Analysis Overview
SHA256
7a48c377c7bb06b9b0f4f251dcf708e29801ddf6f0edbf129d8abea52f99d182
Threat Level: Likely malicious
The file 912f32d801829ce66702a16d6d4f3f79_JaffaCakes118 was found to be: Likely malicious.
Malicious Activity Summary
Checks if the Android device is rooted.
Checks memory information
Queries the mobile country code (MCC)
Registers a broadcast receiver at runtime (usually for listening for system events)
Checks CPU information
Loads dropped Dex/Jar
Queries information about the current Wi-Fi connection
Checks Android system properties for emulator presence.
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
Requests dangerous framework permissions
Checks if the internet connection is available
Uses Crypto APIs (Might try to encrypt user data)
MITRE ATT&CK
Mobile Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 08:52
Signatures
Requests dangerous framework permissions
| Description | Indicator | Process | Target |
| Allows an application to write to external storage. | android.permission.WRITE_EXTERNAL_STORAGE | N/A | N/A |
| Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. | android.permission.READ_PHONE_STATE | N/A | N/A |
| Allows an app to access approximate location. | android.permission.ACCESS_COARSE_LOCATION | N/A | N/A |
| Allows an application to read or write the system settings. | android.permission.WRITE_SETTINGS | N/A | N/A |
| Allows an application to read from external storage. | android.permission.READ_EXTERNAL_STORAGE | N/A | N/A |
| Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. | android.permission.SYSTEM_ALERT_WINDOW | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 08:51
Reported
2024-06-03 08:55
Platform
android-x86-arm-20240514-en
Max time kernel
154s
Max time network
158s
Command Line
Signatures
Checks if the Android device is rooted.
| Description | Indicator | Process | Target |
| N/A | /sbin/su | N/A | N/A |
| N/A | /data/local/su | N/A | N/A |
| N/A | /data/local/bin/su | N/A | N/A |
| N/A | /data/local/xbin/su | N/A | N/A |
Checks Android system properties for emulator presence.
| Description | Indicator | Process | Target |
| Accessed system property | key: ro.product.model | N/A | N/A |
Checks CPU information
| Description | Indicator | Process | Target |
| File opened for read | /proc/cpuinfo | N/A | N/A |
Checks memory information
| Description | Indicator | Process | Target |
| File opened for read | /proc/meminfo | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/data/com.azodus.shologuti.mt/.jiagu/classes.dex | N/A | N/A |
| N/A | /data/data/com.azodus.shologuti.mt/.jiagu/classes.dex!classes2.dex | N/A | N/A |
| N/A | /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex | N/A | N/A |
| N/A | /data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar | N/A | N/A |
| N/A | /data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Queries the mobile country code (MCC)
| Description | Indicator | Process | Target |
| Framework service call | com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone | N/A | N/A |
Registers a broadcast receiver at runtime (usually for listening for system events)
| Description | Indicator | Process | Target |
| Framework service call | android.app.IActivityManager.registerReceiver | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
| Description | Indicator | Process | Target |
| N/A | s.appjiagu.com | N/A | N/A |
| N/A | alog.umeng.com | N/A | N/A |
| N/A | b.appjiagu.com | N/A | N/A |
Uses Crypto APIs (Might try to encrypt user data)
| Description | Indicator | Process | Target |
| Framework API call | javax.crypto.Cipher.doFinal | N/A | N/A |
Processes
com.azodus.shologuti.mt
chmod 755 /data/data/com.azodus.shologuti.mt/.jiagu/libjiagu.so
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex --output-vdex-fd=42 --oat-fd=43 --oat-location=/data/data/com.azodus.shologuti.mt/.jiagu/oat/x86/tmp.odex --compiler-filter=quicken --class-loader-context=&
cat /sys/class/net/wlan0/address
/system/bin/dex2oat --instruction-set=x86 --instruction-set-features=ssse3,-sse4.1,-sse4.2,-avx,-avx2,-popcnt --runtime-arg -Xhidden-api-checks --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=x86 --instruction-set-features=default --inline-max-code-units=0 --compact-dex-level=none --dex-file=/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar --output-vdex-fd=64 --oat-fd=69 --oat-location=/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/oat/x86/vva.odex --compiler-filter=quicken --class-loader-context=&
sh -c ps
ps
ps daemonsu
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.195:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.3:443 | tcp | |
| US | 1.1.1.1:53 | a.dan665.com | udp |
| CN | 39.108.120.165:9127 | a.dan665.com | tcp |
| GB | 216.58.204.78:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | s.appjiagu.com | udp |
| US | 1.1.1.1:53 | game.62game.com | udp |
| CN | 47.107.234.67:8001 | game.62game.com | tcp |
| CN | 39.108.120.165:9127 | a.dan665.com | tcp |
| US | 1.1.1.1:53 | alog.umeng.com | udp |
| CN | 223.109.148.179:80 | alog.umeng.com | tcp |
| US | 104.192.110.60:80 | s.appjiagu.com | tcp |
| CN | 223.109.148.141:80 | alog.umeng.com | tcp |
| CN | 39.108.120.165:9127 | a.dan665.com | tcp |
| CN | 39.108.120.165:9127 | a.dan665.com | tcp |
| CN | 39.108.120.165:9127 | a.dan665.com | tcp |
| US | 1.1.1.1:53 | config.uca.cloud.unity3d.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:80 | www.google.com | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| CN | 223.109.148.178:80 | alog.umeng.com | tcp |
| US | 34.111.113.40:443 | config.uca.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | cdp.cloud.unity3d.com | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| CN | 223.109.148.130:80 | alog.umeng.com | tcp |
| CN | 223.109.148.177:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | b.appjiagu.com | udp |
| GB | 216.58.204.78:443 | tcp | |
| GB | 216.58.201.98:443 | tcp | |
| CN | 180.163.249.208:80 | b.appjiagu.com | tcp |
| CN | 106.63.25.33:80 | b.appjiagu.com | tcp |
| CN | 223.109.148.176:80 | alog.umeng.com | tcp |
| US | 1.1.1.1:53 | alog.umengcloud.com | udp |
| CN | 223.109.148.177:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.130:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.178:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.141:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.179:80 | alog.umengcloud.com | tcp |
| CN | 223.109.148.176:80 | alog.umengcloud.com | tcp |
Files
/data/data/com.azodus.shologuti.mt/.jiagu/libjiagu.so
| MD5 | f1f265086abdf52a2a9aebdbf231c3f2 |
| SHA1 | aedb1041a77901faa6a6a20441bf9aeef3636794 |
| SHA256 | 36af2da2a200c9319376d3748e16bb3bc6a0456561ab5c1b976049b961bdd4b4 |
| SHA512 | 1bee24b8111b3c7846016cc01babcc85c7318ec62b22bd9092798f07682fe3d0253bc7c011be9e54ac43fe9fb702fbca8f35a2956a733710675f6d3fa030f279 |
/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex
| MD5 | 30139bf954ad64c6be62ecf7430a17e0 |
| SHA1 | feda97efe23845bf970075863b2cc9d4d50de3a5 |
| SHA256 | 279e200035b6d8dde1d8239d4ad497bbf85eea966b20a63da4fb4202fcfacf65 |
| SHA512 | 6155f34ed8aedfa43e0d0e34beb91b444e4032af70ca0f1462ec3a28e488d1d0864c4198ed3eb5001fb7b4071b542674760d51092a1a4075b700f9c3110af115 |
/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex
| MD5 | e37629fc6ac72bac9c99c5e2ebb45583 |
| SHA1 | c4d0cadd50defcc04300767ddef47316f8ad7ac6 |
| SHA256 | 761fe21b02a86cc381f608eed04f0adc43da80d477348c9dd4c8a799c1940659 |
| SHA512 | 79b779a45e05c2654a239ac3c5b4767011e55043aea771927995e0e2044775b32838b41361b7b8c9269e1b18f8c4911eab4f79dc8aa3af317a821c054a787bdd |
/data/data/com.azodus.shologuti.mt/.jiagu/classes.dex!classes2.dex
| MD5 | 1e39961aa23d1d972d3a504fb0bf4144 |
| SHA1 | d02ff82644dd4d08c06855768afe0115aa3e1c01 |
| SHA256 | ef4b909ebe089f196547c1ed6240c1eb8f1a1123aa1687c03b222d04d984d51e |
| SHA512 | e9094abdf20f57380ad199e88af039454720dc3d6f63f6b8c2998ca12bebb2658f6899ac8096c18b98be8407ef38654d8c83d7d12fa24eb72c1acfd610f84677 |
/data/data/com.azodus.shologuti.mt/.jiagu/tmp.dex
| MD5 | f1771b68f5f9b168b79ff59ae2daabe4 |
| SHA1 | 0df6a835559f5c99670214a12700e7d8c28e5a42 |
| SHA256 | 9f8898ce35a47aeafced99ea0d17c33e73037bb2307c7688e50819966f4ae939 |
| SHA512 | dae27d19727b89bec49398503baa6801640540355688dfabbe689c97545295c2c2d9b0f0dcd7cbc4cfbf701d0c0c3289e647a152f49ff242d1ecc741efe4145d |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ri
| MD5 | 176bac8a31f87c32bcfaa625901a25d6 |
| SHA1 | 9106227f9d4515c26cdd152fc3432bef68757fe1 |
| SHA256 | 1dfde1b0050ad18a9d862c6f819973b5845215e4b3887ad7325ffa8191882320 |
| SHA512 | 20b19c07203333229b3e75e51dfe8314e496f9c08098e6d9aec9f89ea324fb0d3808636de7bee400403cd7f4745846d337379eacad962a4c8b6ec85294074170 |
/data/data/com.azodus.shologuti.mt/files/.jiagu.lock
| MD5 | c6f4204748e9c39555e9124aac2bbf86 |
| SHA1 | d4d8f22fba55ce0ff640cc18c02e4e4579f2de8a |
| SHA256 | ce109eaf324daeabc9eb6f2626cec2a6d1b31a075358774fa2b194f2944cd863 |
| SHA512 | c8217e9f0fc4049634d5937cda1f13710bab458a94ca76283579e9ef7ee8e3ce15ba3e6cfecd04cebcb4923f771b64a6ac8bc17ab7448ecbb10e75c19049d8b7 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ac
| MD5 | 3147c3c828f21b5fbcca0bb0f39a0504 |
| SHA1 | 8a0e496cf1918eb2d6aa2f7de9a3931f91241b3d |
| SHA256 | 34bdb86c3a3ab6198aa83483b5ce6521b3eb67dc9ddff107ec481a6fa23f6452 |
| SHA512 | 848f44c8ca705728064969343fb8aa8e5c3de62f7b04ac9a41d0f7a31593f081b451bde17e76bdb2d7b679621d18110b689853516896ef9f96e333bb058e83d6 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ic
| MD5 | 8c5c2ebdc2609e2356a2dfbb95d50cab |
| SHA1 | 5493dec2b7a4c7941e57445442b0414fdc1c5c4d |
| SHA256 | 94f7d41019802b3f674b776ab483a6cc16f84970e3173e66b203499fb7577fa0 |
| SHA512 | 1e9c83e029aab16c61cb26b7f0a3b09fc3d44ef8b1dce3c8523981b284c37d70930953b00f628bf63228998a4d85d39d32fdee81a8e1560d7fd52d5f1b2f3e66 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di
| MD5 | 8ae10e8bc9dd54a6ed2f3e1ac7b94afe |
| SHA1 | d3009f85fae2f1a1977806af7371ee6e2f7adb50 |
| SHA256 | 5ce1b4ad3c45ae4654f75f64380eb5e83532cc7c20091af70c8f823089e96125 |
| SHA512 | 09d670ecb81c8307ceddec362d4f9650db1949a97642cef952bbb1a3cf6fd2af9c558aec786aac091da9e8e578d0ef66efc505f846323fcf4b2a09e727f03f3b |
/storage/emulated/0/360/.iddata
| MD5 | 5269cd197340edea9c0046c6cdb6bdfe |
| SHA1 | 1b7264d8f79daeec50595ea20ff3dfe628609941 |
| SHA256 | 86163c5d9a0e93232bf5133e4353f2b1ef8c32b9f42e185994b3a4c797422680 |
| SHA512 | 41dacd156f93bfd487eed81e888484cac084ad127cfbf5ea269f15facc78c9ba8c9dd2a26ecfcab680205ee13efec62ccf62de2069cbd3c5b8bf9cad84a5102f |
/storage/emulated/0/360/.deviceId
| MD5 | 1d8d16c4e3b19ebf18988530d9b9a757 |
| SHA1 | bc94c1cce05cd848a53271ecb9c5311e27ffebf5 |
| SHA256 | abd87140da8de3d0aa39a24a8d52bfe7b2eb28f7a3d505f205471c7e8f4964d7 |
| SHA512 | 4562d1eedbc5c2dd7f25cd1c70343053fd451026403585182b142a64f17016c1bd0bf6ad51667b439b220e425640e55fbbda08517e7106376cdc220a4555da82 |
/data/data/com.azodus.shologuti.mt/files/ebody/seey/tv
| MD5 | 846c260d715e5b854ffad5f70a516c88 |
| SHA1 | f890d752d330caf426a52643f6510d6efd597f3e |
| SHA256 | d1c78c9aa5dcb0991f46b25fbaaa359d7d5823ac7a2a94c4d4a31da42a26c24f |
| SHA512 | 1d3b704c2ae1cfa74d1ccffb40c980e5945c2008d4c0e83b4f656ab53085446bf6c9b7dddd3965c60468212878997a418f8bca204ac0e8d8de41573b69b9d54d |
/data/data/com.azodus.shologuti.mt/files/ebody/as/cheuu
| MD5 | 5513fbf9f2c54394f19e161dcaa0505a |
| SHA1 | effd4272e9705682c1bedf03212b66fb7c0e0689 |
| SHA256 | 1811b3e06b10fa4e4e963cbbeffce18e575d12eecb26963d5824a2876d4c930d |
| SHA512 | 62e816ad0d4e6b11922df69f801b452b265c4783a496ff4453b4f3f680b633698b2e2c323f6bad66ea677922db532a5ad5698a52aafaed736d8181d0750c6579 |
/data/data/com.azodus.shologuti.mt/files/ebody/seey/tmd
| MD5 | b6b097bb418f5b55771f8e3b9a088e6d |
| SHA1 | 1023803f5757bd86e7c6b8f3efbbf331b8b8be86 |
| SHA256 | ef8ca7cb439caad298b589c37bf332498805498ec79ef0567bbbdbddcaa01862 |
| SHA512 | bb2225099df898652d4d7ca3dd1c2e56bb5539fe20d1c65f523107d62b0e9007a9bb1c1809d7035ec8cbfbe844daba6c3bc83a69fc3aced6a184c4ddd6e320b2 |
/data/data/com.azodus.shologuti.mt/app_ebody/res/xxxok/805/uuloi
| MD5 | 598e78062c202e2ccf48cf32d281bcdb |
| SHA1 | ce043d3110d00f54c155554afebdd64356af48f6 |
| SHA256 | a24371e78fd454d234c517fd572e596f9c352d08bf8fe4f433d70e433d7ec3b6 |
| SHA512 | 8b2fa8b0f32bd58591650dd7fdf7b707c0c5b12011fe36f5e4aca63d07fb0ef0cd97b175b57c62997d6350bb59389cd58fa56442f3f6d797c10d3d380676de03 |
/data/data/com.azodus.shologuti.mt/files/ebody/res/805/vva
| MD5 | 2b14a8d320b5957ad739b81e21e45c4d |
| SHA1 | 2cc774c9820eaaaff4194729dee4f5d2e9093016 |
| SHA256 | c4c63c96035f88d823e9ca7fa191fcfdc59bb0240fa4b81c18fa2c334110b6b4 |
| SHA512 | 8752dff7f0e3e85f8365fbdd5fc27c6df82f72bd870a65e3ef1e75ca0bb5bbc46acc1455e33b916f190ac3048b84b55054231d1e6c3a099ba1e9e084c118b6c2 |
/data/data/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar
| MD5 | b07ef478d8b931daa8bd75d89b6635c6 |
| SHA1 | ed309870bfc6b70a2a96dbff64cbfbd6c8ed95f1 |
| SHA256 | 039b8e270a51d5e1ff33e9c09c9c081ed369d9f18f635079878ac8e89d818015 |
| SHA512 | 1268c7532de2b3ff9e748034aa7e0fc80ebc547dc9256d46974b34fae73ada1a8f0c5b77aad60dae76274b2d735a9b6b4ae8f217dbc94371ecfe663c88d75b37 |
/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar
| MD5 | 3c9884a2aacea5d82c67a90a49eb512c |
| SHA1 | 72338638b5f57f4230458ae14b039bc2047c355a |
| SHA256 | a0bb042779d7f8f6c843a4de0eb8dde4ffc476c10bdec8fc8bec95859c696c73 |
| SHA512 | 6b2fa2699e299c22737c28c86fe2e8d61796bad0cee2c93b5bcb1d25d20b68894c0b3bfae1681210797de206bfa930ea2ed049dbd89dab45244dc7a4cf0fad87 |
/data/user/0/com.azodus.shologuti.mt/files/ebody/res/805/vva.jar
| MD5 | 32bbb175c4b9518eb374a2f81066c918 |
| SHA1 | ed99b3e7e48b44b67b48424af7b4efef8f69dd93 |
| SHA256 | 82e26a74260ce2f89073912af6922a743e4c8133899cd79481110135dd1aef43 |
| SHA512 | 11b9be7119fa94292b944ad2c2b48cb95082ba523dc614d6de926758917f63593a3b57c27ea9af5eca8a1db3ede3fdbdb86e47292c327ff84da377879f248318 |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-journal
| MD5 | a8bdb4d26b813e6c30e3160ded8d90b1 |
| SHA1 | 7ce6c2429344b32306fff4da261f5d011bc3ebbf |
| SHA256 | 89b7b31f51619c98a4ea34cfef5a349f3f573a1ed763344a63758c461f097f93 |
| SHA512 | a052b79361d88089300ea47fcb1d563e63d7a6549741afdbd9a94801c92dac86a8dba8e8971cdfc51d0e0ef2d565390d3aad2d4004541755be204c80703b0fe4 |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db
| MD5 | 5d7ea1a23af19b4340cc8d90f28297d5 |
| SHA1 | 4cfe95b23a9e98378d69c4290af81b51fbe76aea |
| SHA256 | 474c4a54534ed96beacad7cc9a805a3f53ec9c0522fc7bcc59771cf500a6a0da |
| SHA512 | 33071f4c92da0a3df01c4a61dd165df7c7e0f4f37753cafe02d19fc876a5e7fcbb01c069c804e140ab8bfa0644a55f50fd1373646d1c439f817baa5ffbd47f7b |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-shm
| MD5 | bb7df04e1b0a2570657527a7e108ae23 |
| SHA1 | 5188431849b4613152fd7bdba6a3ff0a4fd6424b |
| SHA256 | c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479 |
| SHA512 | 768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012 |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-wal
| MD5 | 563dae9837dc5cacae71cb0c448e5d73 |
| SHA1 | bbec5a41782ccf05973811e7467513bb355fdf6b |
| SHA256 | ec5811bcb24cbae50ffc9f835cfa9e500896332f83fe36ec4262d029a647e4c1 |
| SHA512 | e4003e36d64890c1e4b9bd513573c6908e6d3e1cd12135b173dacb153573f6d418c006aa447653052e769ca2e46b796523872a88271b21b33136fcbd34568e17 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di
| MD5 | a190e3156db8ed95b90cf407174f0825 |
| SHA1 | 6134b505f8e54cfb60cbfb8d2fb793970aaa1530 |
| SHA256 | ec3f367858b8c4f123e0684b50413ba4c5235d03a504194dea567e12ba40f7cc |
| SHA512 | cb2260ff166cad49f18d0e5890bdd2f5945e8972dbc7b1a668bafdaa698b13c4c514966e96501a4b51e21edca9ff550ed63ee4e2b7efb6e002e434f517807e1d |
/data/data/com.azodus.shologuti.mt/app_e_qq_com_plugin/gdtadv2.jar
| MD5 | ce0f508c6335a0f27f412774c447e177 |
| SHA1 | 37e5567b224e0a4af8c00fdea41f1dc00ab4ea4f |
| SHA256 | 365f148e463ef91e0f8d8e6a2050449a5a69019bcc7d96b54e3985e61fa99b53 |
| SHA512 | cdf4ec112bc01517d29480f660d97ef583cec811b7bb512d2ff1dac51177b173d648ec267858f14ceb4274565d432d1b739ac3a95ca49624b18bc2e16cd18bff |
/data/data/com.azodus.shologuti.mt/app_e_qq_com_plugin/gdtadv2.jar.sig
| MD5 | b6eaeba6a1c84dd2404e195e68470847 |
| SHA1 | a5412849f19316b371dd7e00d76f90801c12e4ca |
| SHA256 | 6fa69f99042de4deacde22922488977dc3602d0aa8c86ea86e693ce938feadcd |
| SHA512 | e6ae9ff6b2f5afc3e362ceb9b357ed48611f4de091cc2e7695046a83ba10f2e90b33b37e29b3cd1be1aa4e254184d64e8b3e98331c43b5ad3156f11f302e0c4a |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-journal
| MD5 | abb395e8e08457626b1e04e940fe44c8 |
| SHA1 | 5044d620524bc930949b2d4a7e7a9bdcf5b6e4d4 |
| SHA256 | c223ea5a3b0c708310bf282286f0d2539dd7446443ec9d5ae20c20c60ec9a261 |
| SHA512 | d9435deaee70e8116b903c1d999db8ebc6c724cb7cca61ffc730b125d38fa75f84393992324f6199606262325a0a0e93ef6cd2134556435f459f5f9b29c162c5 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db
| MD5 | 208f2a664794ee4990d075a1106981f0 |
| SHA1 | 0d4d00060400cfeac0b8aa1edb0d3d196419b482 |
| SHA256 | 66f366fdcd5bb9e2d5283a0c134da8979818aee8b87bc043cb14476f665febca |
| SHA512 | 455b0c3dcfe375830072e954a392c3b42a59e73ad05ff3db4dbe15eb4e845c07a5bac529b242b15243e1ff1208d48abbfdcd5dccf06ed7dcdfd3244b5e6ffbc7 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal
| MD5 | fc7ab4187bbba5fa1b01c5129cc43267 |
| SHA1 | e38e4c5e498878d62914c70c15ca51b16313bdb5 |
| SHA256 | 9d1a808220b9b461895423274f629a568c300b9cc37fb2066e2f905ed0f0846f |
| SHA512 | bfd6a5288925e4231c51952fa7d5e23181e78c4eda2d6754001cd3fff32694069d11b65716338daf4d5461b7524a3491175ed613a9bc82f054ea4481e47dd0c8 |
/data/data/com.azodus.shologuti.mt/files/umeng_it.cache
| MD5 | cac8f02ed0321ec1873071dd43eadfab |
| SHA1 | accbeb6d70e01055828b851a3470893b575441b8 |
| SHA256 | 365e6e5bc83f67c31dd90ec325938c5479d4b470e8be4433f3518fb77eb00a58 |
| SHA512 | eb7b8f94ba07a183d87cbee00c205272df3dc8527865b69b375fb31bbe212bf6afe3dedf5fa869b295f0a519df8e74f058d155eda5455c01f77a29825515ca09 |
/data/data/com.azodus.shologuti.mt/files/.umeng/exchangeIdentity.json
| MD5 | 8aae54922403cd1196b863db3da0147b |
| SHA1 | 4d6afa979a8825ba1b3fde88093c99a66458eaf9 |
| SHA256 | 3b4bd117cec74c38b625a6170fd68a7a1b293c7f501698329bee25c56ca1d7fa |
| SHA512 | 33e741cdeb1aecbf044c1736da651b1d240ef1aa4c4557a260013ff004f7337c4a11d573708d3b6b98adee35671b985335095454b5d155e2390d54d93659f7f9 |
/data/data/com.azodus.shologuti.mt/files/exid.dat
| MD5 | cc9d67fc2afe3d0d2e9fd6c2e5a3d91c |
| SHA1 | 34a7b7c0bb4568bec34e8c35c95cd211a08272d8 |
| SHA256 | 846b2aab20e011b78b4d88f409281398842587dafb6f4f1283e89883e8ba51a4 |
| SHA512 | 37045363b876e39ad8f40612c3d8a0eae410d45fe432b1d14328f1d9c4b3326bcb17bc25eb72940aad25189fe8afca3f387bd657d347afacb221dfa48b0eff29 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal
| MD5 | 8f6700c257e6b1ce2d5c4dab9a0441f4 |
| SHA1 | fe02c645008d4e5bb905ebbd80cb76138a278cc8 |
| SHA256 | 82290b962239a934a77831285a58c913725d5da2e6163f2d8a3e7b6f2cefdecf |
| SHA512 | 593145e3c60a05ab267494ca3d067a134660e9e07220520df39baf940e0f2957a306100a9bafd9284aa2e169a92ec31e7082007dbb309f6ad8b679b68730f2c7 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db
| MD5 | d604a3bf1f8d992cc320ea5b1f7609bd |
| SHA1 | 247f88df0b55c7d523ea5398637711a0e4a483a4 |
| SHA256 | 329940b4d46326d58e73c842dd099704061d0ef7338777bf31ad895f29013c17 |
| SHA512 | 67e28f6713cb5c238a9664df128f01a89a2efb7c8c9330c1e45bc0d40ebab81fa20df5166743d84d81dc0386a89ff0329f022281c098339baa2e851ff0a1e1ab |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db-wal
| MD5 | f9421fc8152e35fce36b9d004c9717da |
| SHA1 | 570873746dde0c4d8969f822433eab713a94df49 |
| SHA256 | 2480bf31a18aef5461f7577e95a41cc00bc1f19a36231d24529dceec916d38fc |
| SHA512 | c6b8152b14716a795af680f27c971c846348f2785b4e2966a7d2964f0840f5bb21457c7682b95e3df5d250d28a57cc80c7bbbf5485a6345e685a4881bbbe8ad8 |
/data/data/com.azodus.shologuti.mt/databases/cc/cc.db
| MD5 | ce6135aa1b1fe4f2c2db2a546d2a5558 |
| SHA1 | 79b59582154017aadab783dc266fcb158c252940 |
| SHA256 | 7b45f576c08c7f78220168cca4a0e33198b13e9bdc8b1da406ddb6887412000c |
| SHA512 | 2839075fe374c8567c839ae35ce2d33ec72fdaebf170aa7d224b555e5b0e74d4a43f2f67d17ed806dae841da883e9620d788ea052d06152678afa927307c7ce4 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal
| MD5 | 3c6f1c88f4827c1cf53661f5891167c1 |
| SHA1 | 81c8bbb7371922467e3d7f9255ea3168319ea926 |
| SHA256 | 56b939a8561b21d90749e7b6a94671de85811dbe61f4551cd1752bfb3128f80b |
| SHA512 | 8eccbdaa9b3c0fb376c9722ba31524362b13b11af068b57681acf1e43bd64ffda05d9818080290cebecf43184a01aeb8488eb9ff2d725f9b953ccf641ebb4f1c |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db
| MD5 | ccff7c96b48efc46dbe128606e09ee9f |
| SHA1 | 2f05a77d17f4f6e649d42d5776fe91bf9c3d432c |
| SHA256 | 6cf772efd7dd5ff99ef9d3f227bf7126e3342e76430766996f92145d47992934 |
| SHA512 | 6eea8b24c11cd3f1d611936ba05044986b38665cd90119cc18cf62df37ff38d82c28e98cfbdf0b7f72f004b96256b043ae2d5545ad8213c46bcd03b452de2390 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal
| MD5 | aee16ce750102dc20f1615f9a531c0f7 |
| SHA1 | 7773c5f42f78a9ed9a8476cff7b1d8e911ec0e4b |
| SHA256 | 16931139817aa30f7f828af2f281c25caf2acd51828382c7e88003988f52dd0e |
| SHA512 | 2884aecd6439211bedb40ffd41eeabe64af550dfdec73406e4d033a6cb0a9799c3a291cc91941809c74b9da5f014ce509af463e2a685240835d4ce8b7806674a |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db
| MD5 | 7e2c0bd497963c036ca3d77627d7c54f |
| SHA1 | a5f3a09b1f66273d1feab4070a9b84592e88d066 |
| SHA256 | bcdbf774468cf16fd863aac082682ce534e1b8f5044df59b73f204fb6582bbda |
| SHA512 | 0681dddad318340cba58a17878902fd921c06a91d4eebdfd99ba34edd9a301d61067eb6a7b74a96953561a517940b5ceca3536592df637151685132b601515a9 |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db-wal
| MD5 | 8028ffebbcd6c470ee752ae29dd27200 |
| SHA1 | 8f9cfeba13ce1308c581701df1695cf9fbfe5f66 |
| SHA256 | f46c16a285d4e5b62e6cc61f2bd1db6756e18f82f167512388a276c577e4155f |
| SHA512 | 26639add2aa9bc5b2829e344491538f362ad3871017933e1a2867735ac73ac98b491ae5a5bebb924c04aefdedacbdc0ccedfb91e05827955e57b6f81e2e7d17a |
/data/data/com.azodus.shologuti.mt/databases/.ua/ua.db
| MD5 | 41f7220b0df6ec38a99648dc988be179 |
| SHA1 | 97d73aa3f93c5c2f60dc6d148a51523f7a52f797 |
| SHA256 | 145fecedbedd8081d0e63500ab52bfcccb796ffcec284fc82ab657a73bcdd8c4 |
| SHA512 | c0e858d8723b02551b03e76e5b0726eb511d19fa102fa922adcd9d4090f0827b4eeca07be685078349e45fdf0dd1b3b3d693190f311b4ad32348d8fc4ba280ee |
/data/data/com.azodus.shologuti.mt/files/ebody/res/805/oat/vva.jar.cur.prof
| MD5 | 010a57a894aea15b133a36b227c057df |
| SHA1 | 1f320f46c0e5db1b1a6854199510f20f93ba6c36 |
| SHA256 | 8300e98904e801589bbdc43e39d63e5e99dcb4a40d75cbf727bf46b82b7094b9 |
| SHA512 | f625f15d93a2b6c154aa266a2a398bfd653cfcd20cb73091986b2c1f1e8dd1658a54f25406874493f13ee6a4376308d70215e3a9ed7214e42a4654d96937bd80 |
/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db-journal
| MD5 | 66009cd01e6dbdeea2e3514efde6ab22 |
| SHA1 | e321a7b9c8462322af572ecdd9abb3b6c268346d |
| SHA256 | 66de5cd57e824b651798e81591a93be078dccd17a88de5eca6dfffbcd7a98329 |
| SHA512 | e34ee053e2aa2a9e0801046bc28e950b8372eac31512147636780f1955402a2a131d2caed61e0be60a8117814b1f739375ce6f80a7ce89dfd628d59638af7a19 |
/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db
| MD5 | f2b4b0190b9f384ca885f0c8c9b14700 |
| SHA1 | 934ff2646757b5b6e7f20f6a0aa76c7f995d9361 |
| SHA256 | 0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514 |
| SHA512 | ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1 |
/data/data/com.azodus.shologuti.mt/databases/google_analytics_v4.db-wal
| MD5 | bd31a3970ae18a604d3079b0c1358eaf |
| SHA1 | 157b8cc2b126e287d3ea96a45533d3bbbfd7e63e |
| SHA256 | 764502c2ac2795d3a0547cd919a1cb5696c36723b117f57faabc43fe2934d08a |
| SHA512 | 5c203e07deea3b80be6d70713631ff5ca7b11dc1cdf0d5fd0ad83fe42fe38dafb54f9895f830afcf6b564de91ddeeebd49b2fbf40bdbb82627cb61366036ed64 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ac
| MD5 | 2bf7dd7a9814652839871d8d6c23c54a |
| SHA1 | dad7357bc34048ede922939139dd2598b06d3aac |
| SHA256 | 16c10e7518776fade826786182d2166b7492e5d6f24280b45ea524e964112895 |
| SHA512 | 59c7210d3a8e988458bd80b14969f86eefbd34d479be512b6f1af7e9c6a1e555c15f022e8a981d7af13219bf9e24a9cf0e52df5c830a7c5393ee183003d17990 |
/data/data/com.azodus.shologuti.mt/files/gaClientId
| MD5 | 355a732b3f0747fab102ce24b6126383 |
| SHA1 | 2e02e0b33697f6242a8279aeddee52bd36ae3ccc |
| SHA256 | db4a8230689e3965d0c454da52057053ae6416193e319e80143e5a418f477ef8 |
| SHA512 | d01da88c53ced26a1404a6cf44d2d851c444bfc121b3fbc53428e29e676933c5aa57c9d12636a16b152e18354bedeb9888e2ef3c64e451edfd966e02adff2884 |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/config
| MD5 | 8673a8ac0b06a9d056d08d62f857ba4b |
| SHA1 | a351bea1932270bafbe468584058fef20dcfc31e |
| SHA256 | 83b3f90c4edf1f122c8faf9784ca0aee4dd017c65493ac181c1814211703db96 |
| SHA512 | edf28eb7fcef654f139285d308f817ee230d6f064a4c865109d6dfe6f73c11f8f35737c8159c8a302118237ab980899ba5773f547cc9da4028643a53b08e324f |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/s
| MD5 | 7452951fc9c90ddda3f7e073e20d1406 |
| SHA1 | c5370a5e6fcc8bef8cf6cb50ff2d672852ac4b01 |
| SHA256 | 3cc6040c1a58c3c95399a4f396c16254055c2b58f37d9267218beab001874abb |
| SHA512 | 9b74fe92800b712a86db459570a36a87a1e165b94188b48ba63fee86750e8e38575f17f6ced2ee03792f94a36b0ac57d83443b2ce7f3c81103635eb6d83297cf |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/g
| MD5 | c81e728d9d4c2f636f067f89cc14862c |
| SHA1 | da4b9237bacccdf19c0760cab7aec4a8359010b0 |
| SHA256 | d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35 |
| SHA512 | 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114 |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400000.0ef75f53/e
| MD5 | bd5a687a0cc910265f19fc9724fdd28f |
| SHA1 | c8ef807ec76b261f3b5fc1cd3df76ac5e21eb6d0 |
| SHA256 | 8b78a5a8e0fb3b1e83f851cceb9dd326106979b13480e1d94265b41b8b1ee402 |
| SHA512 | 2c3b9ef4eeb8569500362b0527fdcfc5dd7ca44279b9df3c5511f504690cc38b52f72744750dd1c306161e31f622ebe566bd779a39fd3a9ee17a466547ccb31f |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/values
| MD5 | ef93988b7aa1a6c507d302477c9a2801 |
| SHA1 | ec980d1c01f354113a44929f8eeabdd102e5f9d8 |
| SHA256 | f5eede007862e1e123d9f18eb112ff284e480164760791483904e05dde8b0c8b |
| SHA512 | 07710ab7a1e578d285cb95eec81641a936c6828dd920d0ffdcec9acc8cf24a813eca4d809a2a8d0e43e8e4ba183c8cf771cb7fcb368343170612c3387568c01d |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400001.0ef75f53/e
| MD5 | ae128a282ea14ffac9dec9a18de28016 |
| SHA1 | b9eac0a9289ccb931d00d66ecc61db6416ebd117 |
| SHA256 | 2cbb851beff05e2aa04fccbb28f96655269816e8d8a0fd34eb10413d231c5266 |
| SHA512 | 05c0351420c7a92a1e26897e02600a2cbb1c479e8a6911f8abe55cc5560a68897dcd8c34b9e7ed9aac7e6b404b5cf461d8cc437c9a16dc9e01ab76e276f023c4 |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400002.0ef75f53/e
| MD5 | 4d15e3a4e36b9a66b73f700ec6fcd8e0 |
| SHA1 | c440f3146a9b807b5d943156dd4a2030ee186384 |
| SHA256 | 5418c36c8ce452158369c04c856159014260e941ef3e547a3580b2221acc8706 |
| SHA512 | b24b6d6010356c5733bab5ed7071b4689319bf9051468067d65969c44b658fe99eac1af9e0840b3464d041e3439c4fd30eb09746ad7ffc1eb21f1a548ac200ac |
/storage/emulated/0/Android/data/com.azodus.shologuti.mt/files/Unity/local.b18a5c8b94f72bc42bcc4fc6b54360ed/Analytics/ArchivedEvents/171740479400002.0ef75f53/e
| MD5 | 04698e5b10d54852f5309a06b227608c |
| SHA1 | e585c45b4dc33fa87210df17cbd512e461118bc7 |
| SHA256 | 35b1bc35bc260405517c647f1e5db5f7a5d1dd9071e86991e587ead339687ae6 |
| SHA512 | e85cbf7a94e07df9b50841aba5931dc314843d7d3823c92ab7ae3e02040590572f49cf407067e403adafc3cb57e6063a38b6680f09995849256a5a3787bd9370 |
/data/data/com.azodus.shologuti.mt/files/.um/um_cache_1717404893931.env
| MD5 | 6d54b624b134953c32a877efc81402ae |
| SHA1 | 522d9933f05e1e7d7ba4d87f4f28bb19912d97ac |
| SHA256 | e21487299418191d4653ed53e84b7a5c52e964ac5c8b70447ac274540b3eafa6 |
| SHA512 | 1c028476cc0fc010338b5235946b041d8762de65242bd42da8a6953e90bf147b5c5ddeb10e5d5518f6b5562bf467f5c3035324d8e09c2a72106156320b5c4d9f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 08:51
Reported
2024-06-03 08:55
Platform
android-x64-arm64-20240514-en
Max time kernel
6s
Max time network
144s
Command Line
Signatures
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/com.azodus.shologuti.mt/[email protected] | N/A | N/A |
| N/A | /data/user/0/com.azodus.shologuti.mt/[email protected]!classes2.dex | N/A | N/A |
Queries information about the current Wi-Fi connection
| Description | Indicator | Process | Target |
| Framework service call | android.net.wifi.IWifiManager.getConnectionInfo | N/A | N/A |
Checks if the internet connection is available
| Description | Indicator | Process | Target |
| Framework service call | android.net.IConnectivityManager.getActiveNetworkInfo | N/A | N/A |
Processes
com.azodus.shologuti.mt
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 142.250.187.206:443 | android.apis.google.com | tcp |
| US | 1.1.1.1:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 142.250.178.4:443 | tcp | |
| GB | 142.250.178.4:443 | tcp |
Files
/data/user/0/com.azodus.shologuti.mt/.jiagu/libjiagu.so
| MD5 | f1f265086abdf52a2a9aebdbf231c3f2 |
| SHA1 | aedb1041a77901faa6a6a20441bf9aeef3636794 |
| SHA256 | 36af2da2a200c9319376d3748e16bb3bc6a0456561ab5c1b976049b961bdd4b4 |
| SHA512 | 1bee24b8111b3c7846016cc01babcc85c7318ec62b22bd9092798f07682fe3d0253bc7c011be9e54ac43fe9fb702fbca8f35a2956a733710675f6d3fa030f279 |
/data/user/0/com.azodus.shologuti.mt/.jiagu/classes.dex
| MD5 | 30139bf954ad64c6be62ecf7430a17e0 |
| SHA1 | feda97efe23845bf970075863b2cc9d4d50de3a5 |
| SHA256 | 279e200035b6d8dde1d8239d4ad497bbf85eea966b20a63da4fb4202fcfacf65 |
| SHA512 | 6155f34ed8aedfa43e0d0e34beb91b444e4032af70ca0f1462ec3a28e488d1d0864c4198ed3eb5001fb7b4071b542674760d51092a1a4075b700f9c3110af115 |
/data/user/0/com.azodus.shologuti.mt/[email protected]
| MD5 | e37629fc6ac72bac9c99c5e2ebb45583 |
| SHA1 | c4d0cadd50defcc04300767ddef47316f8ad7ac6 |
| SHA256 | 761fe21b02a86cc381f608eed04f0adc43da80d477348c9dd4c8a799c1940659 |
| SHA512 | 79b779a45e05c2654a239ac3c5b4767011e55043aea771927995e0e2044775b32838b41361b7b8c9269e1b18f8c4911eab4f79dc8aa3af317a821c054a787bdd |
/data/user/0/com.azodus.shologuti.mt/[email protected]!classes2.dex
| MD5 | 1e39961aa23d1d972d3a504fb0bf4144 |
| SHA1 | d02ff82644dd4d08c06855768afe0115aa3e1c01 |
| SHA256 | ef4b909ebe089f196547c1ed6240c1eb8f1a1123aa1687c03b222d04d984d51e |
| SHA512 | e9094abdf20f57380ad199e88af039454720dc3d6f63f6b8c2998ca12bebb2658f6899ac8096c18b98be8407ef38654d8c83d7d12fa24eb72c1acfd610f84677 |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.ri
| MD5 | d2a039ea0ba95125d80f04035fb625b6 |
| SHA1 | a663361c9e34ad182c4494885278f5ee0876d3c5 |
| SHA256 | d3331a62b295ec1fbcc8128645b57eaac2c20e0477dca7e4882688eecd103326 |
| SHA512 | 7092ffbf46469130556eb040967ea78d52ec2b67149ca47d7b5fb33a4eb1b5e2a5d8f6bf99ad56038cbead1b996c17e47b6a360f6e6490e00b402700ec08edaf |
/data/data/com.azodus.shologuti.mt/files/.jiagu.lock
| MD5 | a9e2d748c3f2e79f2772a72ec2beebad |
| SHA1 | 4ccbfdbe0ef309820ade0c25f9310f425af7fb2f |
| SHA256 | 6ef00812586691c7549207b7ad81648b593f0981fccadbc6096850f729042944 |
| SHA512 | ddc7fd9c2f2ecee8f11eec21b6baac47d311f97b35f4185f12d0b9cac2e40e8e69e91be290e87c454ceda66d05e8cf8bbcd6df66fb11c1cf645428e70f97927f |
/data/data/com.azodus.shologuti.mt/files/.jglogs/.jg.di
| MD5 | c302653a07dd0748e3f82448252f7ccd |
| SHA1 | f321ad962d92a17b8953d26e246eeb2c32fb391f |
| SHA256 | 00396bd09db9bac3fc63e3752407caec42403a6d6dda201375f69eb7bf6e9207 |
| SHA512 | 94badcf242a1280cb11c665c6760006ca5711dfbea727a02ae5fccf51bcdbfd8a81fc17e66d864913c17290f67b26e42a40913ab4f3f289f53cee9ecccfd1b08 |
/storage/emulated/0/360/.iddata
| MD5 | 0ad2fb6fe4553e3e41d752b8ad270eb5 |
| SHA1 | 11d7efcccc403c3fa57f8e74fce37ed99f6864aa |
| SHA256 | afc752bba41051b07db11005f9c56a8f382af514c80db1fee117dfda9a68aca0 |
| SHA512 | 5aa30ba6259c19b940712f31e60662ceab914b80e6af90d29e9427bd6df6fc7df4defd6117af68f2c974e274fe763986aacd9eb8014b0340a8c96e144725a943 |
/storage/emulated/0/360/.deviceId
| MD5 | 4c4c5285293d5141f582aefa4e038669 |
| SHA1 | e01852a72e5a8e6f7d63a21426b515118196047b |
| SHA256 | 36c5c63f39ddf7a6a9c01946e4f78b95790aa734176802e793e95724a1b5b731 |
| SHA512 | 097aa673273e307f7bfb7c08861ad389d4b5f7fae55d972a5c1636aa66d0b8d23b5eb9b696cefe0e5b942f23969dabf0147397aeca85fb9a4d75e0473104e399 |
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-03 08:51
Reported
2024-06-03 08:52
Platform
android-x86-arm-20240514-en
Max time network
4s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-03 08:51
Reported
2024-06-03 08:55
Platform
android-x86-arm-20240514-en
Max time network
131s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.213.3:443 | tcp | |
| GB | 142.250.200.14:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.14:443 | tcp | |
| US | 1.1.1.1:53 | android.apis.google.com | udp |
| GB | 216.58.212.238:443 | android.apis.google.com | tcp |