07b1d37d483fb3cf2b267bb7884 |
| SHA512 | b754718c467cf0d7e45a210e96e6a8c4572c426f4471db8fe5382c81ab4300c7e6c81a4103936ec9e796947eab327c612268fdb88e22accdde43fbc87f4e9cb1 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal
| MD5 | 509ec0d1ce0dade20edfcc813d840d3b |
| SHA1 | 1c3848b9ce00bdc1c5e77e9c0dc4a7ec60f23072 |
| SHA256 | b4bc770b26b2c36228caa9c582ccf7c85dcf38753eeb3039a5ffe9798c9f8bad |
| SHA512 | d83f78fa4d765c1cee876637209973699cbfb7e389c20838fa0c3e62cfea204d1aec6c49778aae15a261bf6980ed98d0a4c93c9c2dcaa26d0007ef9e017746f2 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal
| MD5 | a7751f63a4ccdfe94ca813e7d0f724b5 |
| SHA1 | b02d25f23eff2dac1041197b415d4a7028537399 |
| SHA256 | c3372ec6816576de89fde291919ea39eb20569eaadc04b0713b87067bb5a8a96 |
| SHA512 | 14dc9f20c7a617d0202ee4725ffc0363bf1df58d6e5bab1890582dfb1d2b78371b86ee3814a9872d08e68c0f4729ab0e0c9efa7c7ad9e744d5f76d217e510351 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 0ea367b643f440a4351d69ab82b0b34d |
| SHA1 | 24f501bfaf67381621a7db5a3a16d471bda55dda |
| SHA256 | 093d67ba0a3415207294687421fdd37cbd47f32882aaf2b08816e3fde114c5d0 |
| SHA512 | 99de45d6813b81d9c70c81e07ee21bd9acb593bf8047bc4eef2e367fd0ceaf28cf4444a348c5305a07ca2cd61e80b27acb1b6921d8f0ec2e44d28ed8c870e4c9 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 022ac6bbdf78f08bcdb123173d04387d |
| SHA1 | 8579ad9e5242335739d5427a9944833c03745fd9 |
| SHA256 | 14a686aefb9348e9e01db39702af08ee4cd474dfbbe8a0323c2c70cb16702874 |
| SHA512 | 05f894969b44a9864b3af8ce6441f7b11e58501182c93f45baf7601797311eee021c9b94ddc04310403fbbc5b98d562e6517ff0499ca274a5fe470f7b1c5b650 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-wal
| MD5 | df793e8ef603bdd30d22e3c9f458d83a |
| SHA1 | bc8c6e14afde176e279147f6a1a40e0fdf336f5e |
| SHA256 | 348aa9f78940b343d594ae92d5a60da09e54f47b867fa454351b8d16cbb10b80 |
| SHA512 | f954d25bbf18b4565aeb4d66c4e94a441cc8c15923c37a9aa9e5e478f62f5dadf728a8d34e0d9291e9a68b22cb9f984cffb36ff6735d96b143130804ccbbde67 |
/data/data/abnehm.app.low.carb/files/gaClientId
| MD5 | e53f15a0f884b00e2c96573cee07ec32 |
| SHA1 | 20b26ad4c7f14b57f1a2789dd3c342b450f10049 |
| SHA256 | 6af3ae6194f677b038dabc705670821d949f12ed86d1a7bf223265820943e47a |
| SHA512 | 578d4e5e47a3457bcbf686d91d6f0d3fc63397d24755a0115a137f25bdcab1b05793b2cc61a37fa185de79d9e9147730ae19539636185cdec558fa70d93abd81 |
/data/data/abnehm.app.low.carb/files/gaClientIdData
| MD5 | 550aeabc11823cdec5124d424d9e9fc5 |
| SHA1 | a2efeb35a955f937b03cce425f448d43820d8b66 |
| SHA256 | 671af055b3d6809c26fb1a6ef70861cb16148ec3ff5e69735f0b6eafb0a77d3c |
| SHA512 | ab75148b6e180059b80510baa6c64b56378fe4a65c2599010cd1ffce3f4fbb98ea2b65d153f9e4260bf212a269d9ef3f23494496c1bf3686489c80318687d3a5 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal
| MD5 | d2b5f88a0d95ef73b957460985334518 |
| SHA1 | 5792256076ef20fe2007c8bd73ac4ecfe60e0690 |
| SHA256 | b632afdc35dc6697f81e9512a21002b4783eb073871f5f0c86cf6282848273c3 |
| SHA512 | 553b494905b66567c89f04f5b0aa273b80ecf262c79e0a367d28a615fbadf21f26ae289f0d7a1ee07feeb60d796571245a78633cadb972216918f1672fdefd77 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 06d7cc120e8fe7ebffb29168d20e710a |
| SHA1 | fa278e2a3669003ec13f95fa6f16b642ad9d2c97 |
| SHA256 | e2bf721278e5b1692f33e8cee87019d380a9d648b7e3830f50030731c2c98f4a |
| SHA512 | ccc280e6da5839665165d35d1af74813b034eeb24aea21e09fa342f921c0664b0b4df2b7266d83f3fe4963801a2f77b7cfd925a3d03fcaad40eeacaff9cfe21b |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-wal
| MD5 | e6d0f3fecd34c72516e8eab5bc16222e |
| SHA1 | a16fa41920a373389691678cb022508e90a0be21 |
| SHA256 | 8e9ccceda4830643f0942976d5d1ca00b444cf014632d87153ae506bbc0b183e |
| SHA512 | a13048ff298855eba25f49de9b8474d5670c133db91a9989d1327fd584985e613458b07b49e280a50cdd0ce30e94d5ca73d6f13eeaa0ff6f3b9b8cfcdd4a183b |
/data/data/abnehm.app.low.carb/files/AppEventsLogger.persistedsessioninfo
| MD5 | db72a1a17e9f80c711a359f2186e2015 |
| SHA1 | b2918ee61faa8a6a2d735eae5c562aa9b7f22e07 |
| SHA256 | dfa40d2663c0055d13a4822f505f67012d25741912258eb9f994a9ca353cb747 |
| SHA512 | 23a3869283b362bae591e3229fdb2b3fc5dabe75858476d58c41adf52fa983e171e11dfdd23d709cd5b33223cec5801f1b3c21de531ec8028ddbfddfac8c21e3 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-22 01:20
Reported
2024-05-22 01:24
Platform
android-x64-20240514-en
Max time kernel
169s
Max time network
145s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Checks the presence of a debugger
Processes
abnehm.app.low.carb
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | dev.fitnotfat.de | udp |
| US | 1.1.1.1:53 | app.fitnotfat.de | udp |
| US | 104.21.57.56:443 | app.fitnotfat.de | tcp |
| US | 104.21.57.56:443 | app.fitnotfat.de | tcp |
| GB | 142.250.179.238:443 | android.apis.google.com | tcp |
| GB | 142.250.200.46:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 172.217.16.228:443 | tcp | |
| GB | 216.58.213.14:443 | tcp | |
| GB | 142.250.200.2:443 | tcp |
Files
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | c63c365e549ca67279dd1bce86d8fb86 |
| SHA1 | 82e443ad415ec2a43b0245d448d1b852c459d72d |
| SHA256 | cdbe6686b086625afb92a59e523e9985f1f082eaedd083c7cabd4637a7ace02b |
| SHA512 | e43ece1ced652718ed3ad9985617dd63270b925af3cf1b0a1b83917db9202fc3f357ee440ecde78ca348d5f2bf2b2023f7a23e0a6877ca1c8619f349354eb5ff |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | ad35082fc6d893226de674208837fc98 |
| SHA1 | 6c05cc001c06c075dc9023cca4bb1e4227d8ff23 |
| SHA256 | 09e03eaac161037479784370945734291e43123e53c2236a503c70901b1a25bb |
| SHA512 | 5be97cf0435f3ffac51a9f03df2fb291c02e52b1c1cdd8f4bc9bbbef389e4f6fb3f38aad31cbde3e8179817f508fafa1311b1e9a31452a6a13ce3dc7c0eae8c3 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 60c234e6176b97750d98fef5604e5ea8 |
| SHA1 | 4909963a349244da0e92b110926352acb7245182 |
| SHA256 | cc912d56073ba0c07b21a1cb61185106f9f55c4818097513167672c1d206c821 |
| SHA512 | 2e5806b09245088fc59af40941a637f72d7c0fafdec6a7efe4c5cce079f1124767284666ccf2e6fa70bb4782301cd4101bd35b627f9728dc55e5d3a2cd9fe587 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | d342b3137740836263d431ca50085f0f |
| SHA1 | 44170ccc64ab634ebbc291c147ee52c254234f9b |
| SHA256 | a67ceb1d682753f9bc71239ee5341a3a66decb8bb398a9172a671596705e7b73 |
| SHA512 | 5b87d560d222037a84898b25d46dda9636c105c6e00b429806282ef3b584d6b9c0fd3038382e7646a91512a39af3fcbcbdad76f7c91f432ed7dfb5131c162ee7 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 953b903620ccb624ad649b169242d1b5 |
| SHA1 | f3fc4297988004d5955079e34324428b929fd7c0 |
| SHA256 | 5027c690dae6897f250d1714ad978b252f21110af97017777d133681c375d1ea |
| SHA512 | 9b1ad439e4de9dcee3ca5cac29dd1b37269657cda3b6ba6b00c569e6c739505d6b2d560af31cfaac3dc0bf167e05219feba310aa341a3e02ffc4c0642a0cdc6c |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 46ac0a907f03ad2826cecf12ed4163c8 |
| SHA1 | fc2051f9ff34fb5addfbb040d5e344f87ca5b96e |
| SHA256 | b1e5d3fa3dea3d17fb76f46e60af3b4c9e2baa5bd868d1127658ffc7610db129 |
| SHA512 | 193c657055e134ff1940cae935e11d3c03a54db66504ec995363e4e775762238afa03148efdb1b88ca255ed7802260bacefece5f8710254adfd015239edcea5a |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | bb2b176f4e640944adb894b7111ab3db |
| SHA1 | 98ffb1d5abb012c13af1b150360a3fa2b7571670 |
| SHA256 | d9e67be8326c7bef2a83a6e0d7638b5bfa096ca7ef109226106f2bd2138082f4 |
| SHA512 | 4c84214a9b6b41cb3b19a80a8bb8eeb4eef6d05a1998ab99b5acb57704636bdfc37c4181f00efd0f75c2cae77f2b3518a61f2f0c64a87556feae1a1c0b34f2f8 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | b85feedda18c19dbeb68d8d9ee57b0e1 |
| SHA1 | 6f13a26477cfccbc9c9ffed1b73fb7eaaa974d94 |
| SHA256 | e0e93ac13882d59f1d1a9da82dcc40384665479f020cab9464dd04621c9c2e29 |
| SHA512 | 192130680b7ef7d5c5c408f12d068c793541b8e9f0ba1786cd3844ed7e4048e5126b8eca0978ec7a9a0d8bd55bd25b26555bcbbad8c5277f695a936d4d976418 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 2a3ad9a7f972e571e7ffe5abf8dfdef3 |
| SHA1 | 758d92e10a10feba661de97b23d95682be0a8b8f |
| SHA256 | b1f50f7f71f7bab31904854e1f4ed2c453cd5fa5ac5b7eb1ac89c6139ca7508c |
| SHA512 | 4f5a4bc3a3923303948991d3a40a42ad57c294f2db5642a4e334e71aca0962f451e718ac0e6af06801c0b28e9f4e67babd19e11aae1236af59b2ed29001ed4b8 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db
| MD5 | 57ba6fb5c16cebb2b377c4c0dc8685d5 |
| SHA1 | 43592bfe128adfe08e02ba7b43ea176002ec42ab |
| SHA256 | 891682a0bbf599999c187279457c34ab477263e0ea3c6b27845bac574dd49081 |
| SHA512 | a9eef032e9f1de03fa7b4029fcdea7e86da8330956feb2362ebf82b4fde4359f004c67a7bba8c6a874448ec870894ecf4675bf7a6f6c929a3727520524a73e22 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 5c2d98e4fe4e770b64aa36b985d01f70 |
| SHA1 | 881e6c849bc08ecb26b41770ce1da9549b6dac6d |
| SHA256 | 12951d00ce3761de69987d8c59ad7b3a9c1184e9e1e2cc6339a7a5e584f79de7 |
| SHA512 | 5146c79070c35f36311106b930413fb83b5b532cb4572f74b46778f26def9601d738c4ea77916c84f0bbafb08cdadb1d0e7511793a4dd5b3bd775a4f6e468e2d |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | ac245488efb442a07865b5785ec7a035 |
| SHA1 | d770cb5e73c9554d9df6cb4c1853a8e2577e94f0 |
| SHA256 | dd80b5b69dc5b30fdd5c2c3587a1aaf131ae3bb35094b21a9759c6a06001b465 |
| SHA512 | bf896c70619b4378660b3e6bf20214b9cc7b864f6ee4195dbdd06fc9b03372b3db1afca342ba75df03f32fc412e01f6d3a9b346de758bc1fab1ba7394e273588 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | b1484ae733edcc7ff083621afb32108a |
| SHA1 | fd9e758a6b44ce81a93f7f0de4a575dc70d0c810 |
| SHA256 | cafd6931e79e60becf2d20c1180c9d9f9c13424cf4951ed6bf5cfd7f6f5763de |
| SHA512 | 9cd48b91e6667994171d64b7367cbe944169b971bd5950a6a28d95b0b7e591f18258e2272bd76f47fb924615454844992f0b13551d5a36481fe79e2b715d608b |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | a33559366c3230163fbe2521a90ab043 |
| SHA1 | bba87b0f4657be6af780c14a27ade4e74e7d573e |
| SHA256 | a49f4e66fe40db685dccfc096674bf56d780dc2f2e6e58ef4b4ea3acfa94bf7b |
| SHA512 | 6990300c466ec9b3bcf0384d656e62cfe531eea31b20b879da57ee1187b52bac041d5f0b85e4f9e107b37291e033f365e82f34b5c7c21c6a5092eab1544ecd9d |
/data/data/abnehm.app.low.carb/files/gaClientId
| MD5 | 19f3f001afa869f0c97091c7bf8f87ce |
| SHA1 | d5d589c62006f5a8fda174810ec01a879325b335 |
| SHA256 | 5d315dd24a5855ab737d3b3357ff8025cf5e432f29baca1f315ddf58040c7769 |
| SHA512 | 48b2b70ed99a6dca9cabde1f726ba3d254f0ca8845b1bd06de5987c27762a0e347ae47b4241d43ceb381ffea27a478ce9ba848faffb06518b9c49164031c602b |
/data/data/abnehm.app.low.carb/files/gaClientIdData
| MD5 | 839510cfc6cd6daba25c6d686a8b7ff3 |
| SHA1 | 7d2c20d1f3eca36fd998c48dbc5f0434318f85eb |
| SHA256 | 43a46ab91c3dfc2bd182c782e7910e1cff85f110218d643453010faba7f4c0d5 |
| SHA512 | 1be5b46090c22194da887888a196a6d98e010f48dce461f87f98033437300006b5240a1dc5a1ea08f9c7e30bf6aa5b8fb185e88aaa1424ff25dd0340baa01809 |
/data/data/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | b6aa3c34b0a4805bf10250d62fdbce6b |
| SHA1 | 9e05c98ca201360c18f7e97617203baa2a523a1a |
| SHA256 | 6f5819d7bbadee48a71f1db0d6f340a924e3787927f542abccaf0d1eb4643b28 |
| SHA512 | 08c4e18af65eec55fecc359e18acbb88ab11d9c09365f5e6ddb0a3129c9ba9891b5822ad4e8055e6fd4eedaf9394252c7f1663eecfc38b758ed2b70db4064da3 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 920fa42790f09d0ebd3d51921d7cfeec |
| SHA1 | e6ffe9a6c4d72eb413ce8773168cc2a3cf118e5e |
| SHA256 | 05a76ec527d7b97a9f83de1ac2a3653263acf84fa5cbaac73433db144d0c2e9c |
| SHA512 | 9fa40e47be37defe3be983fc94bd470e693ad6c82b37c368230a60ce1c7535aa00deaf44035fdbb9bf32ee154e5b14cad578204d9e935eb221cd0cc1e8182812 |
/data/data/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 05089db8f2b9c1c2b115c85f55c1105e |
| SHA1 | 9dabd312c02908d7efc637c8b405787acc42fcd5 |
| SHA256 | c97d0dd720551529633ee1864b0be60453390e918f7d4f5ecff07dcb899bde0a |
| SHA512 | ec8db49a23d5b86c95b7145b9f7de39eaaaa7fd08a915ed2655db72434330f96e6b45d54ae97b5bc554b35f0ba6a31a86a9894232e3d975f5a00a770c7d43196 |
/data/data/abnehm.app.low.carb/files/AppEventsLogger.persistedsessioninfo
| MD5 | 9484454072df79028a339d6397e3b3a9 |
| SHA1 | 040c0e8e0819fa2e07286220d8cc9db24c4937ed |
| SHA256 | fa6854eee64fc3179c05e5fc75b3a5b9fc3db5e17d4b7e9747ae93d774cef5e7 |
| SHA512 | 67df761f5c061c742f99af9b3561bfe0f41071bc3da6dfe50c6f2e83d881313c6bddc8182479e1307cf8df644524f469f676347b4e2f9053ac9f6b0e048847d9 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-05-22 01:20
Reported
2024-05-22 01:24
Platform
android-x64-arm64-20240514-en
Max time kernel
168s
Max time network
133s
Command Line
Signatures
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Obtains sensitive information copied to the device clipboard
| Description | Indicator | Process | Target |
| Framework service call | android.content.IClipboard.addPrimaryClipChangedListener | N/A | N/A |
Acquires the wake lock
| Description | Indicator | Process | Target |
| Framework service call | android.os.IPowerManager.acquireWakeLock | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Reads information about phone network operator.
Checks the presence of a debugger
Processes
abnehm.app.low.carb
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.14:443 | tcp | |
| GB | 142.250.180.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 1.1.1.1:53 | graph.facebook.com | udp |
| GB | 157.240.214.1:443 | graph.facebook.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 172.217.16.232:443 | ssl.google-analytics.com | tcp |
| US | 1.1.1.1:53 | dev.fitnotfat.de | udp |
| US | 1.1.1.1:53 | app.fitnotfat.de | udp |
| US | 172.67.159.144:443 | app.fitnotfat.de | tcp |
| US | 104.21.57.56:443 | app.fitnotfat.de | tcp |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.238:443 | android.apis.google.com | tcp |
| GB | 216.58.201.100:443 | tcp | |
| GB | 216.58.201.100:443 | tcp |
Files
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 4fb71c538aab66600b9b77fc8cc16492 |
| SHA1 | 939f9fb98cbe54492c053e8551f5839fcf42356c |
| SHA256 | 1397c576c5cf45078d70b4a6b2894d8a2bf97314afba5bf4cdf7af54ceb886ef |
| SHA512 | 28266903188d4cf2f01e70ee2f0248bdc05712c5bcb68e5e955b897189c53fde902030b0657a9ee4bc6ea63eb835c964b55dcae2173ee4edd482b712f0381418 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 25eca3b922b272489aa70a396145acb4 |
| SHA1 | 9b3c1153fd7982181f66deff07d8e5222ba50cc7 |
| SHA256 | 30c7938df96236f12bbe4dfd5aa7e446504c5d7511cc8156292d54310bdf4957 |
| SHA512 | 5a197e544fdc57b1caaeb693cbd5ea63eb47742f09444db70c7b67a12dd17a505e27c53dbb4976a04b9e99ed4505a4231e50497d0086e356ba57ac67bc6c6213 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | a9a811cf3da35d3ba8aba8ccd6fcf420 |
| SHA1 | f3a7f1705f8a6a147109092284f0c0f0764fc1d6 |
| SHA256 | f1b48dd7de056934df864046d8fdcdea058c5b39d6a1e56eda7c04f48617824d |
| SHA512 | 2ec3a3169ff4c7ca56668e5ea1e191cdfd532ae28993c75559d946ec7434dd753e98f18562bd111bbe5531d25628fbe0d3fbc6078a9923e78941217f397a828a |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | d56795edc68dc5a7453d59eec059a608 |
| SHA1 | 0dfdef9cf606c7854afee65d5ca00d9e2e6a4717 |
| SHA256 | 14a2a2a5d605ffbc031481af046ab18527983c8dad41002bbef07a48695d6f3a |
| SHA512 | 3a7fa1db48c8b5e782d17614290aa286e2782ec87ec519d31ba2f7653a3c0f4d06a77ba06d5e4713a0404c201d948c89dc5d9210de01697824f68a2232901d6c |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | c4b1ef4c8d7910c8658c983597c2e1af |
| SHA1 | 3b698c4caa0aeca651ac9dea0fc0c303cb7f0abe |
| SHA256 | 8dd44dbf2288fc7977a40a0f96cf564b9793862dde591e9b203f6d5e03618ac5 |
| SHA512 | ea91bbb7633941b862d7044816e186d4da067e24ba55c608d8f3cacce8f57b73ad3a35573ab48617caa2fde7ab15456ac7eebd8f831d2240acfc9a2bb0ef71f5 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 56e3eb7332ae1cee49be3c5f4472fd23 |
| SHA1 | 19b6795307707893297534b4b412365303911b43 |
| SHA256 | 35f355890e99cdfbc42be6e81b7af781e2d9e95d2d995cb7adbe21d36e13b8aa |
| SHA512 | ead7132ec809bad1c6f6000d51f5c8a1eab34748f58a0bc2bc6d670f119785aa29c212130f505af1f1990332317b609680281807ddb25bd30de02a8113dad8c6 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db-journal
| MD5 | 351996a5909288ed4c9d223e61637eb7 |
| SHA1 | d77f51e819e50535aa5b44e356ab82004c72360e |
| SHA256 | 3d6996e41666f7cfdf03422e10d46454b5ae03dfc9b425ecba87a4740ba88d2c |
| SHA512 | 8b7a6b33090ce61550112a69fe4d071dfbb9d33ac04121c77bd31b05b9a2184ac94c5cc70a02b24ea71dd2ffb4e4fa3c07ae42a44a5cdef0f6f3ce54948d86d7 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 63f92ec5018c647fb744e7bb8938af72 |
| SHA1 | caf694b838fcec93e7f1b5f431b764c5abe21b26 |
| SHA256 | d9beb15fc7450bc44f012a956fcb38086e2f2354dc51e702854b359d1a352cfa |
| SHA512 | e58d435f3c58682cc717ab815dc6c4647c4e211d226020d175d40ae08f39edba1bc384d107f139a761074313cc91809d3d3a4ddeb84a0f4a1bb875785369dfa4 |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 9bdfe5af5c8d59fd63ab2af328f0fde6 |
| SHA1 | 46a2aede2a4fc9ffa48cc49f8244db9f21650293 |
| SHA256 | a0455dc4ff4b9853cbb638647c90795a9ea3845c67a5cdae54a7b4d7dab30ccf |
| SHA512 | 95a551deb22ad8e01c2d8d06997fdce59ffd8977d74176a2d172e2cf79c8509f12eab1e8de0ab6a0ba01c43feb2d1425b24e3cc68031a1f3de46f7b152d91cea |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db
| MD5 | a1faf31ee42533b9810eb52bbed5c09a |
| SHA1 | a4114b133cbb35061b4d54cf0b5983e638caeb4e |
| SHA256 | 893b6dc8d795edd8d52c1229a994059cab3f2ae6a9719a864e4f35ef0ad53b77 |
| SHA512 | 658e273b2ec6cd2ebf440bb07e9b903d3c0ac10cdb1c794521487dfe1fe0bf8fac2f96f83b6d8ee824d9421942aa110392c59a87d090b4596f6830b0cb7a03ce |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 1d6a0477a0256dbdf106d89eaab78e54 |
| SHA1 | 960ba064a8703f0f04b71028cdc686477cba5813 |
| SHA256 | 619c6be67a237b9244004c12bc4bb6b8bc6a95a75374d7b5d44ae851dc3914dd |
| SHA512 | 8f454bae8f2e4ef42b1d4f1fd90737ac48986d160d63594039a4f35f5151e961fd62b973f9a4e94decd1012202225e6bd97c869ac3d75be2eb0fac636c7b7e2f |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 929671a390313a25f256243eb771cd30 |
| SHA1 | 4bdc2006b93ebd1b298bfe6cdd65dcf63430c6a7 |
| SHA256 | e2d8cb6fd63af3efabb6fb4d18c4341ba6fccebb20e3cd15bba00e9f634118d9 |
| SHA512 | 96e916fc9091d162334d1c271a6b1a85703bb06b2c955d09d27677bae8fb21d9459dd2dbf4157c8b9daf5d6f2672d6429bbcc8e22d9841babeeaa8e93c5b710e |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | a7a889e08e0699f413b0193151f0fc89 |
| SHA1 | 29e6e7ae2a69950f9caed64e344dff154375f1ed |
| SHA256 | 376bf1651fdca3d874983e3f71fdf3345546b9d21326f7ba4d408aebf88a88ec |
| SHA512 | 8d6ca4617dea130d5ff42571e739292477b11f092e6ed1b80d02b984947910b61ab4f5ddca2c17f6b27142014475165b3341a379477bcdc1fac9af449695225e |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | 93ca58ae367b7c5e9a3095a875d47876 |
| SHA1 | c2738bdabd2e37c306c340570803c43e3d45a46e |
| SHA256 | 9f955c61ae2db0314ca97933514ea2ac6b0febed84dad5313da2b72aa4244db2 |
| SHA512 | becdfbdd130201ab4d9ea2773350436e1fc9c808af826fd631d0fcf34cfd4fc2e83c219fe8cc0e1019a05577c49f6924c714c40aecd47332ef8c09ce7005bd99 |
/data/user/0/abnehm.app.low.carb/files/gaClientId
| MD5 | fbf6830e098316397492e189abe3a25d |
| SHA1 | ac8ebd8fc47888cc9dd02823f015a62a2f902f64 |
| SHA256 | 557f146d19b273011653fcb902fc895aa89c0cd07e59909623cc49d4eb209520 |
| SHA512 | 02a46914245dedca793b6452ecec6fca2e9c11afeaf63c8e9e0e5b6ae46e2eb814d7e166f94a4f62b99df52d06b5032382c94caf31355f0c9ccc7526c91e1dcf |
/data/user/0/abnehm.app.low.carb/files/gaClientIdData
| MD5 | bb5b50d742e153e0cff6a5e6f3d42513 |
| SHA1 | 7d7affbe79e7b7482362becbfe3031647051c7c5 |
| SHA256 | 543aa717061ecdee1e0ea13a900a396ee7c71ff123cc950134587abb6d7df851 |
| SHA512 | ef4eeb66a0102bf143a4d88f247b3603b8a7f142ba6633d836ff2aebc18c1c08cb40103f632d4f94cb5623b7ff2378586127475e853535a338c40b428f1ee42a |
/data/user/0/abnehm.app.low.carb/databases/google_analytics_v4.db-journal
| MD5 | c608501264c78f86b48b4702c70502da |
| SHA1 | 5a311043cfdd641ed9d9a34c7840024a1af6360d |
| SHA256 | cfaeb3c5733a5efaf77b294c12cd6d8711e6bd946fdbd60563b8283c864cf811 |
| SHA512 | a8e1291389047bb198bb57da1f9040c33cd0c0903dd4261a6873bc4a1a0bf2b7c5cd410f15a7e943b5997f1cdfb73cbade50d363eb6b5dbce916fce526240559 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 61c8bfa4dccf88f887e6b476165c0082 |
| SHA1 | d9cbb74af168727bad9a29a3c5fd26a6b4f84fa2 |
| SHA256 | 1c8a674720d00f995fdff7722266b64147ea3316219b25ac0307fa1bb98b8fd1 |
| SHA512 | d8bb4e255424b87832f7c1a82d8ebe7c82cf8be316280adb516bac02f92aaa1177eebc5e2260488b4e39b0e2b83c465d4083a650c3646da68f3b4970de8d9f71 |
/data/user/0/abnehm.app.low.carb/databases/google_app_measurement_local.db
| MD5 | 621acb03f976e94c180caaf1c0a57f84 |
| SHA1 | 8f5e2736a7a740a25959e5923418c1551bec5367 |
| SHA256 | d662a8274924e2427aa58d4f99d6077afa6e7be1ff6eb174c90a395a86801abe |
| SHA512 | 5d4994b05c0f09dc1813695fe96338379df9e484064e83f3122e1bb5be098d3d636df59470d29fb2ddbcd495cd8db59f53045eabfc07285a222153ffb8aacb66 |
/data/user/0/abnehm.app.low.carb/files/AppEventsLogger.persistedsessioninfo
| MD5 | a0bc3c9e4ab57315a64ec9e5879bb7f3 |
| SHA1 | 612c95896c5395e7bf1a3c4898dcd1bd9b980a06 |
| SHA256 | fe6cbd32f64093de0593dadb5cdd25b63721f2b105728e0e6959b6c276748fb3 |
| SHA512 | 43104ee30943ea2dfce89ba2dcf8c0989e5895d0eaf4c2ef8d6891d835f154578b3762b5a31c84828a93fcf61f65b44d130be98a65b77d6e46201bea9b6f2d71 |