6a1e18b3e89f839ad328390d9d5b7098f6bae8d9655cbf0bcef6e78f062e1ba9

Analysis

max time kernel
179s
max time network
186s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
23/05/2024, 15:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6b75dc28c2b41397a37440c3cde3af5c_JaffaCakes118.apk
Size

24.3MB
MD5

6b75dc28c2b41397a37440c3cde3af5c
SHA1

aa179bfa7f5948fdf0ffaff4ab54b551f62a084c
SHA256

6a1e18b3e89f839ad328390d9d5b7098f6bae8d9655cbf0bcef6e78f062e1ba9
SHA512

25400588711d84e65a9f21aa15976839f7215ab3c4a2777fc8cb8ded4dd219d761266abb4a3a7db97b3630675c986f0e3e1312f53575e5f0a5ea79362a720d37
SSDEEP

786432:PiqWTt+RHkaE6qCASb7ZtugnJXBJt/cTf+:Pa+9/xaKCgn/++

Score

8^/10

collection discovery evasion impact persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 4 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/system/app/Superuser.apk	com.ymcx.mastermarket
/sbin/su	/system/bin/sh -c type su
/system/app/Superuser.apk	com.ymcx.mastermarket:mult
/sbin/su	/system/bin/sh -c type su

Requests cell location 1 TTPs 4 IoCs

Uses Android APIs to to get current cell information.

collection discovery

Location Tracking

T1430

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.ymcx.mastermarket
Framework service call	com.android.internal.telephony.ITelephony.getAllCellInfo	com.ymcx.mastermarket:mult
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.ymcx.mastermarket
Framework service call	com.android.internal.telephony.ITelephony.getCellLocation	com.ymcx.mastermarket:mult

Checks CPU information 2 TTPs 2 IoCs

Checks CPU information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.ymcx.mastermarket
File opened for read	/proc/cpuinfo	com.ymcx.mastermarket:mult

Checks memory information 2 TTPs 2 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.ymcx.mastermarket
File opened for read	/proc/meminfo	com.ymcx.mastermarket:mult

Loads dropped Dex/Jar 1 TTPs 5 IoCs

Runs executable file dropped to the device during analysis.

evasion

Download New Code at Runtime

T1407

ioc	pid	Process
/data/data/com.ymcx.mastermarket/mix.dex	4275	com.ymcx.mastermarket
/data/data/com.ymcx.mastermarket/mix.dex	4275	com.ymcx.mastermarket
/data/data/com.ymcx.mastermarket/mix.dex	4389	com.ymcx.mastermarket:mult
/data/data/com.ymcx.mastermarket/mix.dex	4498	/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ymcx.mastermarket/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/com.ymcx.mastermarket/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
/data/data/com.ymcx.mastermarket/mix.dex	4389	com.ymcx.mastermarket:mult

Queries information about running processes on the device 1 TTPs 2 IoCs

Application may abuse the framework's APIs to collect information about running processes on the device.

discovery

Process Discovery

T1424

description	ioc	Process
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ymcx.mastermarket:mult
Framework service call	android.app.IActivityManager.getRunningAppProcesses	com.ymcx.mastermarket

Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.wifi.IWifiManager.getScanResults	com.ymcx.mastermarket

Queries the mobile country code (MCC) 1 TTPs 2 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ymcx.mastermarket
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.ymcx.mastermarket:mult

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 2 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.ymcx.mastermarket
Framework service call	android.app.IActivityManager.registerReceiver	com.ymcx.mastermarket:mult

Checks if the internet connection is available 1 TTPs 2 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ymcx.mastermarket
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.ymcx.mastermarket:mult

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 2 IoCs

impact

Data Encrypted for Impact

T1471

description	ioc	Process
Framework API call	javax.crypto.Cipher.doFinal	com.ymcx.mastermarket
Framework API call	javax.crypto.Cipher.doFinal	com.ymcx.mastermarket:mult

com.ymcx.mastermarket
1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries information about the current nearby Wi-Fi networks
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4275
- logcat -d -v threadtime
  2⤵
  PID:4522
- /system/bin/sh -c getprop ro.miui.ui.version.name
  2⤵
  PID:4563
- getprop ro.miui.ui.version.name
  2⤵
  PID:4563
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:4614
- getprop ro.build.version.emui
  2⤵
  PID:4614
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:4660
- getprop ro.lenovo.series
  2⤵
  PID:4660
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:4732
- getprop ro.build.nubia.rom.name
  2⤵
  PID:4732
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:4795
- getprop ro.meizu.product.model
  2⤵
  PID:4795
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:4855
- getprop ro.build.version.opporom
  2⤵
  PID:4855
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:4909
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:4909
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:4961
- getprop ro.aa.romver
  2⤵
  PID:4961
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:5011
- getprop ro.lewa.version
  2⤵
  PID:5011
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:5060
- getprop ro.gn.gnromvernumber
  2⤵
  PID:5060
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5115
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5115
- /system/bin/sh -c getprop ro.build.fingerprint
  2⤵
  PID:5166
- getprop ro.build.fingerprint
  2⤵
  PID:5166
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:5214
- getprop ro.build.rom.id
  2⤵
  PID:5214
- /system/bin/sh -c type su
  2⤵
  - Checks if the Android device is rooted.
  PID:5262

com.ymcx.mastermarket:mult
1⤵
- Checks if the Android device is rooted.
- Requests cell location
- Checks CPU information
- Checks memory information
- Loads dropped Dex/Jar
- Queries information about running processes on the device
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Uses Crypto APIs (Might try to encrypt user data)
PID:4389
- sh -c getprop ro.yunos.version
  2⤵
  PID:4473
- getprop ro.yunos.version
  2⤵
  PID:4473
- /system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.ymcx.mastermarket/mix.dex --output-vdex-fd=57 --oat-fd=58 --oat-location=/data/data/com.ymcx.mastermarket/oat/x86/mix.odex --compiler-filter=quicken --class-loader-context=&
  2⤵
  - Loads dropped Dex/Jar
  PID:4498
- logcat -d -v threadtime
  2⤵
  PID:4778
- /system/bin/sh -c getprop ro.miui.ui.version.name
  2⤵
  PID:4831
- getprop ro.miui.ui.version.name
  2⤵
  PID:4831
- /system/bin/sh -c getprop ro.build.version.emui
  2⤵
  PID:4888
- getprop ro.build.version.emui
  2⤵
  PID:4888
- /system/bin/sh -c getprop ro.lenovo.series
  2⤵
  PID:4942
- getprop ro.lenovo.series
  2⤵
  PID:4942
- /system/bin/sh -c getprop ro.build.nubia.rom.name
  2⤵
  PID:4992
- getprop ro.build.nubia.rom.name
  2⤵
  PID:4992
- /system/bin/sh -c getprop ro.meizu.product.model
  2⤵
  PID:5042
- getprop ro.meizu.product.model
  2⤵
  PID:5042
- /system/bin/sh -c getprop ro.build.version.opporom
  2⤵
  PID:5097
- getprop ro.build.version.opporom
  2⤵
  PID:5097
- /system/bin/sh -c getprop ro.vivo.os.build.display.id
  2⤵
  PID:5147
- getprop ro.vivo.os.build.display.id
  2⤵
  PID:5147
- /system/bin/sh -c getprop ro.aa.romver
  2⤵
  PID:5196
- getprop ro.aa.romver
  2⤵
  PID:5196
- /system/bin/sh -c getprop ro.lewa.version
  2⤵
  PID:5244
- getprop ro.lewa.version
  2⤵
  PID:5244
- /system/bin/sh -c getprop ro.gn.gnromvernumber
  2⤵
  PID:5287
- getprop ro.gn.gnromvernumber
  2⤵
  PID:5287
- /system/bin/sh -c getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5312
- getprop ro.build.tyd.kbstyle_version
  2⤵
  PID:5312
- /system/bin/sh -c getprop ro.build.fingerprint
  2⤵
  PID:5341
- getprop ro.build.fingerprint
  2⤵
  PID:5341
- /system/bin/sh -c getprop ro.build.rom.id
  2⤵
  PID:5365
- getprop ro.build.rom.id
  2⤵
  PID:5365
- /system/bin/sh -c type su
  2⤵
  - Checks if the Android device is rooted.
  PID:5389

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Location Tracking

T1430

Process Discovery

T1424

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Location Tracking

T1430

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

T1471

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.ymcx.mastermarket/databases/bugly_db_legu

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.ymcx.mastermarket/databases/bugly_db_legu-journal

Filesize
301KB

MD5
346bbb56efa697356c03c910f3a75844

SHA1
609150ad750811d09724d80eed3962870474f436

SHA256
4e4b1d42fe740aa6bc708e0e63ed91b77ccb6f25ac8fd7b1eb98f6ad54d68e3b

SHA512
df442fa4319592d024f3b5122bd93b2cd8c8716e220e93bfd986472f3ec4722427424410c76f91f7c5fb730d26f64a2705e4f9147aa9a399636dbb2a43aa343a

Download Submit
/data/data/com.ymcx.mastermarket/databases/bugly_db_legu-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.ymcx.mastermarket/databases/bugly_db_legu-wal

Filesize
213KB

MD5
baf541f92807e7870babad11c7ba81da

SHA1
d3b22a2bb6560ef0abf83a8172f87ceea29ecc35

SHA256
dcd8480333158e5e3f6cd43bd3235b62811c458b9b44678a9a2cff22714a99a3

SHA512
8ef5db54620542750f2384371571e215cdcff48335e43d48bfaefe65626cc3cdffef9bc0af859b98c6285ae116d00e6369edc1f9341b18138ad86a4bacf768d7

Download Submit
/data/data/com.ymcx.mastermarket/files/config.json

Filesize
34B

MD5
12a17c8204ffc7769870e89140427ea0

SHA1
ab0bee8bde0d97d7afe5ee509b8ed2df8e6fb7e9

SHA256
f31e7cfde5dfd4b332557701b2ccd7da6b0603b1d95216e46bb917acd2412187

SHA512
56a6b89ba210c0cb8aab599cf11c87e8a36db4d028edca2afde67042f9efb4bd04d1e1195ee8c26cc92b8abb53403ebe90b0ffeef742354a17b74bc86743f7c1

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database0SaaS/1716479692932_4275

Filesize
2KB

MD5
833c3dc40805202af42057f279719a7e

SHA1
f987bb81e675e01f1c8f6a752792d96130d88e41

SHA256
7db607c0b5cf13fa0f72990c7a4c0a6c743fdaa013cfaadb9f4352194f676fec

SHA512
31840d8435854dd3ab1eb6a1a9c05d99b13070bb1cb7f39fe00b570b0d552e9ef28aae7b90816e44bc39fc924400058235a631de9ddd63b3c6919174b56593c0

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database0SaaS/1716479693769_4275

Filesize
2KB

MD5
6b95c005cb832ea184c059a7aa5743ae

SHA1
88cc579b5dd01ce3609909b204e6913ba3427c0b

SHA256
8a746819396c5b0aaa928705cdb71a7b55bbb6fad82a421182e9dfd051719b79

SHA512
21d388a2f6c073be345dfb430e41c9916550de063b7424ee74bbb30e51c97e6e686366f1795e566ff7816838fe6f4bc8e066f4aa17368e9aaa1cd1a63b5c7533

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479692403_4275

Filesize
3KB

MD5
504ca857746c8e27d83010752107487b

SHA1
75c744a1fb8f219a9afe5a5a7e2183fdd0ee862b

SHA256
fa4abfa57fb70f428650b71c50f9fbf96214d377b56701f182c96ed195b6409c

SHA512
726088fa13681bce62ad1d951badc8177e55737c3bd305e2e3105b5da7d49ef4bfb82ed873822dc56c7143443a3dd40f8c087577a7a5c7f58b43ebf0d96b5228

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479692645_4275

Filesize
3KB

MD5
f4f7dbaaa9bbd59de0a5fd0f16abd317

SHA1
6db815b7cc6a7bcef040c24a8c46fce9320dca1a

SHA256
b85590a240b249229e71288415bb66dfd7a87349c63c322c7121ff8bff99c424

SHA512
7b6ac82cd570e4a39f7c11c301f6fc56ad078ad8a14f3a61c34e307c62b86c3f242a55e118282fe4301611585480e9899b2695de85dd014bfb92df0d7dc0bebf

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479692774_4275

Filesize
2KB

MD5
9746a6be001831de420df20c11c3d139

SHA1
8fdf0b3d0bde825578430e094fc8a0ea7b1d3e8b

SHA256
d13e78c6272c46ea5afaf44a84ee0f4cd1df2df00d0570a743a347708be5b8b7

SHA512
30f0791ce18a219a75b8d774b335fe36771dee2ef6837160444104ebe9805a994936c95022fe79bf811975ee8c69b468842a56407c859f327d1ef8537548f054

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479693141_4275

Filesize
4KB

MD5
e2130b1801cd603ec8ff4251a288e3f6

SHA1
cd96938e8e1684c8cf0d842b125549d3959203eb

SHA256
fb46c731ae966244fb272db7d8ffcf961921d678a61fefcaae62fbdd37b73e79

SHA512
41ced6d0becd5dbe8fd44f8e37d10c46e086e6028b1bf9238dbb4bd7d9e6a0fca8795483adb00b76754d9c06c18ddf3d1cfb362b4d7974f4d0d3b22ab2ad3f14

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479694036_4275

Filesize
2KB

MD5
10e3a71b4a638279e8cde55a75f6f880

SHA1
ef9fcbc2e8f77fcfc12717e1514a760e7c0a5e1c

SHA256
73fbb14711dd2c21553c94265b7e96c80ade8a8bb2bf0c90f90b8e86a074a637

SHA512
371b539f311d2dfa3896be65be527a9442699bfb7c7c1ed2e0eca3b44175fc56d56c450f0abbdca4d50b260ac0486d12a1aac863fb5b37814777ff3bd8a2e39b

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479694266_4275

Filesize
2KB

MD5
33b09a1f89dd6a5966d56da00fbac671

SHA1
de40500d7d9754eb13695b15debd060cfe3ef900

SHA256
79ca64fb62d371a5cbad446b9df21034b11c4b40ceeba8b7c237936cb1532429

SHA512
ef17ca77084c291e2f736b5126e03a11275799f29a352eaa919c48753342f524180da20a6a93f849913e6bfc8bf48c49b2eb0f7fcc1cd45112410799973a9be1

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479697182_4389

Filesize
2KB

MD5
a0dd76e129fda43320e2ce8c5949e88e

SHA1
d1426148d4824004f9489062b8e103178a890a4c

SHA256
ef5287b938da143a8a047c9b6ddf1d97f2312a8432e3d2b6f976ba53ef675dde

SHA512
e48c0819e9d5b271e362fd42bd8a065381d8552d493fe50d1a9cc618f77b054fd41a6fc3e4be4bcf1ce2c454d843fee3e761775d5c6fb4d69eae9652e49dee15

Download Submit
/data/data/com.ymcx.mastermarket/files/td_database2SaaS/1716479752370_4275

Filesize
4KB

MD5
71e2b3d1f65f4f4215fef1aa9bec6ae8

SHA1
fd5794c469b940b39bdb8bb9c699487e65d24141

SHA256
4b0cdd7c2e49cc99372016a3b10ca1498e4d1538896db14da0228fcebe227871

SHA512
8ec1e559633098575d6de49f87cd0350aab7f572b9bed5aadea42e53a8b8b6bcb127fcad52751f8a3138dc3ff501b3e525f4167df8fae7478be305daed94e323

Download Submit
/data/data/com.ymcx.mastermarket/mix.dex

Filesize
292B

MD5
63f77f99bd2c2b772a479923bde11974

SHA1
c7632e7d301e4463fafce85f84e9c3d7da3fdbbe

SHA256
4c76a3af64cdd2f8713ffe2733dea50dbe714d0ca41c17d1847ee5b62a7ca615

SHA512
3aae4a89d1ed51fdd911cb367eb10afe3c2264e4222085891b18a60d5412f85d10bf5c8f3c6642db70abb9aa42732bac5c42c42ee32d587100f53c21b5beb16c

Download Submit
/storage/emulated/0/.tcookieid

Filesize
33B

MD5
9bc01627a620f5b055cf4def56163320

SHA1
03c4e250958020e68f6d7db0fc65a10d9772b09e

SHA256
72e53bfa8e0665dd5d56bc8f3cde281fd218127df6abf1505a95afb20ae35615

SHA512
71385762f49b061cb625b6af1c9a8fe9051ef81b6437689f2619f5fe62f3b9a55ccca48410dcce58eb6c850f8eb3611b1233d39f617e49c17d98aa25a847279b

Download Submit
/storage/emulated/0/Android/data/com.ymcx.mastermarket/1171170504115204#mastermarket/core_log/easemob.log

Filesize
4KB

MD5
b1da71030fb8b599dea321d4f89c04c4

SHA1
fc071fdcde3ed457401a199febf0d2e77347ffd5

SHA256
e0ded4414ca295b4146ec2dfc8eb1307efdf59acd214de84ab18d377f6883e8a

SHA512
8c136f50df02fcccecc34953702a1e5e3cfcd3be9eafb27ba5579ee7714e585920bb82ff9eee7202b78db8ce31e098ecb24dc7ca4dd371523629485dabe05d75

Download Submit
/storage/emulated/0/Android/data/com.ymcx.mastermarket/1171170504115204#mastermarket/core_log/easemob.log

Filesize
4KB

MD5
092d40291f318c25c1bba84554f5195b

SHA1
843a4fc1ef7a5422b8eb6e831f1665027f7a0b94

SHA256
96bb8e3b24e14dc8a35d2e9c23d349ce56df9297d92ff32b90ce9156056c9e93

SHA512
3b6c18341a57cfb5dec75bc716958fe5763d6e4fc6b0fb05f2ff1084d437dd9c2b4a7e28a14613f871a749b8a70fd392400e3cfb4b3c1b4e098bec2418a42661

Download Submit
/storage/emulated/0/data/.push_deviceid

Filesize
32B

MD5
a8fc8baf02f3eff963a83fae58c80378

SHA1
ccca69ae62aba79f5a2a94b849d0a35fdd4a1f3a

SHA256
295ad6bff664bb7f4f4f442e93e07768dd840d1a90b74436e9427011b33f77a6

SHA512
da1011dd64ec8a2b2af08c9f066837d91aea83922fdf9dffd57b6288fd05d7de24aa523694389c763e5695f6b057a1307eac85190b5a03393f2986146e9caa53

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads