Malware Analysis Report

2025-01-19 06:55

Sample ID 240523-lef46sbh94
Target base_095844.apk
SHA256 bc0439149e747ff8b39325d2d3b32a5bf109297fb67540238a80c0a4475b7097
Tags
discovery evasion impact persistence collection credential_access
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

bc0439149e747ff8b39325d2d3b32a5bf109297fb67540238a80c0a4475b7097

Threat Level: Likely malicious

The file base_095844.apk was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence collection credential_access

Checks if the Android device is rooted.

Obtains sensitive information copied to the device clipboard

Queries the mobile country code (MCC)

Checks memory information

Loads dropped Dex/Jar

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks if the internet connection is available

Reads information about phone network operator.

Requests dangerous framework permissions

Checks the presence of a debugger

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-23 09:26

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an app to access precise location. android.permission.ACCESS_FINE_LOCATION N/A N/A
Allows an application to record audio. android.permission.RECORD_AUDIO N/A N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-05-23 09:26

Reported

2024-05-23 09:30

Platform

android-x86-arm-20240514-en

Max time kernel

172s

Max time network

180s

Command Line

com.appsomniacs.da2

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/xbin/su N/A N/A
N/A /system/app/Superuser.apk N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.appsomniacs.da2

Network

Country Destination Domain Proto
GB 172.217.169.42:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 mobile-collector.newrelic.com udp
US 162.247.243.24:443 mobile-collector.newrelic.com tcp
US 1.1.1.1:53 config.inmobi.com udp
US 20.39.59.188:80 config.inmobi.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 ads.mopub.com udp
US 34.111.158.155:80 ads.mopub.com tcp
GB 216.58.204.78:443 tcp
GB 172.217.16.227:443 tcp
BE 64.233.166.188:5228 tcp
US 1.1.1.1:53 rt.applovin.com udp
US 34.117.147.68:80 rt.applovin.com tcp
US 1.1.1.1:53 a.applovin.com udp
US 34.117.147.68:80 a.applovin.com tcp
US 1.1.1.1:53 semanticlocation-pa.googleapis.com udp
GB 216.58.212.202:443 semanticlocation-pa.googleapis.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.180.8:443 ssl.google-analytics.com tcp
GB 142.250.200.46:443 android.apis.google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 d.applovin.com udp
US 34.110.179.88:80 d.applovin.com tcp
US 1.1.1.1:53 gfamiwjmkzfn udp
US 1.1.1.1:53 oqzykkkneymbwin udp
US 1.1.1.1:53 nandrqai udp
US 1.1.1.1:53 assets.applovin.com udp
US 34.120.175.182:80 assets.applovin.com tcp
US 1.1.1.1:53 img.applovin.com udp
US 34.160.119.165:80 img.applovin.com tcp
US 1.1.1.1:53 res1.applovin.com udp
US 34.149.87.163:80 res1.applovin.com tcp
US 1.1.1.1:53 mdh-pa.googleapis.com udp
GB 172.217.169.74:443 mdh-pa.googleapis.com tcp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 142.250.200.10:443 safebrowsing.googleapis.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
US 1.1.1.1:53 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com tcp

Files

/data/data/com.appsomniacs.da2/files/nr_installation

MD5 64765b0c3e47f020294ca390da07afa4
SHA1 fe07c8d50531ea663777b1bab7424498c970118b
SHA256 be1ca32a94676c04f555d6632f8e89b88e3e3a3d027b734513b7e7ad26c28da1
SHA512 dfec8e9a1d8cd0d78cddf83a33751f7bc0e3f8bcec9bf5633caec3ca9c5e1a22f0f60871c23cdacfd7573a9787027563495d65241cd4c234282ca99c99dd2932

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0D0092-0001-10DD-61E3713C67D9BeginSession.cls_temp

MD5 1c3faaa0722e88accc6176299c94b97e
SHA1 cd30764690324ed97f88c200cc5f5d02ec22c612
SHA256 921ce47b96c66ca41ad0ff2aa160c4a86490f3e9a3da9b7adf2666606abaf3d5
SHA512 53b8f1407cf17b711e6e26faa142ab04aa2bd3a3993888da36e596a136b4d8ff67e86c22621af02c5da093fc9016a62c819e914760d09e874c535f596c026695

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0D0092-0001-10DD-61E3713C67D9SessionApp.cls_temp

MD5 2cd2664949ef171f7858ce1f1dbc602d
SHA1 699e23aa106ff3aec85b6be44f4dde6b7af37fd0
SHA256 dbe3ba40ce89ecd737e2678068d3bb568b040d4d9302eb5e8a3a3647dece02b1
SHA512 bdb484b28f9b2441ccc8d05abe54871e7c7634ca69357526655ac9ca677f7d76d7a62aa5abd0551c85321173f26ad7ce27b8abd565f1ee458184b35dba11c2c3

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0D0092-0001-10DD-61E3713C67D9SessionOS.cls_temp

MD5 9b3d4522944ce6396563812bfdb92fa9
SHA1 6d2a6133c8f01938a48ccc77ef86ad8ca335c020
SHA256 d32805d685a3f50caa7f1c0bd7c8804c4d937a866513289f60e3184f7a591ed9
SHA512 091d87643712530bf9006135db42a5a50742bb5ca3026bcc5f2c1c17bf4fd984a8938d29263b0abde3d15cac196d2230902534e200b0b79485e3a1bd97d95727

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 ae725cd5acad928a02739cdff50c760b
SHA1 1d1806aa982b7d72906f3087278785e45f461ae1
SHA256 f861b93dd914646a2ee81207c5aa6062f73ba1ddc601373597def1e5c79941b9
SHA512 fa2a6706e1cd6357f8e64c3a781036b6209eb0e492db0ab82fa652d9fd6d54b08fa48039d9d5e310f2701e678896c61627ce3ef01460c571b1c082c4d6d6f2ab

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 ddb4bdcb3bdc63f92be9f90d11fb6ae5
SHA1 9a88231d8dfc76709b97a80e174b9b833c84ed31
SHA256 cdd5efe012fc241e246a1c7dac53f045e633fd01448e6f253ab4ee2d684ec2df
SHA512 fce4fc192e4f9918289dfbee67fe8c6ccc92aba705962cd31fedec3a2d6777246dcaaaa0dc908a3b3e28efadec74d5a76f2b34381bf28ec00eb7c364c64ac0f2

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 959a9314743a3214dbcd8e1de72bff64
SHA1 5ca50efb27e3d7d7c02912f7674df36c601a68d4
SHA256 d77057519d6ad545087a744724a8ddfa6b3945cd57b87ce0abfa850e672ad31d
SHA512 7dba135cd4d49cbe681e1d6660b056a039e36e78b7ded94db9175bc330a0c1cdced7f2f0364d270a2d4d1349c20d7ccc2069cb7c4bcd4c91af0d1c092fde0813

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 8d16bcd706a0fbf36d6a2bfa8fdb03e8
SHA1 7d62c993db103a5ef2b609411edc4617f3c1c500
SHA256 73c0e44b38935235704a42bb355e0926e0e452b5e497253f3884cf43786e1a3c
SHA512 7ad636db0971c535b823f2274bf0f033bc577e820aef15aaa634e4952a2cdd3bd227245a7e2a0eccb6109f59d0caa9018b7d748282480d247e1939d5ee998ee8

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 d72a6dd9004fb80b4c00b6bb709f1785
SHA1 e7e52d79784e3fd28d2a9306a458190f5e742b33
SHA256 40bd8648d0e181d6705ef53e5cfa3097e3240ebc19a905cbc928e2f494530310
SHA512 8da010135f1f3c576772bf9c9e5f4a55e7a56a2b1e0bcfe282a678eb67117d7d9f0ca63474482776a4e16e342988f3be39996e0e49d150c8339ae39a9e880f83

/data/data/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 d75c8e1bbeab9e1ddffb9d332585db71
SHA1 e0315ca8cf540c87b5fbb1a7929b63b83ff7a2d5
SHA256 cc8d498ff06d960ca3fe78bebd47552467c6e0d5fd38845f450b9a07b9aacd57
SHA512 4dfe89a728a3bf549f18b7e42310c06136365449d92767445e8ef09fa1bb5963ee87dbdf0334d57d1f06818d2bb4c03fdb1b7e7264d1c4cd73492d7b3bbcb60c

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 02d1a271edc3133c99525bebd32eb017
SHA1 4ca17722990ec0f4b45a9ce966d373ee81771ef2
SHA256 2cbc4490b3c2aa6d1bda58eb1190bdfef7fac3d9903180e314faa3780ae54b1c
SHA512 0f502f96b80c5fd56437b27b0b1cd68855b81f3f19eb6239f2234e59dffe1ba9db63db29796f2b534e81edbc7bb05a817757f4c6d1707a888d76de0acf75d727

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 1e711c453ec9d9ea0967de3e1a758672
SHA1 3fa272a9300dc4df6fff54931ab035085834adf7
SHA256 c31e408d60d92fbe3818c73092aadf4661a6f2150bc7cb787cdb7a7293b90aad
SHA512 887eb56fac50b32f811bd9cf5ed383a8a38f32eea79de1d36b568743adacc9ff3cc48a2a57b14161b88590a3facfc46478cf2518d56e2d7f47b9f3737ba91aab

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 4456ecc627303459de9193896334cf46
SHA1 01627cbee420d0f1900f289cbc35726cfe4f3466
SHA256 e1fce01aa732172fd63141b98354d77f987e77f24302ae9f29959d433e082b72
SHA512 9811a16f9a7fad59947099fa56f7bed6ed038361ea32d9e32c05cb9f531d6e8b8ebd2ef0db77b269e28252f8f7cdbf95bc103dc8c469bce356198ae227ac14bf

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.appsomniacs.da2/databases/google_analytics_v4.db-wal

MD5 145adb15b538441e790ec90f73d8236f
SHA1 c9cbc2bb5dee460acbca478729bcaf3c41b5cfef
SHA256 41b27450e218f56ae15859b0855ed8a50ae8c06ebfcd7f541e9e45ccb7471185
SHA512 84e55aecc0c9d1e14058de2d5ccc627573c4f610d03bbb865aea20c58ad71dff0dca8ddc7e100c7bcd2306d4615ff28680e45f0435cee611838b186ee16a4954

/data/data/com.appsomniacs.da2/databases/com.im_6.0.0.db-wal

MD5 c88e4da96381dceb2cb4cccb182cb569
SHA1 58096dfecc5e56aea8c2e6977a5159b63f16f47a
SHA256 8e8b9b5d5889553107658770a99fba73585f4450710d7f6fa29508e394c524de
SHA512 9c7987dc9f7c2ac66e5e82a49a9b8e5b3c23f5384b0d2fa04778edeafaefe210effd123f94fdc8031aae893a70628a368d58c702d1daee42019a5914cfbeefd9

/data/data/com.appsomniacs.da2/files/gaClientId

MD5 b9f7b8a7cf01c362dedd874a5c9f1388
SHA1 0cc5b2b3d12f9e9f75d7f7699c4975bcda9f20ac
SHA256 c773c655babb75eedeaed8e0fd00970b9bce80b84c4b528211842856eb543399
SHA512 792857d93917faaa6726c6662b8b007918c560eae3dc6bfd65290a4d8776c291ab40020ed78c1de4bf0a407ee047ab69f7eed61c264196908e4a36ef171b6bfe

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0D0092-0001-10DD-61E3713C67D9SessionDevice.cls_temp

MD5 73ffce5147ceb4ef65366ea366b9566f
SHA1 a14e3afae79dc3ecb53d2ccc0a14164524203709
SHA256 59a7e3d2d6996387b72179524b4ac476bc67188d042f87fa1b946f1979936b58
SHA512 b58c0db945011f0a23a6bfaba055951041227d6f9d3b0802fff6a47ebff27f7c07977c196394cd7d4e8b836e8bc443c3ea0322b8894c92e7222927dbd269f99f

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 8892cebee22782199da0b7aa7269e1fc
SHA1 1ba581765f3d5167cc5371c306ab1e9879470e53
SHA256 182c68286cdb8d28a5822f8084ff6959975acde6896ee638e2c44bf87f7c8546
SHA512 e48cbb73929dd36fe71acb586ea4b7c866f4682f2a7205204047fe53eef7aa5125918046e4755f67ad1a8d88bb9476b786571bcb04fa8cdc0fe87d4c2432214b

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_b50e16fe-491b-4e8f-a976-46b6021b96bc_1716456481447.tap

MD5 6e2172c687361a99abeb43465e087cc8
SHA1 ed3f15510552dc3819f709b5b35df330cd5fe594
SHA256 1bd05c7d131d5a04cfc9e199e3f3874e25c4a5f65041e7e69f1e1366dbce26db
SHA512 74db00018871648ed4258528bc7e4144c4bc7e1d7eed1d34b42a13712365dde47bab6c20b3342d2be96fc14edd620c26b6c9535bad3617a20b209339cee71dd2

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0D0092-0001-10DD-61E3713C67D9user.meta

MD5 0244abb9fe81de2d6acc325b9db59ec4
SHA1 6f619589dd99e2720cdad4df6ec636ba4f4c6ed3
SHA256 e6a15a8166d50d9adfea88b1c10654aef29e84362a05f868604298f92374abde
SHA512 ce6b1e72453f94fa78ddca2d0bc929cb524c4302afedfb9557c1c95eaed2f1b120023384730a0b8925e448f7d404c449324ddd0f3f5db0028b390fa1bd2aaf34

/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 311be70af04aaaa7742dce5b874809bd
SHA1 4ac8ef4bb43ac432b2690c62fa96e3341564b51c
SHA256 fbfc5ed2ff5576fbd77d6eb57e3e47aea497f75db735985b44ab7ce2f17f518b
SHA512 613cef9f2a37540852d2286301b631d777f7ca31974872deaffa236c76574922a3d9c10fc3356aea943897ccafdbc7fd424ccc0611e37bd4c0d048f2671cb5e8

/data/data/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 b9a54492f5da67f57df673711738e6a8
SHA1 dfbdf118a2f1b61977e8d564287fb0335cd8b2b0
SHA256 ebc9fabaf381fc4f1f69b563399fb3ec6f9df1e53a3672a7a7fff8c04187d585
SHA512 084cf69ba69f5722bb2bc96168a3857a08a815213679c910c99ac28f460c524ce02489ea25dec2c23bf5eac01456b4c04be4d510caba55032a4ba030113bde4f

/data/data/com.appsomniacs.da2/databases/http_auth.db-wal

MD5 c2910001f8965cf812a721c5712d7f69
SHA1 2175638df4d52112b2438d03842c0581085389c4
SHA256 0184989c2116f014d08038160c48ffe39b8a4fbf881d2fb3a565e0e89cec377a
SHA512 ae1efdd9a17854d5a92233cc2d04a09e7c8c687d4c674d48713e8b5339a2e8976bbe616a9fbff46b586a5ae749f35072d401d7528a175613c3644ebc626e65c7

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 a1fd02e48de6a9ca8b819f8679651b3c
SHA1 b3fc229dd0284014907ebc073f38376f8ba905da
SHA256 dce92dc2106d3ac3d57bc3c4c07b324712dc3a67ed2f22ac36336aa98e4f4bd0
SHA512 a0dd9e206a29f04cba637cc5b2e6b31b4c76721126b78065eb5fed5525c2110d88566e7493290bf9e03ce56a2ee7bcb550d7cb6a4c98b9ca0791e1fe839ee010

/data/data/com.appsomniacs.da2/files/gaClientIdData

MD5 99dab6e3a3f265a40aa022beafda172b
SHA1 0c42c35e6eed406fa281b0ad67b74395244fad75
SHA256 efaf7b7aeff62f5189978c53b860a6a0f36aab73268ee3371eec981fb941f797
SHA512 2c2f7d5a00fef3011e812a1cf20e635d67db2bf2e5a08e4eed8ce0b0d5374b84aa3942efd47a3e6dd8814fe19d95bb309a9ca924cc6aae9943ee88f1d72ce7cd

/data/data/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_1f952310-a9dc-4cd2-a460-871f2640e9c6_1716456543910.tap

MD5 4bfb258ebbe49d6341859dce2cfa7c5d
SHA1 a37bde3c2090b51bdf5d1f3fae4af0c5e0b19546
SHA256 f7602ff05c56f773ed885473f2efa71afe4602f6fcfb029b8395a3cdfbf9bcd2
SHA512 6ddd5127dffb8b1e6bf12b637abe6031993846a33a89680f148a272b501f3e09755a1dfd1aee7421c94ea776753751630843ac5d53c88e95a35591b1f8602ca2

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_off.png

MD5 d9a4fb40256f67255242c0f41a0d3de3
SHA1 1c99e725cebba2c3f5808d5e00c73af58f0790bb
SHA256 a7e16ed6d339c6a85870e5c18952f839d61dbd93d47dbbb49e7f7f9124cd0d2b
SHA512 a09d5d878cbf2f58ce256814b9d19d9122858609035b2c15e19e2da8171e36d0ffff4b33420d4d27233200b430307f1fa42459889b52f66e4282af8a84edb8fa

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_on.png

MD5 74485ec832d65f19b05f5027220df53b
SHA1 49116a6b85bec84512241c9dc6e511ce10bdb7b9
SHA256 7a89be15d3a268c6820f385ac6d4585bf04b45e2fdff37948b2a73afa34c1268
SHA512 9acf56fe90a687ae653ab5014aacaeb7ad6f76982271df5f63e536a358f3f53b63f7e865fd8180bee96980cbfd4ba9b07b81977f86c9b9d0b41ca1dac0556657

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1381250003_28x28.png

MD5 759a106983ec92f34344dc5064efd29d
SHA1 2c237ecc3297a144ed9eed2c4e0ce68d5bffa07b
SHA256 1b5b3be1232ba117e19d81f6d0a2d6d1d14ee6cf726fa2a2800e19166736ec81
SHA512 516b0053563a00690e503780c883d51b84143498305e2cc7bbee4489e1a06d38a2c637eb3c125b7d5e1def35e31a66434f403c2a7d9634e87c8b87f05a94bb49

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/o8136b7f_8468ec184d704b7245eb491f322a8c19910b2129_raw11.raw

MD5 3de8269c6731278f9b008671578f7685
SHA1 8468ec184d704b7245eb491f322a8c19910b2129
SHA256 58876258778dc523b6dbdf5a534e54919f2402b964afce1b97b18bfe087264de
SHA512 e1d6413a9a039f5a2e4402c5bce4c40bb45c708b375631c88ac0b058934c964c1ad6855b969775c57f871f2407efc5cc0cadd5916952be98ed102274cc1f414c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/93371e08674b64643f2db488eaa3bf42e3bad401_v23_phone.mp4

MD5 c464a1b1c31bcd1e90234ce75a857a2d
SHA1 fe303800d2417feb67c4e3fe15e4fbd4c1afbae3
SHA256 1e47928c7a950e2121fb6799123493dc80db34dc30b9525fde4e10e2bea33376
SHA512 8edce4d8601bddd3ef9a1f71c7fe9e04669ca4be2d0c457d84339766c3398bd59e042430065f2d7057f264dcbf896c684223d23e8b565ca26db0435d303e5f9c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/o86adc78_55a30ff3ee62229c331f70a23e092304027c5496_v21_phone.jpg

MD5 30f7bc6bd4b24102e04b583e70ff4982
SHA1 b75d8103ddd1e97396eda85d394881c6148e96c7
SHA256 db65fb42d0064df4405cc9f159948b90f3ff2902e5303d5580496490c4f1c707
SHA512 faad66f2c0a9eca144a9b9d4e82416af0f6eeb61fba50014b53a63f8b21ba8cd06ed16c58124581d60539f7c3a4741c5b2afdd31eb2e38db9f6b5abfa6dd51ec

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/a53fa94488f68d80bc466af75ecd368d3770633c_v23_phone.mp4

MD5 4e4b7f9a4283468093a62204d93383a9
SHA1 b15cc4fd5089faf81a13598a53d1f2d3eee92d71
SHA256 42054811bb10a64d201dca880bde0994e834d03886e53cf9e2b719f0fa2c4aea
SHA512 d8575141c2005a62f7b4c2e6515b35d433f95fec8b819b81ccce29e6c8920106ddae4366db96713f6d22b26e13ffc7d3fbe1ac97a330ff9eaf42acbf3e595d46

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-23 09:26

Reported

2024-05-23 09:27

Platform

android-x64-20240514-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 216.58.204.74:443 tcp
GB 216.58.204.74:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-23 09:26

Reported

2024-05-23 09:30

Platform

android-x64-arm64-20240514-en

Max time kernel

171s

Max time network

180s

Command Line

com.appsomniacs.da2

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /system/app/Superuser.apk N/A N/A
N/A /system/xbin/su N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar N/A N/A

Obtains sensitive information copied to the device clipboard

collection credential_access impact
Description Indicator Process Target
Framework service call android.content.IClipboard.addPrimaryClipChangedListener N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Reads information about phone network operator.

discovery

Checks the presence of a debugger

evasion

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.appsomniacs.da2

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 mobile-collector.newrelic.com udp
US 162.247.243.24:443 mobile-collector.newrelic.com tcp
US 1.1.1.1:53 config.inmobi.com udp
US 1.1.1.1:53 ads.mopub.com udp
US 1.1.1.1:53 rt.applovin.com udp
US 20.39.59.188:80 config.inmobi.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
US 34.117.147.68:80 rt.applovin.com tcp
US 1.1.1.1:53 a.applovin.com udp
US 34.117.147.68:80 a.applovin.com tcp
US 1.1.1.1:53 d.applovin.com udp
US 34.110.179.88:80 d.applovin.com tcp
US 1.1.1.1:53 img.applovin.com udp
US 34.160.119.165:80 img.applovin.com tcp
US 1.1.1.1:53 assets.applovin.com udp
US 34.120.175.182:80 assets.applovin.com tcp
US 1.1.1.1:53 res1.applovin.com udp
US 34.149.87.163:80 res1.applovin.com tcp
US 34.111.158.155:80 ads.mopub.com tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

/data/user/0/com.appsomniacs.da2/files/nr_installation

MD5 7ba7a984a6987f51f2ec63f05a8010b0
SHA1 92fa44fea7b2372656b60c179ef8f6be6086b722
SHA256 8a7291b475f14d98c789463e317ad3806707f8e51d698d850922a674ac438719
SHA512 1a56eba3dddc6d6074227297decb230b9b2e41ffdc81b1b7318442336285dcdacfc305e39a3e96963589740a47c196097a7ebc88f0ce704e21988e243627694c

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0C01E8-0001-1202-EB46ACB214BCBeginSession.cls_temp

MD5 e453e0f45fbea315d5c6b658c84a106d
SHA1 935936e4a14f29e0af64ccbbc29fc23170eec2f1
SHA256 83ccac4c7199b8e981467c4f0864c2fc3909a6fd77ed7dedc70103f07145991d
SHA512 945c5e2b3bb27e0da7e5f2094e8a8869ea0bc4dfd882769725db5893eb39a3dd4395b7b5e0c08cc3021355fc9f39e5b3189aaa829548791d50ce163c68296c0e

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0C01E8-0001-1202-EB46ACB214BCSessionApp.cls_temp

MD5 83aa48c6e1e5dadbaa2d810a04c6e56e
SHA1 b398e9796de4c96035815d8722be1420b3d17802
SHA256 01f9cc6137c86f4ee7dd24f539b06f03ea89a1e26d006cd0a87648c6ffaad69e
SHA512 7edf1246e881ece9eeef46ac284981fd6ea68b088d4d00effaee327e48d01f14c3599b9953ebdc256986195e61aa80fc8d8418d3bd40b174ad20f90f545dd0f2

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0C01E8-0001-1202-EB46ACB214BCSessionOS.cls_temp

MD5 b3d9541cc92a9153d14e5160f8d8c008
SHA1 2e1ac80eb381dd82a03795b682f92020348c0113
SHA256 1ead5b213c87f182ffce484c34f7d9f140ad3425c0f303f460492efe8a26c56d
SHA512 78074409135a210ba4e1407ad9b3f784f5683e83aac4ce3482d4e8135425cf2b30db1ff5dd0041901c490a551a477237c6d255671c7b1fad74090980dcf3334f

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 85b952a81046af1ced33e35de0c2895c
SHA1 7de813692ba810d9a2bd33cb3096014fbff46682
SHA256 1e3071789f84400426a0df2c7f17efb0ad367898b688696714cc80f83f33263f
SHA512 419ca9f39bd9acc099ae60da9b5177a0c6ac811f83c45ed758fd89c3de23ba9e5b93cf116637caa96d61ba4d6d0c747405b74cda94860598e7336a071f781ba8

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 a870b9485483691b5b0277a514cd0862
SHA1 5aad93d96aa8097a41ba3c9f5b28aee67ef82685
SHA256 1ace334ff913c61bb4b481f4c3436583ce9a1389ab2aedf86d705ea71dd3eeab
SHA512 94cc642aaa3083c6e5fa5b7f73db7f94ed81b833d7fe7c7b55aa40b8d020a83b47c6b5b8c8a259df8706e569944978d27610b8c417a44709e31717a33126f880

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 a96891f44b2c163d4ef3784f128f517f
SHA1 9938e33cc4446e818176e5b41f1d2915c9e94921
SHA256 747707a6b4fc683fe612f5ba931119e3cd77d6832857f6863c220c2fce3c021a
SHA512 70e5177a4221893790914f90b95e06311feab9e51383ccadb4291d7c421914ae79ed03f2651436bf54ada4e700ef550622c0dea51d74676b427ca573a4c693cc

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 c582343c42026573075a02d7db5f7b11
SHA1 625e9ab7c290c144990e398c7e0ff0c12ab3d50c
SHA256 98f89ea4f6308f13afc754bf41ffa30b543336d41d79c327355caa9a1f8bf4f5
SHA512 22f2dbd42e6ebde76d0a1ee6e1a93b464c5aef28851ea32b74933e285846a9f5634f86791bfc6200943577bf3aa901e8301d3cfc7e4d731d3e6f3673e2c78ad7

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 f05ef582bd48017e8ac95dba9a824547
SHA1 d73f2bd3fa47a3122a6ee27c2ce0365c46f0fa6a
SHA256 81aa0c9e5b0fcb8ddc2813449c8f0653697f45f33f13fa1728b871c209610eb6
SHA512 c068898a50f0036e950e17e826dd041afb364b4adb64b01c45da60b0447c1f0cd5e144d8a09562519fd834541da9a7225dda54d8d757a7a620a6fbe916fa8fdc

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 8fcf087d7cb9b0496d1552b5d32b3225
SHA1 7ccbf25b0be1d1df19f466f23d0621568ee85a76
SHA256 c24b69120e475c02d90527bf71dd7ba1e6f136db8093378b1c069f8d9c57f8f3
SHA512 8c333c42896e876c2751c587204c12eea5b7bdd0135322999b6a39e7e5b23511cdaf9ebdd84341d71d597535271018d5bbb78943676fd3fdcd4b29887f697bc5

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db-journal

MD5 3ae60d0264cfaaf37ba12f4bfa51dd66
SHA1 ed62c18e72c3ca89daf317ac8479bd1d7d602c75
SHA256 6506fc35023ffc39b46107cfe4114919764e031639c89449cd235810d509339f
SHA512 6325f217c275bf94d7dc02e85e5b45004a398d4e85bc45993956ca2c58c022ed715d363d283b33f4f0c6b5540044d094a70803bdc9dc0d3a683c773a55c05ad4

/data/user/0/com.appsomniacs.da2/databases/com.im_6.0.0.db

MD5 c4a52baab73a7e2ce5e1671cc21466cc
SHA1 2bd0bf23c24c7321ca111bd201c9bacd4b438491
SHA256 173b788703ee5d9719c003bb3cb4c6b9437b6613207efe216a9fcc33e5318b6e
SHA512 fa269605711717b10dfc6485539ba0ce4c868562e7d2e30ef18622a98f9669e505c495fe2d42fca61377d7fa42eb03300e2509f6e6e5abe4f2d086345075a1c1

/data/user/0/com.appsomniacs.da2/app_.gpg.classloader/d75c8e1bbeab9e1ddffb9d332585db71.jar

MD5 311be70af04aaaa7742dce5b874809bd
SHA1 4ac8ef4bb43ac432b2690c62fa96e3341564b51c
SHA256 fbfc5ed2ff5576fbd77d6eb57e3e47aea497f75db735985b44ab7ce2f17f518b
SHA512 613cef9f2a37540852d2286301b631d777f7ca31974872deaffa236c76574922a3d9c10fc3356aea943897ccafdbc7fd424ccc0611e37bd4c0d048f2671cb5e8

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 1b6bdf2ac4ccacb7d628af6ef49c5a02
SHA1 74a54800c4003fe7393697048bed68e586c7bfdd
SHA256 7e5ff3cf3bf216ff6031ad1b83f026bc40b42d50f90933c2bcd126e345ca9bf1
SHA512 41bb098750ea965a639008e42ef20d759589a80c4126ac372435182049acdb30894dcc8be651e6f86867a6f2ef16348682dff6d2d3b7a5b6036f83ee212a06c9

/data/user/0/com.appsomniacs.da2/databases/http_auth.db

MD5 ed710a8968441282a5939621c2771927
SHA1 b6ac28b3e32ea66790c52d6934608b5e71f3d5b8
SHA256 6e7b95a553c2528d6c564296a9e481a6d913074c35011a19f2da8e4807c53bb2
SHA512 547d7c530ad345edf6b880b7685d2ddf3770e595fe3a40041677cb0c296b15ec6d9e8ebf3f2db51624be41766a0af6764512f1c352d5fde22bdea81d7c08e364

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 efa0ebbd2a8c5b3518192c1b549d5007
SHA1 20b148951533c7813dc0e6d5c6f8765c25cb8f46
SHA256 7621d5c3c14028a92fff2eab9d80d95efc0ad81937e97b3a3e5b248718688269
SHA512 5faf0e90e4e3858619c7e435eb4301b44e8bd3b7c4d41352cb2b8d9d8fb301e501194b3d2edbfb981acde7c0fca25c1084f31880dbb7f0ac42ed1a8f99bc5fa4

/data/user/0/com.appsomniacs.da2/databases/http_auth.db-journal

MD5 e00d5fb96cdc63857d149e4c91848251
SHA1 bd28bfd93b401c4a724273c737e993822a30c0cf
SHA256 e26b8ce4f5c967e5c994d4dfbce82a8a833d3b99615bd8fc96b83b3f422182f2
SHA512 f1e17b441dccca4097f48f644f1335a4c7716db0b2ae3c413ccf9943933f38b2567eafbae4bde4bd01fe8d33ec2b595f468cb4c61ad5b28b5b798a6954246e7c

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 6d25343bdae40ca1f48d6e4fd8f52f59
SHA1 7ccc196a915d2e84d5caffb2e4e324f96dbd9b96
SHA256 481a6f8a237784677f0b52b54ea16ab1e54e8da07b028707827df49cfe676e30
SHA512 6b19ca2113a57575a89b090760fad055021a24a5daad8a4f73708c4f90eb78675c9dd253911ddc87119589d98c7dafdcdab4d68d26a1568772a6d86070dcd610

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db

MD5 1e7b8cf9d54e2b13d4ba9c2d6a86ba4d
SHA1 d1dbfeb3f581c0ff62969b40780bc383213ca2d5
SHA256 dced781f9038dd8058355a716a24d33b86c75dacb9f7dfe24d0f26b7404d29b4
SHA512 73dd602ed13c78e8013685fbef175b2bf69af55424e16f416e09e316eeaac7a4be949682c18c21912a1e7e72eae58037487abdf090a2aa2debf1cc51c1cee438

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 ab1a7dd781c1d895d26564367ccb9de6
SHA1 a767737849bedd097c5727608573c66420b8ae92
SHA256 10de0676981d8cb9cdbbf400fe5c8aa5db5f7967da4e0629df1150e95a340124
SHA512 4e6ed5b7d4c949ae5fb767d2bb180ea3eb42ca8d7f84e993396e4dd3123956f34e27e0bebac0b22adba7b8b769bb5c43d53e929e29427d54f291379547dcf045

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 20945adae3f34f2ec4b972d19e2dbcb3
SHA1 1a2fb8ff7979b7cb40f39ee991141b476804977b
SHA256 f0b1207680395e95db5d3148f1b6ccd38aaac2962542a546957f3a0e67882105
SHA512 abfb8e0c8371e583abf43b88ab031515589a0db4ab88130dc1016d47ea993df41c3af27a625af33dc431ce3e1d2beaaa737c2a3d270e16d10080824b46786d95

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 1e5baf3bb3b55fc59fccd618aaea3488
SHA1 45179535f97b1e4769b0d9841ce0f27f8f08f7df
SHA256 f1e0d01b0c58d97bbd57ebd79275b539a699252019b17bfe3a97712a7ba31442
SHA512 fcd2b18df146a5f0428f8085d9c11a6163f42b79ed287796c8955e4328681b744e834e6cc8d4ee6414e6cec92c85fa53aba9a46720893c76cd8155cadd68c764

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 f63cca4600b4dfe8ee8e5094177d0611
SHA1 53797259090018b945c90c38493039bcd91e88de
SHA256 c35385582ee5d5f500e74b8b44a56dfb357e9dad50e26ce6b6c436f8d5d9aeeb
SHA512 0b95890ab994cdd922b0cb013444404f84cec1ff34be7c83c3cb07092f625b5649e601475229664eb9cdebc20301a5c04c0e8e8d6ec8805490ed4a60e42c7a82

/data/user/0/com.appsomniacs.da2/files/gaClientId

MD5 32350f2abac96bcbabaae95eca4c5c19
SHA1 f38e337076efb6cbac60306a4c43874ad675a3e8
SHA256 ab50f33838e85d9218f3f8aea0283e5c40cab316027fb47359e4d87525c8757c
SHA512 2e0c966e63db4b45146b7a965b16520c12fda0a7ac33fdd60ca6200d07a7b3d4f03dd8c66c0f95dcfcb082ebeb67674e146a547d6e4203309d2c6d77737e7f45

/data/user/0/com.appsomniacs.da2/files/gaClientIdData

MD5 d3e0be961eef53cea4f8ef802107e9e7
SHA1 cc849fb6d2965a626137337d517803f88f113ee0
SHA256 5d1f8ab8d6e657ddecf844502cfa907735a6bc80355a30861c2ae6bfd3007d60
SHA512 d0690f7a7c27af1ff6b9cab98a3bb3d438d64a372c93ccaa4697e3641c7318e2a555eca7024b11e2c6097e92f191fb5c9335a6bd627a1d8ef3c349b3c97c926c

/data/user/0/com.appsomniacs.da2/databases/google_analytics_v4.db-journal

MD5 4a6796ec8f3e105fb182113fe55a1ba1
SHA1 955e0effbbf8cbab890919872c4d77d730cf79d2
SHA256 242d832422d3798cfb421dbc35bc540e9ec78e8b083dda6615df4098c4fb8197
SHA512 e53624b52b8e08e337f3f0fb59bf401a2dc558ccd4de674e68609de850fe7961be62f4a8dc97b3cbf7cb849c8bdff0cc1379ff5f6cd394e2d38e90c46d67f9b9

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0C01E8-0001-1202-EB46ACB214BCSessionDevice.cls_temp

MD5 e5863c0227819faefd25292e13281584
SHA1 c3a63e8cc4758f1d7299452ee0aaf48086b468ce
SHA256 05392fa47c0bbf4cf65856bb452430af7a48fdae15d36a5f5ca6f9aef17f7e89
SHA512 618189d160f227cbaffc875d7e9abcba4ecfd0c2a055356a9ca052ff62c4720642fda58fb56aeb54b7fc7e1793323414f6ad49ba9b45a8d1d3100d94e2e07ee6

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

MD5 c33583fae4e0b61cde1c5b9227963237
SHA1 fe2ebe4d27469af1460f7e852031a04208ef629b
SHA256 35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc
SHA512 fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android.crashlytics-core/664F0C0C01E8-0001-1202-EB46ACB214BCuser.meta

MD5 e9fc232a5518ecd2a9d6c0c53bd8e82f
SHA1 c214410a01d1b1dfb7b6273122afd7df33b71c5c
SHA256 1b9a99edf5032c8a0da18006c336d6f0c9a9049551d8dc5fdb1d587ce01e317c
SHA512 aea0238674e561ddcc4a6c597d82648e1ce5d6573ec8a3c13a59a30f5522583d7f8ee29e8310cfddfd7c9d3635fbae385cfc1105c7bda358a5215c7b52664fbf

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 4f5fb312ec47757b83b4ccd7241c8396
SHA1 325aac7964a25cea7546b74b47127466ed107292
SHA256 97138f2382d9229b3129cd92b95df9496ec3cb2ccc8dae7c40d0f20d0744d6c8
SHA512 d839ec6121a832ff8feda4416fb32770db97317824c2f03c8fcf2fe04d6b05988d3838aa121227f2570860ee551d1cde7f5dbeead4b2a1fb29feeeb72527895d

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_362915f0-d842-4c71-95c1-d550043d9f9c_1716456465567.tap

MD5 25275042e77639964d318d83d464417e
SHA1 13fc1062990749dce0c03fb638d47843f5d40cee
SHA256 ed3f901726cdb5075a5390c042fc84e584d96977974d917305e5b79098a0c27f
SHA512 b4f1536408bea55b6c2e1a20f3840108118049fa94fd8e1fc1f0b19e622ee0d152ef72e68c552586baa9b99c9dffd6442baade22232f6d2f1700a3915e259885

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

MD5 ec3cb62fe61cc534ff634f2a07807910
SHA1 3adf606767ccdf79d222ec37fa650e1fb61c9a1e
SHA256 2a0e027e35352a3cd2fce91afad44b0559df10932f08f02db5ab515087ad06b8
SHA512 281e4a85a7cec43aa02ac6c07358f976008a166392043183d35c5388b37465df80bafb2fdd2da43c6598e354579d6c0ae85cd4c3f6d8784c41dbd3e8277cf120

/data/user/0/com.appsomniacs.da2/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_c20cf931-8d4a-4a5b-a4f6-5f1820920252_1716456470631.tap

MD5 df05cd05d08a61b2695b81e7f46b674e
SHA1 bb4a3690df4b87a0877d67c9f73452b57d11a5b5
SHA256 c953a72c0da8d5f4270cfce52dabbf1e0cf23f077c8e202293f4ab62603e829b
SHA512 78e985c6d1945be9a776043dda4add1a2ec8c2a4b9064dec0993d965a3643f62c2d4e91b6047f5079cfa9d5c246a7e77bf0257583dfe969f5e447e5dc17ce30d

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1381250003_28x28.png (deleted)

MD5 759a106983ec92f34344dc5064efd29d
SHA1 2c237ecc3297a144ed9eed2c4e0ce68d5bffa07b
SHA256 1b5b3be1232ba117e19d81f6d0a2d6d1d14ee6cf726fa2a2800e19166736ec81
SHA512 516b0053563a00690e503780c883d51b84143498305e2cc7bbee4489e1a06d38a2c637eb3c125b7d5e1def35e31a66434f403c2a7d9634e87c8b87f05a94bb49

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/zepto-1.1.3.min.js (deleted)

MD5 54c9c5d40126e729d3eb1db81420c3d2
SHA1 cbee54076e1f1dce5f418d62e13cd12500a6ff2f
SHA256 9cfb903afa8a5c82d8f8f96369229337a2be8c1c980dd908168b7555f69a2e31
SHA512 ed72c4274d3d029e7334907f40d368feb3060c062823a182cdb84158b6936c8d7bf6bf8fedcec889c67a3641a658a79da6be5e11d7bea653bbdd6f5ca51cfa68

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/oe96d425_5db62421912d5f53dde6ed1c2f6cdce1c0346d58_v21_phone.jpeg (deleted)

MD5 989c00b200da5da948c2b0b34aa479aa
SHA1 5db62421912d5f53dde6ed1c2f6cdce1c0346d58
SHA256 ed0f69f37fb0e90ac5ada65c2546531515c3494e7423278343f228924a402a49
SHA512 0bfa89d9107d0052205989de23757f661217d15a51dfdd16a64abbd6e3c17a7c6323added038fdc7f2273075d98767adf04015a76edaa0210275bd499c74c297

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_off.png (deleted)

MD5 d9a4fb40256f67255242c0f41a0d3de3
SHA1 1c99e725cebba2c3f5808d5e00c73af58f0790bb
SHA256 a7e16ed6d339c6a85870e5c18952f839d61dbd93d47dbbb49e7f7f9124cd0d2b
SHA512 a09d5d878cbf2f58ce256814b9d19d9122858609035b2c15e19e2da8171e36d0ffff4b33420d4d27233200b430307f1fa42459889b52f66e4282af8a84edb8fa

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/sound_on.png (deleted)

MD5 74485ec832d65f19b05f5027220df53b
SHA1 49116a6b85bec84512241c9dc6e511ce10bdb7b9
SHA256 7a89be15d3a268c6820f385ac6d4585bf04b45e2fdff37948b2a73afa34c1268
SHA512 9acf56fe90a687ae653ab5014aacaeb7ad6f76982271df5f63e536a358f3f53b63f7e865fd8180bee96980cbfd4ba9b07b81977f86c9b9d0b41ca1dac0556657

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/jquery-1.9.1.min.js (deleted)

MD5 397754ba49e9e0cf4e7c190da78dda05
SHA1 ae49e56999d82802727455f0ba83b63acd90a22b
SHA256 c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
SHA512 8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358684111_392x696.jpg (deleted)

MD5 7d84256c8f0feae5324641c23aedf033
SHA1 196c822f8f11dc736ae7c930b221214129ddcbea
SHA256 955a4320b4b9594969b785d20a48c743dbd3de668d440cbe46011d0163672f01
SHA512 897ff3f92e41283694e24e5a61feea8e8c0506f6830bd08d3e479bfaee8cdb40190e3dc4fb450dff9728de39ad1b2ed739daa99fce044a5cc6dd059577f432da

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358686556_300x300.jpg (deleted)

MD5 3bfbab587c120f9ee8677eb062528982
SHA1 0fd42323a18a423e4645899595151334997ed342
SHA256 fd3cbe0d8b37bf1a071484d28e32c6f809609f962d206069defcde3c1b1355e1
SHA512 4f65e45d11556cbdc1d0d61c060369c85dc94c4c8460c03b194c4e2ad3426da0105dcfb404d780d8611f9b225cb29c6b21a01e1d2e85526428bf8fb5d0c8a503

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358685529_392x696.jpg (deleted)

MD5 bf75039fd9a68f1f44f73267f71c47c8
SHA1 aa7e014fbf639d45ddb016afa411ba8d9aa6e114
SHA256 c4bb7c6ae138b061759057004a0dd9a0d32d4c8f8f791ec14cb2b769fd62776a
SHA512 60ea20169d1a22cc934cbdc51ba57b32d88f23c977132deaa3bcabddefd71d5e285b64ff35d2be555a742bb020f6729f341fac600592768a015b4606a21b2e6d

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/1646358685987_392x696.jpg (deleted)

MD5 3bcbbb35f4bbd239fb7e9c6bc35e5ff0
SHA1 673bb5ac51de607baf202d8a832e4e4088773bbd
SHA256 49ef6ddeec78e6c9bfb48817602c51d4ceaaff62027ae50c3d05b09d91ca8133
SHA512 ae5d17265f966eee99f98ead5f878014f26176dfdf1ba5019849bb4021a351db15dbdf03384f54e6bcf8269ce8cee72eea66dbb6db9e765c31417c29129a072c

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/Star_Sprite.png (deleted)

MD5 3e9f8ed7d7f351092ee72888492b2176
SHA1 d2e24bf5118c4aca3fae31e68b2bcbac129965f5
SHA256 f357811e4ab12919588c788fdde0eab340469045bc604914868e76dc15fcfd7d
SHA512 678eb76d42bc4d696d91edb75060b477c9cc427ab50afe1ec7b19f557b2a05e007e51b757d9abf0091481da1edc41f99d16c715813c8ac8f74222d30a6230afc

/storage/emulated/0/Android/data/com.appsomniacs.da2/files/al/e531fdc9f69cb5ad503fe38531ee66caada9df5e_v23_phone.mp4 (deleted)

MD5 58651ab60009befd5d3ef3ef156a362e
SHA1 fbea729e936c22a0d93b63ee0e6dd645c3301533
SHA256 699c6b35ae2d4b3034516d4e6cc9142323910cce7e244aa79e8af910787ab89c
SHA512 cad7b26cc1a8a619eaf0d64c6e784cf58274d90f967a06de80c500a9474dc2aa893651dea5f1d527a2f40a1d902726e803166bc84f631a40e4bb9b83b80523bc

Analysis: behavioral3

Detonation Overview

Submitted

2024-05-23 09:26

Reported

2024-05-23 09:27

Platform

android-33-x64-arm64-20240514-en

Max time network

8s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.204.68:443 udp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A