4995801ec6eb570920a9c9541bfd04ba6828746327423cc4884d5a9cb5d5b2b2

Analysis

max time kernel
179s
max time network
172s
platform
android_x64
resource
android-33-x64-arm64-20240514-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240514-enlocale:en-usos:android-13-x64system
submitted
23/05/2024, 12:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Danak-v0.68-qa.2.apk
Size

8.7MB
MD5

0613b94a057a87b1a2f9ca7df4ffe1af
SHA1

2fbf3c47f31b0f4f61691d49ab8dd8bd499effcd
SHA256

4995801ec6eb570920a9c9541bfd04ba6828746327423cc4884d5a9cb5d5b2b2
SHA512

285d50ee64c444dbc36392f7136d0e4516ab63b10c833c59d390fa842cb772a258ae767efa6d49752ec15f2ae5424cddcaee2f75e1ed496bacd49d2dadc6e079
SSDEEP

196608:mjr+rIzHL9y6nQxncZPuaisclubF5HzmdHy+RHer4CP:S+UTLgsQxnquT4bDcS78CP

Score

8^/10

discovery evasion execution impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 3 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	org.kcis.savadd.child_fa:Metrica
/sbin/su	org.kcis.savadd.child_fa:Metrica
/system/bin/su	org.kcis.savadd.child_fa:Metrica

Loads dropped Dex/Jar 1 TTPs 8 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/system_ext/framework/androidx.window.extensions.jar	4293	org.kcis.savadd.child_fa
/system_ext/framework/androidx.window.extensions.jar	4293	org.kcis.savadd.child_fa
/system_ext/framework/androidx.window.sidecar.jar	4293	org.kcis.savadd.child_fa
/system_ext/framework/androidx.window.sidecar.jar	4293	org.kcis.savadd.child_fa
/system_ext/framework/androidx.window.extensions.jar	4377	org.kcis.savadd.child_fa:Metrica
/system_ext/framework/androidx.window.extensions.jar	4377	org.kcis.savadd.child_fa:Metrica
/system_ext/framework/androidx.window.sidecar.jar	4377	org.kcis.savadd.child_fa:Metrica
/system_ext/framework/androidx.window.sidecar.jar	4377	org.kcis.savadd.child_fa:Metrica

Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs

Application may abuse the framework's foreground service to continue running in the foreground.

evasion persistence

Foreground Persistence

T1541

description	ioc	Process
Framework service call	android.app.IActivityManager.setServiceForeground	org.kcis.savadd.child_fa

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	org.kcis.savadd.child_fa

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	org.kcis.savadd.child_fa

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 2 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	org.kcis.savadd.child_fa:Metrica
Framework service call	android.app.job.IJobScheduler.schedule	org.kcis.savadd.child_fa

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	org.kcis.savadd.child_fa:Metrica

org.kcis.savadd.child_fa
1⤵
- Loads dropped Dex/Jar
- Makes use of the framework's foreground persistence service
- Acquires the wake lock
- Checks if the internet connection is available
- Schedules tasks to execute at a specified time
PID:4293

org.kcis.savadd.child_fa:Metrica
1⤵
- Checks if the Android device is rooted.
- Loads dropped Dex/Jar
- Schedules tasks to execute at a specified time
- Uses Crypto APIs (Might try to encrypt user data)
PID:4377

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Foreground Persistence

T1541

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Foreground Persistence

T1541

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb

Filesize
96KB

MD5
f43c62f483271bf9774d3cb5e61a5869

SHA1
58a8aa9c3c6352bde9c550916bbc8f10c3f39f78

SHA256
1195a77507e8befe1e5761d4c56e56de0aa03072b5908d027849ae720a20a053

SHA512
5e93252af38e48664519962cd748f4961d789ea0d65f33fbb1225e496f34c21842899bd7a853e18b35bdb05b3905d576a2babafe8cc1e8bc4e79e1df91e65845

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb-journal

Filesize
12KB

MD5
f885de8a5e7ab090d88410b8d7202612

SHA1
50a70bbd67d0dff741d8b71a1f431499c131442b

SHA256
db3e97f5ac023151869013ac91322fc08ae728ae210dbc5c53a593f97e5f071d

SHA512
6ccdddef6fb76741ed0f5a3c831c92f67c2510d1ae2fd43f01e1a5109480a768469275d5ed178841b4c5050605fc0a3e28774706416097daed1664bcbc3824b5

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
10915bbc6b69fcc1c73f354a4543ee63

SHA1
f1b6faf89022c7116d91f98b507bef3c302da61c

SHA256
626167648d04d7eb0c53e5916a974dda53d9266c792f3bf8bf9e59ed3c6b33ad

SHA512
895654d62c6623b4e9f9dfb9d64d3404a2475d2780ef3f66fb93a1e2c4595e19542fa61b6335db990dd32efcd7a69d13d1e39eb908996833759eebc7300a7fd5

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
b6e204905ef3f3eccac4f7d75490826b

SHA1
1ef77163fd6b2de3e670f9ac3f5526e5b891e688

SHA256
285bf9c7c0cbb08c6e04097208c9c01bc1656f8c5a412ea7040a0ce3c21be429

SHA512
5102fce2e76dd02cd75d23f2c8daf2efbb41b0f692fb994b15b8a7cfda1f632633d0ad4a21773dea7860031d3679f0c45902d06adf2e6df58f393d8370064de9

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
3f69c41d48041144b0f5aa87fc7db318

SHA1
611e82dc8c0fc54aa76aee6c5e795b798f65ae85

SHA256
cc45e4a8b2c783de97c1fe801673b74cb6e78de3acc28d732708ba7e37531d36

SHA512
f050fe1dad78264bc9d437080db38eb40f610007dcf2aa936859b4ba74ebaa2c5486054a217b076ea910f26f0d04a10c01ed55098abba54964ec0e70c629b6af

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/androidx.work.workdb-wal

Filesize
301KB

MD5
122391d6b081f1e91b39ea05f066c4aa

SHA1
5d603e93fd3c0f1060a1c78ec64f9e92ff944166

SHA256
91834bd9034c8f027ff970a20cff49813d3ffca15052b1aea4335d7f2ab8e2d6

SHA512
3fd0d6df8fbae8fd640074a118f7a4de4b51b08d6412fa6b6d933ebb9f69138f0b957d21e53844ab63b7c2e4c2b8c1b20ec6128715615dd16c8309273f43f4dc

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/certificate.p12

Filesize
5KB

MD5
47a96a666880a59e20660722eba76efd

SHA1
0eaad8f1f404b4ebfd41794b03e0a6792d3015ef

SHA256
37fff08859b0a44196bfc014885d23b0b43237367280b0cba4583a19568eff51

SHA512
ce27e78d3d0e2407b69452f2e42c00a48c33ac8d98fd7c48e6a1f0dd89d23fc27b7f5bae84934e0b8a1ebbaacafc0229e1361f4e4c5b1e22288ede773b86685a

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa-journal

Filesize
410KB

MD5
e5fb529f2776d64404a0a42198df2b45

SHA1
30dd1404ebdf2447d9023b32beb97f66bf2b5337

SHA256
765f9096431f7d85857554d779d6e68603da741949bbb4717a3629ba4a972892

SHA512
088a53dc7b672db8958eb3694006bc4dffa74faff4cb582fd499776ab104518090b6254fb2bee0426f356f35e265d8800f015902280c59da4710a5f4ac6f3159

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa-journal

Filesize
32KB

MD5
f4f79745c0d63df770226c3a9ec2da74

SHA1
bf3a1c48052662aec515c514f323e413a2f0e994

SHA256
f7fbbbd647576934276d034a4a4630fda6d354a610a54cb83487fb518571f5ad

SHA512
104424b184fd12e6ef58a61869ef0431ef70f01955020b76350d40c7be1e20744deac0f3d5489b65e60f438676a74a9450ae236f6c6f67ff4d9426fa2ce82a44

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa-journal

Filesize
64KB

MD5
ce91b437b4ed0141b711b284db1ba67c

SHA1
06ccfa1cb3753e7e913cb2effa52f502922f7a91

SHA256
fb3f52fad038040d71c7218d83bae7e3282687da14c3f83acf7381f57cda541d

SHA512
3ac48c7d7a2758504fce9dd7a6cf6212df1d27e22b246147da22f344eb30e8e195c4a42191c178625fedffa7129f726e727bbe8c2f6b475387789ad175f0f687

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180

Filesize
36KB

MD5
b19e44eecd4e5f902fa1c1a0b3d860bc

SHA1
150cbc1a5dd2978d350929b2c627d3c26d60a59f

SHA256
7ecef2025ad8b0eede0dc8dc81dfda11b4e0b311ef27a53c716d9e6d54892765

SHA512
dfed8e2ce435daa62d9a32f825089820e1c99990626237b0eddbec32ec95389048e544deff2046504b89b9b099ea02bd6c8a51a634bebbf8181ddae629e3b399

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
20KB

MD5
87dcb5c309f627479beac22cacf1c7fb

SHA1
4015240a36fb08c76cce07bfbb7b4a319ba5fc2b

SHA256
7414e733c3f3e5949eca546f3d50cc0015c1e1c5479ddefcb205c5dd35b80081

SHA512
79acc6184009c31e5a2f1f69297d5cf33cb67e806e2b357a8645d66b217a4f28094b5ed15ed30cc7724387906c9caef0a422746b2cea5057cf2f918514839fc6

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
20KB

MD5
dede9d81a37f3ba5e47093419ec03a46

SHA1
3ecd77710492ab0af40dbd9a323cb8224833c01a

SHA256
68dd5353eedc6fd55a3cc92c2888a07d3399e0a60df79c7a1c189fa13b392295

SHA512
c08b62a932d8b3a55485df257aeb41a406cc7beb5baf1ba12df91c8a1ee9af465a05f59c64e04e9cf393aa3da8e29a800fdf004f0782283428c1b13e6db579a3

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
8KB

MD5
ff385900d0ee3704904f12d4a2f3b4cf

SHA1
7ec47f3deb28d1a677028191ac7fb645721e9ecb

SHA256
0a9777e8b8f130d73140529b178302e29e692bac897935f649fd27bda3e5aba3

SHA512
511ce09bf3e5324c655edd98325e2ccc37c4c1334ce4f57466093816891c2879ea7647666d4ce36a5a749a89c853f6966087f3549c8a0033d423afce47f7b57d

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
d4602082976949e2dfc979c4d6f54758

SHA1
e95d284add53b67b38b07c999386aa68ccb10de1

SHA256
89e2a82f7365b3b98a78042e6475670b7929d530cf0dda089fec4de56ea0e4af

SHA512
81c287a76a3cf967d0f4bc4f9cb48c046f0d68c369646ab5094bd3bc26dbb95bda1596d1f3c160be2edf9ca059e56b792d632ddff40c205a5f2c246ff850a475

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
63f701aed43bef294d38e450548e178d

SHA1
80f0509a8997c082e084fbbb6e0f325c44f16665

SHA256
2a293dcd29920993c48a4f1e7592f37e1a30b9e76680fc9c37733fbe4b80a32f

SHA512
15fd7edf1744ff451a04a80e0643f35003493e3903e317f2870a6fc4ff015595d72b611f0637d820e81e536709a4fe784945ec44effe3546ccd66ab4b45a05c1

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/db_metrica_org.kcis.savadd.child_fa_20799a27-fa80-4b36-b2db-0f8141f24180-journal

Filesize
12KB

MD5
9f6b0cc163c65365230580c969d8e7b8

SHA1
38572de9f7cd81e3205006b27da4aee7b06a4306

SHA256
7e19a7da3edcfec63483210d3bab4c2b840f03770998ae0c29b01a907c7ff31d

SHA512
aa584d897bbae725b3530e63671e76914ccaefac66369429dc675681d96b64e494e17c046d1854b743a9112e5dee9d0f75429d3460862be66dfa397c76166374

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_aip.db

Filesize
20KB

MD5
874a2a9dccdf932802cd6e3a688c4276

SHA1
7c62bcb5402552a967d62b4533359ef3f65d7ede

SHA256
e78f05168c63d6069dec73e9ed1b05ca32430c9c2185fb424ed4f598315a7370

SHA512
49e80a44a20a46e74af602fcf3c69e09eea6a53245ecb20911a23d8e9f59852d06ea3f1aec1ba8bf45d522443efbd3b3caadb2cbe4af5d2c8a60655a014aa616

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_aip.db-journal

Filesize
4KB

MD5
0eb157e1a86d4d00aa601dd2f6ff3ee3

SHA1
fee434f784e73cc7916322e949f727caf8363102

SHA256
b9a8194b71a046e8c0eb30995827b582b4bea834f630a5df2483b778a7d7d8a4

SHA512
b9b79b8c3af8a3f140df230fd89e95206358ba50ff214e7323a2dbbe2937b795f970e588302ffd5d721318bd597ce0a27af26d6cdb07f45569c30209845082a8

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_aip.db-journal

Filesize
8KB

MD5
d980661ae5071cdbe84eb7530ef3d7a8

SHA1
5272ea81fa22ee056cae73a48b4778b7c08c0b74

SHA256
7ffd0f0f1c06a90c5b51729830da68402bef92e9b69ccad376a0af94d031a6e8

SHA512
9cabc345ae70fa153d07ec3d9bfd3af48676ff0279b3c393e8a86946a4d6f8f9411c2006c3e94e934f7fa9c0ef4b91c60b145a4be3a61e3109d14877b5fd8c35

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_aip.db-journal

Filesize
16KB

MD5
b589425ff2ad4e168637d40380fb462b

SHA1
ea6bd257a4ccf2bcffc266fd26cdf6f3471c9c08

SHA256
70a6f2c83c7471ea404248628214cc044e6b303407c4420a40d369c0dc92d08f

SHA512
62cb2fcd303a0aad68e500cc1bd4aaccfbd4fb845741cca8b8e35397d2f51e98712324cbbead10697af3a73cbda1fe48b79a7cf8ce92821ff4728e3f576d6406

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
293d81f4e3693827349187ba7f0746bb

SHA1
880c571293006901ab476934e84b7fd79b568919

SHA256
8de018f95490f90ebf79d1f00cf786e2d3c0f5914f4316f915050e793c064b1c

SHA512
837639053c80d293d98a2075c8c43f8e3c9c7bc8a1b38252fee5b2e067f21fe22154dd48fbdc971d19036491e764962f51517ce7dac78a18b8838e6965aa0734

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
56cc6204833f426a93ed77a5c9b43e55

SHA1
13b882b8f92287657ab1d2b83a84689449f40c44

SHA256
74b4c87cd752d21bf6717122cbc0f82e3f600d800009b8a5a802d9dc96490afd

SHA512
8ba5f8d9a768f850678dd6aff477df64b5c234fcda3a8bbb9404dd0a437c808e0fab0e774adcc0ca2d24ee5b4dfb684a3bfd59ad29cdb7c8cd2d46f35641dcd3

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
148e0674908246f5797af9601909ae71

SHA1
5d5735aa1bea8b392f07351d9fceaec7ab163d4c

SHA256
b474e32212290968d7e3368d8fbf28349bf8cd4e76aaeca076d4cc89c130898c

SHA512
7676ed6cd6f16b96d21c8e46a5cf6d3157e12a3f48e55366da06f0159202c0290fea3a92bbfd0d2fac7d22f8bce5fb0f21c5aec6e72ddbfc97af1bed201e2c7e

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
81ec25a41ee68c256f4bf2042cdf2075

SHA1
7b8ba8b898b2dc8515efdc476351040b81e2eff8

SHA256
02af6d8fae376a6d686ed25f63fee656a2f9a33b83c61b4dcf41922ffe37255c

SHA512
643299f9238c45d60841f3b400c24f3c4f4ee06a858090c41a9dcffec6ff855a669b8625efc03db6984db30afad872294721be4b80c1dd70f453e18e24bf0130

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db

Filesize
20KB

MD5
7b7535f785ce8e4f26228cce0e53206f

SHA1
ba94ed7f80dbc3226f9d9985cb9fe26a6b8182fa

SHA256
39340de3150261189bff4a4217efcd9c627ea81a83c570b4e1aec3ab5b8feb92

SHA512
ff6a117a5bfeb9650a020ce61d43502a5589b83f774139af2d3bd687a597efb6e0440cb0dfac28690a889a3bca963648814e90ed3763642e88d1792068883809

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
7f93ed22110d8c3e3cf550f4134dc224

SHA1
7a294bace8c1a77b84c5ffa5149e49fc2b132764

SHA256
0d3872a08ae6727390b83a7d72ec3e1d9c2a36c5582f9ebff59544181b463810

SHA512
8b219afef79a674250b6bedd90cdf25b3bce75bf6eebc07d0bba6b12415601e5083e9060e5c51ea5064ed2830f3e28c4765ad762e1b4cf149fb40bcc7f6be2c5

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
36KB

MD5
0efa847c959da505740d6008786c6cea

SHA1
eaf5d6b8d6f51397da610a34880ed3d8a883e4a3

SHA256
6a24e0cedf98bd74d290cd69b62e60d129e31b359d9cc09cefd11814185962fc

SHA512
bbc69c62a70fca2765a1b97e64cbb0853d05d8b1b7bcdc73ecc6073d6d9dc9049938d104f868d5d96e69881004c1add4d6797770a9048bdfb5d0b7950346826b

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
44KB

MD5
5c9460a6f2eb6b9d072c719678ec33db

SHA1
52dd5c921d2a3e9e145e41550742152052a0ad68

SHA256
636d93c38499e3593374f35b3e601f1412ad915df60c754c031a2cbbb6f60da0

SHA512
38b7f0f05eaf4993289aa203b5b712b29c27266e70794c8ea81cb3a1e422dd0c0078007956a70a4fec635551a055a437be9a9162ed9ae3cbc3db8a56f8a193e4

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
94ec4b95b5d408df55535427911158a5

SHA1
bc4245167e9f1f7ac5b2ce4d05f45e965691a63a

SHA256
e3fc7dff66a5c55fe66e35637057c4cb805530eaf47e47c627a0d156bc6cc729

SHA512
69a4940e151a8d5f1b8e34c451aa4a223fec40db985aca517937d845f8560017b853fb7d79dc880b7f00c014a97e167540a615b2d163ecc2cf54c485c77dfe35

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
43c925f97d2a06133094bc87407bc133

SHA1
90ea82341722a66746cc0c58effab03e9e15f47c

SHA256
77add72c8b36641d1ef0f29e4dc55db867d59d2eb1046f7381f7071e4fbe4490

SHA512
4b89253612856fad51fd81a56fc292daa69517246e7bd224f75a302d599459f1061cdbc2c49310527317b7c33bb81f0b9611f2e57b3bf042454d7eccef7afcb3

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
d5f029e8111e762a6d564bb776208924

SHA1
a8f23c63ca9942d3acdd7970b314e832b95251a5

SHA256
d8c42d324123064dff4b98a6452cf377f495f237f2e3567ebcfe70e95365a41a

SHA512
ce33acd96bfaf540484b0e3a91d4e38ad926137861500f910df948f6ac909251711822299988cb9efa78c293c5eaf47702e774b424470bd7c5d5aff93cc8a5fd

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
8KB

MD5
b45d44d0b1b6ceb38493cf0441adde11

SHA1
ebb2873052f23bea833cdbecbe26ce36b31a627a

SHA256
82220c1a41ddf9ce20ff0a16412b7d8e2bf5a9536126f1c34963d4b92a469dd8

SHA512
67645f134a8f41af24a203c589f213f6c4f10240f103f8fe5494b151553e99669c8beb1db25ac31dd85e082835588ab1e42a01373d43c4a85cbd52aa29b21712

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/metrica_client_data.db-journal

Filesize
12KB

MD5
5579681f35e4837fb0f521a58fd4740e

SHA1
500aa6e26f6f4ce738d57adda2496d27c9360152

SHA256
4ba4a37fe054c33e80f8a4694116f0d28d735425b0838968f13107a32f181883

SHA512
06bbfc1cb7a0d91407232b97bf2caac9bf39b6fd8225b3c9ff1d0d453957e3603ab4b77b22d684ab80aa141deb06d0177185c0428b6ce8d9f4607a9da3631eee

Download Submit
/data/data/org.kcis.savadd.child_fa/no_backup/uuid.dat

Filesize
8KB

MD5
04177dc34e57ff201633c943be019979

SHA1
0d1d029dd90b9c7568c3ade84e6dad439d1c9173

SHA256
c53f89c6fd08b2d04d96085b07b3840352abc061684de54572e0d0fe4fbacd12

SHA512
cba8ad198bd86c61d650968422c77d2c4af8276246d5df20d9e0d934b5541e7a60e6ac4cdaacf44b0ae69745ee78d643bac0d2de0aafb8b1eae515f2a4ec46d8

Download Submit
/system_ext/framework/androidx.window.extensions.jar

Filesize
123KB

MD5
3056e1bdb7d4e19789d0319eff484bd0

SHA1
6791ae47aa9466fe0bca27ad6643f846853bbee4

SHA256
8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

SHA512
c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

Download Submit
/system_ext/framework/androidx.window.sidecar.jar

Filesize
25KB

MD5
29469324e59dfcc052f24b5af4e7b2c4

SHA1
10c1e17ac6f598037bb51baa07945663645de4eb

SHA256
9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

SHA512
5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads