Malware Analysis Report

2024-11-16 10:45

Sample ID 240603-ksnwhaag69
Target 912f32d801829ce66702a16d6d4f3f79_JaffaCakes118
SHA256 7a48c377c7bb06b9b0f4f251dcf708e29801ddf6f0edbf129d8abea52f99d182
Tags
discovery evasion impact persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

7a48c377c7bb06b9b0f4f251dcf708e29801ddf6f0edbf129d8abea52f99d182

Threat Level: Likely malicious

The file 912f32d801829ce66702a16d6d4f3f79_JaffaCakes118 was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion impact persistence

Checks if the Android device is rooted.

Checks memory information

Queries the mobile country code (MCC)

Registers a broadcast receiver at runtime (usually for listening for system events)

Checks CPU information

Loads dropped Dex/Jar

Queries information about the current Wi-Fi connection

Checks Android system properties for emulator presence.

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Requests dangerous framework permissions

Checks if the internet connection is available

Uses Crypto APIs (Might try to encrypt user data)

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 08:52

Signatures

Requests dangerous framework permissions

Description Indicator Process Target
Allows an application to write to external storage. android.permission.WRITE_EXTERNAL_STORAGE N/A N/A
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE N/A N/A
Allows an app to access approximate location. android.permission.ACCESS_COARSE_LOCATION N/A N/A
Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS N/A N/A
Allows an application to read from external storage. android.permission.READ_EXTERNAL_STORAGE N/A N/A
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 08:51

Reported

2024-06-03 08:55

Platform

android-x86-arm-20240514-en

Max time kernel

154s

Max time network

158s

Command Line

com.azodus.shologuti.mt

Signatures

Checks if the Android device is rooted.

evasion
Description Indicator Process Target
N/A /sbin/su N/A N/A
N/A /data/local/su N/A N/A
N/A /data/local/bin/su N/A N/A
N/A /data/local/xbin/su N/A N/A

Checks Android system properties for emulator presence.

evasion
Description Indicator Process Target
Accessed system property key: ro.product.model N/A N/A

Checks CPU information

evasion discovery
Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

evasion discovery
Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/data/com.azodus.shologuti.mt/.jiagu/classes.dex N/A N/A
N/A /data/data/com.azodus.shologuti.mt/.jiagu/classes.dex!classes2.dex N/A N/A
N/A /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex N/A N/A
N/A /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex N/A N/A
N/A /data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar N/A N/A
N/A /data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Queries the mobile country code (MCC)

discovery
Description Indicator Process Target
Framework service call com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone N/A N/A

Registers a broadcast receiver at runtime (usually for listening for system events)

persistence
Description Indicator Process Target
Framework service call android.app.IActivityManager.registerReceiver N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Domain associated with commercial stalkerware software, includes indicators from echap.eu.org

Description Indicator Process Target
N/A s.appjiagu.com N/A N/A
N/A alog.umeng.com N/A N/A
N/A b.appjiagu.com N/A N/A

Uses Crypto APIs (Might try to encrypt user data)

impact
Description Indicator Process Target
Framework API call javax.crypto.Cipher.doFinal N/A N/A

Processes

com.azodus.shologuti.mt

chmod 755 /data/data/com.azodus.shologuti.mt/.jiagu/libjiagu.so

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.azodus.shologuti.mt/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&

cat /sys/class/net/wlan0/address

/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar --output-vdex-fd=64 --oat-fd=69 --oat-location=/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/oat/x86/vva.odex --compiler-filter=quicken --class-loader-context=&

sh -c ps

ps

ps daemonsu

Network

Country Destination Domain Proto
GB 142.250.187.195:443 tcp
N/A 224.0.0.251:5353 udp
GB 142.250.178.3:443 tcp
US 1.1.1.1:53 a.dan665.com udp
CN 39.108.120.165:9127 a.dan665.com tcp
GB 216.58.204.78:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 s.appjiagu.com udp
US 1.1.1.1:53 game.62game.com udp
CN 47.107.234.67:8001 game.62game.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
US 1.1.1.1:53 alog.umeng.com udp
CN 223.109.148.179:80 alog.umeng.com tcp
US 104.192.110.60:80 s.appjiagu.com tcp
CN 223.109.148.141:80 alog.umeng.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
CN 39.108.120.165:9127 a.dan665.com tcp
US 1.1.1.1:53 config.uca.cloud.unity3d.com udp
US 1.1.1.1:53 www.google.com udp
GB 216.58.201.100:80 www.google.com tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
CN 223.109.148.178:80 alog.umeng.com tcp
US 34.111.113.40:443 config.uca.cloud.unity3d.com tcp
US 1.1.1.1:53 cdp.cloud.unity3d.com udp
US 34.107.172.168:443 cdp.cloud.unity3d.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.179.232:443 ssl.google-analytics.com tcp
CN 223.109.148.130:80 alog.umeng.com tcp
CN 223.109.148.177:80 alog.umeng.com tcp
US 1.1.1.1:53 b.appjiagu.com udp
GB 216.58.204.78:443 tcp
GB 216.58.201.98:443 tcp
CN 180.163.249.208:80 b.appjiagu.com tcp
CN 106.63.25.33:80 b.appjiagu.com tcp
CN 223.109.148.176:80 alog.umeng.com tcp
US 1.1.1.1:53 alog.umengcloud.com udp
CN 223.109.148.177:80 alog.umengcloud.com tcp
CN 223.109.148.130:80 alog.umengcloud.com tcp
CN 223.109.148.178:80 alog.umengcloud.com tcp
CN 223.109.148.141:80 alog.umengcloud.com tcp
CN 223.109.148.179:80 alog.umengcloud.com tcp
CN 223.109.148.176:80 alog.umengcloud.com tcp

Files

/data/data/com.azodus.shologuti.mt/.jiagu/libjiagu.so

MD5 f1f265086abdf52a2a9aebdbf231c3f2
SHA1 aedb1041a77901faa6a6a20441bf9aeef3636794
SHA256 36af2da2a200c9319376d3748e16bb3bc6a0456561ab5c1b976049b961bdd4b4
SHA512 1bee24b8111b3c7846016cc01babcc85c7318ec62b22bd9092798f07682fe3d0253bc7c011be9e54ac43fe9fb702fbca8f35a2956a733710675f6d3fa030f279

/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex

MD5 30139bf954ad64c6be62ecf7430a17e0
SHA1 feda97efe23845bf970075863b2cc9d4d50de3a5
SHA256 279e200035b6d8dde1d8239d4ad497bbf85eea966b20a63da4fb4202fcfacf65
SHA512 6155f34ed8aedfa43e0d0e34beb91b444e4032af70ca0f1462ec3a28e488d1d0864c4198ed3eb5001fb7b4071b542674760d51092a1a4075b700f9c3110af115

/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex

MD5 e37629fc6ac72bac9c99c5e2ebb45583
SHA1 c4d0cadd50defcc04300767ddef47316f8ad7ac6
SHA256 761fe21b02a86cc381f608eed04f0adc43da80d477348c9dd4c8a799c1940659
SHA512 79b779a45e05c2654a239ac3c5b4767011e55043aea771927995e0e2044775b32838b41361b7b8c9269e1b18f8c4911eab4f79dc8aa3af317a821c054a787bdd

/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex!classes2.dex

MD5 1e39961aa23d1d972d3a504fb0bf4144
SHA1 d02ff82644dd4d08c06855768afe0115aa3e1c01
SHA256 ef4b909ebe089f196547c1ed6240c1eb8f1a1123aa1687c03b222d04d984d51e
SHA512 e9094abdf20f57380ad199e88af039454720dc3d6f63f6b8c2998ca12bebb2658f6899ac8096c18b98be8407ef38654d8c83d7d12fa24eb72c1acfd610f84677

/data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex

MD5 f1771b68f5f9b168b79ff59ae2daabe4
SHA1 0df6a835559f5c99670214a12700e7d8c28e5a42
SHA256 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939
SHA512 dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ri

MD5 176bac8a31f87c32bcfaa625901a25d6
SHA1 9106227f9d4515c26cdd152fc3432bef68757fe1
SHA256 1dfde1b0050ad18a9d862c6f819973b5845215e4b3887ad7325ffa8191882320
SHA512 20b19c07203333229b3e75e51dfe8314e496f9c08098e6d9aec9f89ea324fb0d3808636de7bee400403cd7f4745846d337379eacad962a4c8b6ec85294074170

/data/data/com.azodus.shologuti.mt/files/.jiagu.lock

MD5 c6f4204748e9c39555e9124aac2bbf86
SHA1 d4d8f22fba55ce0ff640cc18c02e4e4579f2de8a
SHA256 ce109eaf324daeabc9eb6f2626cec2a6d1b31a075358774fa2b194f2944cd863
SHA512 c8217e9f0fc4049634d5937cda1f13710bab458a94ca76283579e9ef7ee8e3ce15ba3e6cfecd04cebcb4923f771b64a6ac8bc17ab7448ecbb10e75c19049d8b7

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ac

MD5 3147c3c828f21b5fbcca0bb0f39a0504
SHA1 8a0e496cf1918eb2d6aa2f7de9a3931f91241b3d
SHA256 34bdb86c3a3ab6198aa83483b5ce6521b3eb67dc9ddff107ec481a6fa23f6452
SHA512 848f44c8ca705728064969343fb8aa8e5c3de62f7b04ac9a41d0f7a31593f081b451bde17e76bdb2d7b679621d18110b689853516896ef9f96e333bb058e83d6

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ic

MD5 8c5c2ebdc2609e2356a2dfbb95d50cab
SHA1 5493dec2b7a4c7941e57445442b0414fdc1c5c4d
SHA256 94f7d41019802b3f674b776ab483a6cc16f84970e3173e66b203499fb7577fa0
SHA512 1e9c83e029aab16c61cb26b7f0a3b09fc3d44ef8b1dce3c8523981b284c37d70930953b00f628bf63228998a4d85d39d32fdee81a8e1560d7fd52d5f1b2f3e66

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di

MD5 8ae10e8bc9dd54a6ed2f3e1ac7b94afe
SHA1 d3009f85fae2f1a1977806af7371ee6e2f7adb50
SHA256 5ce1b4ad3c45ae4654f75f64380eb5e83532cc7c20091af70c8f823089e96125
SHA512 09d670ecb81c8307ceddec362d4f9650db1949a97642cef952bbb1a3cf6fd2af9c558aec786aac091da9e8e578d0ef66efc505f846323fcf4b2a09e727f03f3b

/storage/emulated/0/360/.iddata

MD5 5269cd197340edea9c0046c6cdb6bdfe
SHA1 1b7264d8f79daeec50595ea20ff3dfe628609941
SHA256 86163c5d9a0e93232bf5133e4353f2b1ef8c32b9f42e185994b3a4c797422680
SHA512 41dacd156f93bfd487eed81e888484cac084ad127cfbf5ea269f15facc78c9ba8c9dd2a26ecfcab680205ee13efec62ccf62de2069cbd3c5b8bf9cad84a5102f

/storage/emulated/0/360/.deviceId

MD5 1d8d16c4e3b19ebf18988530d9b9a757
SHA1 bc94c1cce05cd848a53271ecb9c5311e27ffebf5
SHA256 abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7
SHA512 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82

/data/data/com.azodus.shologuti.mt/files/ebody/seey/tv

MD5 846c260d715e5b854ffad5f70a516c88
SHA1 f890d752d330caf426a52643f6510d6efd597f3e
SHA256 d1c78c9aa5dcb0991f46b25fbaaa359d7d5823ac7a2a94c4d4a31da42a26c24f
SHA512 1d3b704c2ae1cfa74d1ccffb40c980e5945c2008d4c0e83b4f656ab53085446bf6c9b7dddd3965c60468212878997a418f8bca204ac0e8d8de41573b69b9d54d

/data/data/com.azodus.shologuti.mt/files/ebody/as/cheuu

MD5 5513fbf9f2c54394f19e161dcaa0505a
SHA1 effd4272e9705682c1bedf03212b66fb7c0e0689
SHA256 1811b3e06b10fa4e4e963cbbeffce18e575d12eecb26963d5824a2876d4c930d
SHA512 62e816ad0d4e6b11922df69f801b452b265c4783a496ff4453b4f3f680b633698b2e2c323f6bad66ea677922db532a5ad5698a52aafaed736d8181d0750c6579

/data/data/com.azodus.shologuti.mt/files/ebody/seey/tmd

MD5 b6b097bb418f5b55771f8e3b9a088e6d
SHA1 1023803f5757bd86e7c6b8f3efbbf331b8b8be86
SHA256 ef8ca7cb439caad298b589c37bf332498805498ec79ef0567bbbdbddcaa01862
SHA512 bb2225099df898652d4d7ca3dd1c2e56bb5539fe20d1c65f523107d62b0e9007a9bb1c1809d7035ec8cbfbe844daba6c3bc83a69fc3aced6a184c4ddd6e320b2

/data/data/com.azodus.shologuti.mt/app_ebody/res/xxxok/805/uuloi

MD5 598e78062c202e2ccf48cf32d281bcdb
SHA1 ce043d3110d00f54c155554afebdd64356af48f6
SHA256 a24371e78fd454d234c517fd572e596f9c352d08bf8fe4f433d70e433d7ec3b6
SHA512 8b2fa8b0f32bd58591650dd7fdf7b707c0c5b12011fe36f5e4aca63d07fb0ef0cd97b175b57c62997d6350bb59389cd58fa56442f3f6d797c10d3d380676de03

/data/data/com.azodus.shologuti.mt/files/ebody/res/805/vva

MD5 2b14a8d320b5957ad739b81e21e45c4d
SHA1 2cc774c9820eaaaff4194729dee4f5d2e9093016
SHA256 c4c63c96035f88d823e9ca7fa191fcfdc59bb0240fa4b81c18fa2c334110b6b4
SHA512 8752dff7f0e3e85f8365fbdd5fc27c6df82f72bd870a65e3ef1e75ca0bb5bbc46acc1455e33b916f190ac3048b84b55054231d1e6c3a099ba1e9e084c118b6c2

/data/data/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar

MD5 b07ef478d8b931daa8bd75d89b6635c6
SHA1 ed309870bfc6b70a2a96dbff64cbfbd6c8ed95f1
SHA256 039b8e270a51d5e1ff33e9c09c9c081ed369d9f18f635079878ac8e89d818015
SHA512 1268c7532de2b3ff9e748034aa7e0fc80ebc547dc9256d46974b34fae73ada1a8f0c5b77aad60dae76274b2d735a9b6b4ae8f217dbc94371ecfe663c88d75b37

/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar

MD5 3c9884a2aacea5d82c67a90a49eb512c
SHA1 72338638b5f57f4230458ae14b039bc2047c355a
SHA256 a0bb042779d7f8f6c843a4de0eb8dde4ffc476c10bdec8fc8bec95859c696c73
SHA512 6b2fa2699e299c22737c28c86fe2e8d61796bad0cee2c93b5bcb1d25d20b68894c0b3bfae1681210797de206bfa930ea2ed049dbd89dab45244dc7a4cf0fad87

/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar

MD5 32bbb175c4b9518eb374a2f81066c918
SHA1 ed99b3e7e48b44b67b48424af7b4efef8f69dd93
SHA256 82e26a74260ce2f89073912af6922a743e4c8133899cd79481110135dd1aef43
SHA512 11b9be7119fa94292b944ad2c2b48cb95082ba523dc614d6de926758917f63593a3b57c27ea9af5eca8a1db3ede3fdbdb86e47292c327ff84da377879f248318

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-journal

MD5 a8bdb4d26b813e6c30e3160ded8d90b1
SHA1 7ce6c2429344b32306fff4da261f5d011bc3ebbf
SHA256 89b7b31f51619c98a4ea34cfef5a349f3f573a1ed763344a63758c461f097f93
SHA512 a052b79361d88089300ea47fcb1d563e63d7a6549741afdbd9a94801c92dac86a8dba8e8971cdfc51d0e0ef2d565390d3aad2d4004541755be204c80703b0fe4

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db

MD5 5d7ea1a23af19b4340cc8d90f28297d5
SHA1 4cfe95b23a9e98378d69c4290af81b51fbe76aea
SHA256 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da
SHA512 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-shm

MD5 bb7df04e1b0a2570657527a7e108ae23
SHA1 5188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256 c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-wal

MD5 563dae9837dc5cacae71cb0c448e5d73
SHA1 bbec5a41782ccf05973811e7467513bb355fdf6b
SHA256 ec5811bcb24cbae50ffc9f835cfa9e500896332f83fe36ec4262d029a647e4c1
SHA512 e4003e36d64890c1e4b9bd513573c6908e6d3e1cd12135b173dacb153573f6d418c006aa447653052e769ca2e46b796523872a88271b21b33136fcbd34568e17

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di

MD5 a190e3156db8ed95b90cf407174f0825
SHA1 6134b505f8e54cfb60cbfb8d2fb793970aaa1530
SHA256 ec3f367858b8c4f123e0684b50413ba4c5235d03a504194dea567e12ba40f7cc
SHA512 cb2260ff166cad49f18d0e5890bdd2f5945e8972dbc7b1a668bafdaa698b13c4c514966e96501a4b51e21edca9ff550ed63ee4e2b7efb6e002e434f517807e1d

/data/data/com.azodus.shologuti.mt/app_e_qq_com_plugin/gdtadv2.jar

MD5 ce0f508c6335a0f27f412774c447e177
SHA1 37e5567b224e0a4af8c00fdea41f1dc00ab4ea4f
SHA256 365f148e463ef91e0f8d8e6a2050449a5a69019bcc7d96b54e3985e61fa99b53
SHA512 cdf4ec112bc01517d29480f660d97ef583cec811b7bb512d2ff1dac51177b173d648ec267858f14ceb4274565d432d1b739ac3a95ca49624b18bc2e16cd18bff

/data/data/com.azodus.shologuti.mt/app_e_qq_com_plugin/gdtadv2.jar.sig

MD5 b6eaeba6a1c84dd2404e195e68470847
SHA1 a5412849f19316b371dd7e00d76f90801c12e4ca
SHA256 6fa69f99042de4deacde22922488977dc3602d0aa8c86ea86e693ce938feadcd
SHA512 e6ae9ff6b2f5afc3e362ceb9b357ed48611f4de091cc2e7695046a83ba10f2e90b33b37e29b3cd1be1aa4e254184d64e8b3e98331c43b5ad3156f11f302e0c4a

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-journal

MD5 abb395e8e08457626b1e04e940fe44c8
SHA1 5044d620524bc930949b2d4a7e7a9bdcf5b6e4d4
SHA256 c223ea5a3b0c708310bf282286f0d2539dd7446443ec9d5ae20c20c60ec9a261
SHA512 d9435deaee70e8116b903c1d999db8ebc6c724cb7cca61ffc730b125d38fa75f84393992324f6199606262325a0a0e93ef6cd2134556435f459f5f9b29c162c5

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db

MD5 208f2a664794ee4990d075a1106981f0
SHA1 0d4d00060400cfeac0b8aa1edb0d3d196419b482
SHA256 66f366fdcd5bb9e2d5283a0c134da8979818aee8b87bc043cb14476f665febca
SHA512 455b0c3dcfe375830072e954a392c3b42a59e73ad05ff3db4dbe15eb4e845c07a5bac529b242b15243e1ff1208d48abbfdcd5dccf06ed7dcdfd3244b5e6ffbc7

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal

MD5 fc7ab4187bbba5fa1b01c5129cc43267
SHA1 e38e4c5e498878d62914c70c15ca51b16313bdb5
SHA256 9d1a808220b9b461895423274f629a568c300b9cc37fb2066e2f905ed0f0846f
SHA512 bfd6a5288925e4231c51952fa7d5e23181e78c4eda2d6754001cd3fff32694069d11b65716338daf4d5461b7524a3491175ed613a9bc82f054ea4481e47dd0c8

/data/data/com.azodus.shologuti.mt/files/umeng_it.cache

MD5 cac8f02ed0321ec1873071dd43eadfab
SHA1 accbeb6d70e01055828b851a3470893b575441b8
SHA256 365e6e5bc83f67c31dd90ec325938c5479d4b470e8be4433f3518fb77eb00a58
SHA512 eb7b8f94ba07a183d87cbee00c205272df3dc8527865b69b375fb31bbe212bf6afe3dedf5fa869b295f0a519df8e74f058d155eda5455c01f77a29825515ca09

/data/data/com.azodus.shologuti.mt/files/.umeng/exchangeIdentity.json

MD5 8aae54922403cd1196b863db3da0147b
SHA1 4d6afa979a8825ba1b3fde88093c99a66458eaf9
SHA256 3b4bd117cec74c38b625a6170fd68a7a1b293c7f501698329bee25c56ca1d7fa
SHA512 33e741cdeb1aecbf044c1736da651b1d240ef1aa4c4557a260013ff004f7337c4a11d573708d3b6b98adee35671b985335095454b5d155e2390d54d93659f7f9

/data/data/com.azodus.shologuti.mt/files/exid.dat

MD5 cc9d67fc2afe3d0d2e9fd6c2e5a3d91c
SHA1 34a7b7c0bb4568bec34e8c35c95cd211a08272d8
SHA256 846b2aab20e011b78b4d88f409281398842587dafb6f4f1283e89883e8ba51a4
SHA512 37045363b876e39ad8f40612c3d8a0eae410d45fe432b1d14328f1d9c4b3326bcb17bc25eb72940aad25189fe8afca3f387bd657d347afacb221dfa48b0eff29

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal

MD5 8f6700c257e6b1ce2d5c4dab9a0441f4
SHA1 fe02c645008d4e5bb905ebbd80cb76138a278cc8
SHA256 82290b962239a934a77831285a58c913725d5da2e6163f2d8a3e7b6f2cefdecf
SHA512 593145e3c60a05ab267494ca3d067a134660e9e07220520df39baf940e0f2957a306100a9bafd9284aa2e169a92ec31e7082007dbb309f6ad8b679b68730f2c7

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db

MD5 d604a3bf1f8d992cc320ea5b1f7609bd
SHA1 247f88df0b55c7d523ea5398637711a0e4a483a4
SHA256 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17
SHA512 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-wal

MD5 f9421fc8152e35fce36b9d004c9717da
SHA1 570873746dde0c4d8969f822433eab713a94df49
SHA256 2480bf31a18aef5461f7577e95a41cc00bc1f19a36231d24529dceec916d38fc
SHA512 c6b8152b14716a795af680f27c971c846348f2785b4e2966a7d2964f0840f5bb21457c7682b95e3df5d250d28a57cc80c7bbbf5485a6345e685a4881bbbe8ad8

/data/data/com.azodus.shologuti.mt/databases/cc/cc.db

MD5 ce6135aa1b1fe4f2c2db2a546d2a5558
SHA1 79b59582154017aadab783dc266fcb158c252940
SHA256 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c
SHA512 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal

MD5 3c6f1c88f4827c1cf53661f5891167c1
SHA1 81c8bbb7371922467e3d7f9255ea3168319ea926
SHA256 56b939a8561b21d90749e7b6a94671de85811dbe61f4551cd1752bfb3128f80b
SHA512 8eccbdaa9b3c0fb376c9722ba31524362b13b11af068b57681acf1e43bd64ffda05d9818080290cebecf43184a01aeb8488eb9ff2d725f9b953ccf641ebb4f1c

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db

MD5 ccff7c96b48efc46dbe128606e09ee9f
SHA1 2f05a77d17f4f6e649d42d5776fe91bf9c3d432c
SHA256 6cf772efd7dd5ff99ef9d3f227bf7126e3342e76430766996f92145d47992934
SHA512 6eea8b24c11cd3f1d611936ba05044986b38665cd90119cc18cf62df37ff38d82c28e98cfbdf0b7f72f004b96256b043ae2d5545ad8213c46bcd03b452de2390

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal

MD5 aee16ce750102dc20f1615f9a531c0f7
SHA1 7773c5f42f78a9ed9a8476cff7b1d8e911ec0e4b
SHA256 16931139817aa30f7f828af2f281c25caf2acd51828382c7e88003988f52dd0e
SHA512 2884aecd6439211bedb40ffd41eeabe64af550dfdec73406e4d033a6cb0a9799c3a291cc91941809c74b9da5f014ce509af463e2a685240835d4ce8b7806674a

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db

MD5 7e2c0bd497963c036ca3d77627d7c54f
SHA1 a5f3a09b1f66273d1feab4070a9b84592e88d066
SHA256 bcdbf774468cf16fd863aac082682ce534e1b8f5044df59b73f204fb6582bbda
SHA512 0681dddad318340cba58a17878902fd921c06a91d4eebdfd99ba34edd9a301d61067eb6a7b74a96953561a517940b5ceca3536592df637151685132b601515a9

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal

MD5 8028ffebbcd6c470ee752ae29dd27200
SHA1 8f9cfeba13ce1308c581701df1695cf9fbfe5f66
SHA256 f46c16a285d4e5b62e6cc61f2bd1db6756e18f82f167512388a276c577e4155f
SHA512 26639add2aa9bc5b2829e344491538f362ad3871017933e1a2867735ac73ac98b491ae5a5bebb924c04aefdedacbdc0ccedfb91e05827955e57b6f81e2e7d17a

/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db

MD5 41f7220b0df6ec38a99648dc988be179
SHA1 97d73aa3f93c5c2f60dc6d148a51523f7a52f797
SHA256 145fecedbedd8081d0e63500ab52bfcccb796ffcec284fc82ab657a73bcdd8c4
SHA512 c0e858d8723b02551b03e76e5b0726eb511d19fa102fa922adcd9d4090f0827b4eeca07be685078349e45fdf0dd1b3b3d693190f311b4ad32348d8fc4ba280ee

/data/data/com.azodus.shologuti.mt/files/ebody/res/805/oat/vva.jar.cur.prof

MD5 010a57a894aea15b133a36b227c057df
SHA1 1f320f46c0e5db1b1a6854199510f20f93ba6c36
SHA256 8300e98904e801589bbdc43e39d63e5e99dcb4a40d75cbf727bf46b82b7094b9
SHA512 f625f15d93a2b6c154aa266a2a398bfd653cfcd20cb73091986b2c1f1e8dd1658a54f25406874493f13ee6a4376308d70215e3a9ed7214e42a4654d96937bd80

/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db-journal

MD5 66009cd01e6dbdeea2e3514efde6ab22
SHA1 e321a7b9c8462322af572ecdd9abb3b6c268346d
SHA256 66de5cd57e824b651798e81591a93be078dccd17a88de5eca6dfffbcd7a98329
SHA512 e34ee053e2aa2a9e0801046bc28e950b8372eac31512147636780f1955402a2a131d2caed61e0be60a8117814b1f739375ce6f80a7ce89dfd628d59638af7a19

/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db

MD5 f2b4b0190b9f384ca885f0c8c9b14700
SHA1 934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA256 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512 ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db-wal

MD5 bd31a3970ae18a604d3079b0c1358eaf
SHA1 157b8cc2b126e287d3ea96a45533d3bbbfd7e63e
SHA256 764502c2ac2795d3a0547cd919a1cb5696c36723b117f57faabc43fe2934d08a
SHA512 5c203e07deea3b80be6d70713631ff5ca7b11dc1cdf0d5fd0ad83fe42fe38dafb54f9895f830afcf6b564de91ddeeebd49b2fbf40bdbb82627cb61366036ed64

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ac

MD5 2bf7dd7a9814652839871d8d6c23c54a
SHA1 dad7357bc34048ede922939139dd2598b06d3aac
SHA256 16c10e7518776fade826786182d2166b7492e5d6f24280b45ea524e964112895
SHA512 59c7210d3a8e988458bd80b14969f86eefbd34d479be512b6f1af7e9c6a1e555c15f022e8a981d7af13219bf9e24a9cf0e52df5c830a7c5393ee183003d17990

/data/data/com.azodus.shologuti.mt/files/gaClientId

MD5 355a732b3f0747fab102ce24b6126383
SHA1 2e02e0b33697f6242a8279aeddee52bd36ae3ccc
SHA256 db4a8230689e3965d0c454da52057053ae6416193e319e80143e5a418f477ef8
SHA512 d01da88c53ced26a1404a6cf44d2d851c444bfc121b3fbc53428e29e676933c5aa57c9d12636a16b152e18354bedeb9888e2ef3c64e451edfd966e02adff2884

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/config

MD5 8673a8ac0b06a9d056d08d62f857ba4b
SHA1 a351bea1932270bafbe468584058fef20dcfc31e
SHA256 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96
SHA512 edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/s

MD5 7452951fc9c90ddda3f7e073e20d1406
SHA1 c5370a5e6fcc8bef8cf6cb50ff2d672852ac4b01
SHA256 3cc6040c1a58c3c95399a4f396c16254055c2b58f37d9267218beab001874abb
SHA512 9b74fe92800b712a86db459570a36a87a1e165b94188b48ba63fee86750e8e38575f17f6ced2ee03792f94a36b0ac57d83443b2ce7f3c81103635eb6d83297cf

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/g

MD5 c81e728d9d4c2f636f067f89cc14862c
SHA1 da4b9237bacccdf19c0760cab7aec4a8359010b0
SHA256 d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
SHA512 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/e

MD5 bd5a687a0cc910265f19fc9724fdd28f
SHA1 c8ef807ec76b261f3b5fc1cd3df76ac5e21eb6d0
SHA256 8b78a5a8e0fb3b1e83f851cceb9dd326106979b13480e1d94265b41b8b1ee402
SHA512 2c3b9ef4eeb8569500362b0527fdcfc5dd7ca44279b9df3c5511f504690cc38b52f72744750dd1c306161e31f622ebe566bd779a39fd3a9ee17a466547ccb31f

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/values

MD5 ef93988b7aa1a6c507d302477c9a2801
SHA1 ec980d1c01f354113a44929f8eeabdd102e5f9d8
SHA256 f5eede007862e1e123d9f18eb112ff284e480164760791483904e05dde8b0c8b
SHA512 07710ab7a1e578d285cb95eec81641a936c6828dd920d0ffdcec9acc8cf24a813eca4d809a2a8d0e43e8e4ba183c8cf771cb7fcb368343170612c3387568c01d

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400001.0ef75f53/e

MD5 ae128a282ea14ffac9dec9a18de28016
SHA1 b9eac0a9289ccb931d00d66ecc61db6416ebd117
SHA256 2cbb851beff05e2aa04fccbb28f96655269816e8d8a0fd34eb10413d231c5266
SHA512 05c0351420c7a92a1e26897e02600a2cbb1c479e8a6911f8abe55cc5560a68897dcd8c34b9e7ed9aac7e6b404b5cf461d8cc437c9a16dc9e01ab76e276f023c4

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400002.0ef75f53/e

MD5 4d15e3a4e36b9a66b73f700ec6fcd8e0
SHA1 c440f3146a9b807b5d943156dd4a2030ee186384
SHA256 5418c36c8ce452158369c04c856159014260e941ef3e547a3580b2221acc8706
SHA512 b24b6d6010356c5733bab5ed7071b4689319bf9051468067d65969c44b658fe99eac1af9e0840b3464d041e3439c4fd30eb09746ad7ffc1eb21f1a548ac200ac

/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400002.0ef75f53/e

MD5 04698e5b10d54852f5309a06b227608c
SHA1 e585c45b4dc33fa87210df17cbd512e461118bc7
SHA256 35b1bc35bc260405517c647f1e5db5f7a5d1dd9071e86991e587ead339687ae6
SHA512 e85cbf7a94e07df9b50841aba5931dc314843d7d3823c92ab7ae3e02040590572f49cf407067e403adafc3cb57e6063a38b6680f09995849256a5a3787bd9370

/data/data/com.azodus.shologuti.mt/files/.um/um_cache_1717404893931.env

MD5 6d54b624b134953c32a877efc81402ae
SHA1 522d9933f05e1e7d7ba4d87f4f28bb19912d97ac
SHA256 e21487299418191d4653ed53e84b7a5c52e964ac5c8b70447ac274540b3eafa6
SHA512 1c028476cc0fc010338b5235946b041d8762de65242bd42da8a6953e90bf147b5c5ddeb10e5d5518f6b5562bf467f5c3035324d8e09c2a72106156320b5c4d9f

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 08:51

Reported

2024-06-03 08:55

Platform

android-x64-arm64-20240514-en

Max time kernel

6s

Max time network

144s

Command Line

com.azodus.shologuti.mt

Signatures

Loads dropped Dex/Jar

evasion
Description Indicator Process Target
N/A /data/user/0/com.azodus.shologuti.mt/[email protected] N/A N/A
N/A /data/user/0/com.azodus.shologuti.mt/[email protected]!classes2.dex N/A N/A

Queries information about the current Wi-Fi connection

discovery
Description Indicator Process Target
Framework service call android.net.wifi.IWifiManager.getConnectionInfo N/A N/A

Checks if the internet connection is available

discovery
Description Indicator Process Target
Framework service call android.net.IConnectivityManager.getActiveNetworkInfo N/A N/A

Processes

com.azodus.shologuti.mt

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.206:443 android.apis.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

/data/user/0/com.azodus.shologuti.mt/.jiagu/libjiagu.so

MD5 f1f265086abdf52a2a9aebdbf231c3f2
SHA1 aedb1041a77901faa6a6a20441bf9aeef3636794
SHA256 36af2da2a200c9319376d3748e16bb3bc6a0456561ab5c1b976049b961bdd4b4
SHA512 1bee24b8111b3c7846016cc01babcc85c7318ec62b22bd9092798f07682fe3d0253bc7c011be9e54ac43fe9fb702fbca8f35a2956a733710675f6d3fa030f279

/data/user/0/com.azodus.shologuti.mt/.jiagu/classes.dex

MD5 30139bf954ad64c6be62ecf7430a17e0
SHA1 feda97efe23845bf970075863b2cc9d4d50de3a5
SHA256 279e200035b6d8dde1d8239d4ad497bbf85eea966b20a63da4fb4202fcfacf65
SHA512 6155f34ed8aedfa43e0d0e34beb91b444e4032af70ca0f1462ec3a28e488d1d0864c4198ed3eb5001fb7b4071b542674760d51092a1a4075b700f9c3110af115

/data/user/0/com.azodus.shologuti.mt/[email protected]

MD5 e37629fc6ac72bac9c99c5e2ebb45583
SHA1 c4d0cadd50defcc04300767ddef47316f8ad7ac6
SHA256 761fe21b02a86cc381f608eed04f0adc43da80d477348c9dd4c8a799c1940659
SHA512 79b779a45e05c2654a239ac3c5b4767011e55043aea771927995e0e2044775b32838b41361b7b8c9269e1b18f8c4911eab4f79dc8aa3af317a821c054a787bdd

/data/user/0/com.azodus.shologuti.mt/[email protected]!classes2.dex

MD5 1e39961aa23d1d972d3a504fb0bf4144
SHA1 d02ff82644dd4d08c06855768afe0115aa3e1c01
SHA256 ef4b909ebe089f196547c1ed6240c1eb8f1a1123aa1687c03b222d04d984d51e
SHA512 e9094abdf20f57380ad199e88af039454720dc3d6f63f6b8c2998ca12bebb2658f6899ac8096c18b98be8407ef38654d8c83d7d12fa24eb72c1acfd610f84677

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ri

MD5 d2a039ea0ba95125d80f04035fb625b6
SHA1 a663361c9e34ad182c4494885278f5ee0876d3c5
SHA256 d3331a62b295ec1fbcc8128645b57eaac2c20e0477dca7e4882688eecd103326
SHA512 7092ffbf46469130556eb040967ea78d52ec2b67149ca47d7b5fb33a4eb1b5e2a5d8f6bf99ad56038cbead1b996c17e47b6a360f6e6490e00b402700ec08edaf

/data/data/com.azodus.shologuti.mt/files/.jiagu.lock

MD5 a9e2d748c3f2e79f2772a72ec2beebad
SHA1 4ccbfdbe0ef309820ade0c25f9310f425af7fb2f
SHA256 6ef00812586691c7549207b7ad81648b593f0981fccadbc6096850f729042944
SHA512 ddc7fd9c2f2ecee8f11eec21b6baac47d311f97b35f4185f12d0b9cac2e40e8e69e91be290e87c454ceda66d05e8cf8bbcd6df66fb11c1cf645428e70f97927f

/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di

MD5 c302653a07dd0748e3f82448252f7ccd
SHA1 f321ad962d92a17b8953d26e246eeb2c32fb391f
SHA256 00396bd09db9bac3fc63e3752407caec42403a6d6dda201375f69eb7bf6e9207
SHA512 94badcf242a1280cb11c665c6760006ca5711dfbea727a02ae5fccf51bcdbfd8a81fc17e66d864913c17290f67b26e42a40913ab4f3f289f53cee9ecccfd1b08

/storage/emulated/0/360/.iddata

MD5 0ad2fb6fe4553e3e41d752b8ad270eb5
SHA1 11d7efcccc403c3fa57f8e74fce37ed99f6864aa
SHA256 afc752bba41051b07db11005f9c56a8f382af514c80db1fee117dfda9a68aca0
SHA512 5aa30ba6259c19b940712f31e60662ceab914b80e6af90d29e9427bd6df6fc7df4defd6117af68f2c974e274fe763986aacd9eb8014b0340a8c96e144725a943

/storage/emulated/0/360/.deviceId

MD5 4c4c5285293d5141f582aefa4e038669
SHA1 e01852a72e5a8e6f7d63a21426b515118196047b
SHA256 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731
SHA512 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-03 08:51

Reported

2024-06-03 08:52

Platform

android-x86-arm-20240514-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-03 08:51

Reported

2024-06-03 08:55

Platform

android-x86-arm-20240514-en

Max time network

131s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 216.58.213.3:443 tcp
GB 142.250.200.14:443 tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.14:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp

Files

N/A